Strategic competition is deepening existing tensions and mistrust between states and prompts nations to develop capabilities that they consider central to sovereign national power. Technological capabilities sit at the centre of this. It’s therefore not surprising that governments around the world are seeking technological advantage over their competitors and potential adversaries. In this context, safeguarding intellectual property (IP) has become necessary not just because it’s an essential asset for any modern economy—developed or emerging—but because it’s also increasingly underwriting national and regional security.

Today, middle-income countries¹ that are seeking to progress in the global value chain are home to vibrant knowledge-intensive sectors. Some of the world’s largest science and technology clusters are located in São Paulo and Bengaluru, for example.² Other exemplars include the biochemical industry in India, information and communication technology (ICT) firms in Malaysia and petroleum processors in Brazil. In fact, countries such as Brazil, India, Indonesia, Mexico and Vietnam have emerged as increasingly major producers of knowledge and innovation.³

Perhaps reflecting that changing reality, it’s middle-income countries that are confronted by increasing attempts to deprive them of their economic crown jewels. In our report State-sponsored economic cyber-espionage for commercial purposes: tackling an invisible but persistent risk to prosperity, ASPI estimated that the number of state-sponsored cyber incidents affecting private entities in Southeast Asia, South Asia, Latin America and the Middle East increased from 40% in 2014 to nearly 60% in 2020.⁴ To be clear: economic espionage isn’t new. But it’s the growing scale and intensification of economic cyber-espionage for commercial purposes—and as an integrated tool of statecraft—that is a cause for concern.

In September 2015, a bilateral summit between Chinese President Xi Jinping and then US President Barack Obama laid the foundation for an international norm against cyber-enabled theft of IP for commercial gain. The joint communique produced at the end of the summit highlighted that China and the US had reached an understanding not to ‘conduct or knowingly support cyber-enabled theft of IP, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors’. This—critically—recognised a distinction between hacking for commercial purposes and hacking for national-security purposes. Building on that apparent progress, the 2015 G20 Antalya leaders’ communique on ICT-enabled theft of IP established bounds for responsible state behaviour in cyberspace—what was described at the time as a landmark moment.

However, the promise of that seemingly historic moment has not been realised since. Rather than seeing this practice stop, cyber-enabled theft of IP quadrupled between 2015 and 2023. Higher barriers to market access across China, the US and Europe—the result of tit-for-tat behaviour seeking to bolster local technological capabilities, reduce dependence on high-risk vendors, achieve greater strategic autonomy and/or counter unfair advantage—have combined to incentivise irresponsible behaviour by malign states.

China’s and the US’s adherence was always going to be critical to the continued strength and legitimacy of any international norm against cyber-enabled economic espionage. However, bilateral relations between Beijing and Washington devolved in the period after 2015. During the first Trump administration, the US drew a clearer connection between economic and national security. That included explicitly calling out in 2020 China’s theft of American technology, IP and research as a threat to the safety, security and economy of the US. The Trump administration also established the China Initiative, which investigated and prosecuted perceived Chinese spies in American research and industry. While the Biden administration closed the China Initiative, it has continued efforts to protect American IP. That includes through the passing of the Protecting American Intellectual Property Act of 2022, which empowers the US President to sanction entities seen to benefit from or sponsor trade-secret theft.⁵

For its part, China may never have intended to uphold its commitment to the norm over the long term. China may have endorsed a commitment against economic cyber-espionage as a strategic move to accelerate domestic initiatives, such as rooting out corruption in the People’s Liberation Army and refining Chinese hacking methods to be more sophisticated and less conspicuous.⁶ Alternatively, the lack of a clearly articulated distinction between hacking for competitive advantage and hacking for national-security purposes under Obama and Xi’s agreement may have contributed to the current situation. In any case, the threat of economic cyber-espionage continues to spiral rapidly, increasingly affecting emerging economies as well.

Emerging economies in the Global South, including members of the G20, have been the most vulnerable to that backsliding. India, Vietnam and Brazil have become important and impactful IP-producers, but their means to protect that innovation have lagged—unfortunately creating an expanded attack surface without the commensurate resilience. Still coming to terms with the scope and nature of the threat, they and other similar governments have so far introduced higher-end requirements and support arrangements for their own systems, and for operators of critical infrastructure and critical information infrastructure. However, most other industries—even when they’re substantial contributors to national GDP, high-value IP holders and the enablers for economic advancement—have been left out.

This report is a first-ever analytical exercise that examines the vulnerability of emerging economies in the face of economic cyber-espionage. It’s a culmination of two years of research and stakeholder engagement across the Indo-Pacific and Latin America. The focus has been on investigating perspectives on the threat of economic cyber-espionage and the degree to which major emerging economies are prepared to respond. The first of the three reports in the compendium—published in late 2022—examined state practices of cyber-enabled theft of IP. It found that, since 2015, the number of reported cases of economic cyber-espionage had tripled. Further, it found that the scale and severity of incidents had grown proportionally with the use of cyber technology as a tool of statecraft for securing economic and strategic objectives.

This specific report is the second in the compendium of three. It considers Chinese and US perspectives in the first instance—recognising their criticality to the effectiveness of any international norm. It goes on to assess the level of vulnerability across Argentina, Brazil, Colombia, India, Indonesia, Malaysia, Mexico, Peru, the Philippines, Thailand and Vietnam. This is because it’s those economies in South Asia, Southeast Asia and Latin America that are experiencing some of the world’s most rapid knowledge and innovation production. Each country has been assessed and given a risk label indicating its vulnerability based on a diagnostic tool developed by ASPI.

The third of the three reports in the compendium goes beyond analysing the problem. Through a mapping of responses, it identifies and presents a capture of best practice. The purpose is to support vulnerable states in defending their economic ‘crown jewels’—that is, critical knowledge-intensive industries. It offers a capacity-building checklist intended to help policymakers make sense of the cyber-threat landscape and respond to protect private entities from economic cyber-espionage.