IN A NUTSHELL: The US is accusing China of being the ultimate scammer–ripping off trade secrets and perpetuating cyber attacks on civilians. US intelligence officials claim that China’s hacking against the US has increased and evolved. Previously, China’s hacking focused on corporate espionage and intellectual property theft. China’s targets now appear to be “critical infrastructure such as energy, healthcare, finance and transportation” and collecting vast amounts of data on American civilians. Experts worry that China is laying the groundwork for future cyber attacks.
The breadth and depth of China’s state-sponsored hacks is staggering…leading you to wonder: what hasn’t China hacked?
Forget Big Brother, Big Uncle Is Watching YOU
Cloudhopper, Dragonfly, and Sharp Eyes aren’t whimsical hipster names or Proust’s lost short stories. They are initiatives all run (in some way or another) by China. US intelligence officials say that China appears to be on the rebound following a ‘truce’ reached during Obama’s tenure over corporate cyber espionage attacks. Since that ‘truce’, China has shifted its tactics and its targets, from theft of intellectual property to theft of millions of American civilians’ private data and attacks on critical US infrastructure. They have also upgraded their hacker units, from PLA Unit 61398 to the Ministry of State Security. US officials have attributed the Marriott hack to Chinese hackers and have linked it to two other attacks started in 2014: Anthem Insurance and the US Office of Personnel Management. Together, these three hacks gave China access to security clearance files, health records, passport data, and travel patterns. This week, the Assistant Director of the FBI’s Counterintelligence Division warned the Senate Judiciary Committee that China is “…proposing itself as an alternative model for the world, one without a democratic system of government, and it is seeking to undermine the free and open rules-based order …” US law enforcement officials are now now preparing to indict Chinese hackers on this massive operation. Not worried? Experts caution that given the breadth of China’s 2014 hacking operation, it is highly likely that virtually every adult in the US is exposed.
Uncle Xi and His Ragtag Gang of Corporate Spies
China may have shifted its focus from corporate espionage to personal data, but US law enforcement agencies haven’t shifted their focus on China’s economic warfare. According to US trade officials, Chinese theft of American IP costs up to $600 billion annually. In the coming weeks, the DOJ is expected to announce indictments of Chinese hackers; to declassify intelligence related to China’s attacks; and to impose sanctions on those responsible. Last month, the DOJ indicted defense-industry workers of trade-secret theft. In 2014, as China was starting its Marriott/OPM/Anthem attack, FBI Director James Comey quipped: “There are two kinds of big companies in the U.S. … those who’ve been hacked by the Chinese, and those who don’t know they’ve been hacked by the Chinese”. China’s victims include firms as big as Google and Apple. And, their methods of IP theft are diverse (corporate espionage, cyber attacks, and forced technology transfers) and difficult to combat since Beijing courts rarely side with American firms. Industry analysts claim that China has built entire industries on stolen IP that US companies spent years and billions of dollars to develop. Some have accused the Chinese government of aiding and abetting IP theft. US intelligence agencies say they don’t engage in espionage for economic purposes; Chinese do. American officials have accused China of trying to steal what they cannot create on their own–with the ultimate goal being to out-innovate the US. Some analysts lament that espionage is simply the cost of doing business in China’s massive market. Under current law, the DOJ can only bring charges of economic espionage against offenders abroad. Maybe policymakers could fix that. Or, they could just take a page from Gucci–Gucci made this year’s hottest trend by really leaning in to derivative counterfeits.
Crazy Rich Asian on Bail in Canada
Huawei has recently been in the news due to the arrest of CFO Meng Wangzu. Before her arrest, the tech giant was already under scrutiny for possible “kill switches” in its equipment. Last year, the US military ordered retail outlets on US military bases to stop selling Huawei phones over concerns that the devices posed a security risk. Security analysts warn that, given China’s state-centric economic model, Chinese tech companies will allow (or will be forced to allow) the Chinese state to monitor activities of anyone using Huawei technology. (By the way, Australia has similar plans.) Meng faces extradition to the US on charges related to Iran sanctions violations. However, security analysts say that the worry should be over the tech giant’s ties to the Chinese government, not Iran sanctions violations per se. Already, SoftBank has announced plans to remove existing Huawei equipment over security concerns that the equipment could be used for spying. Military analysts say that Huawei’s biggest threat stems from 5G (the next generation of wireless networks) since self-driving cars, military equipment, and factory robots will be connected via the network. So far, Australia and New Zealand have banned Huawei equipment in 5G wireless infrastructure.
Next Level Guerilla Warfare
This week, the Assistant Director of the FBI’s Counterintelligence Division warned US Senators that China’s cyber espionage was a severe national security threat. US military officials say that China’s military advancements have come at the cost of industrial espionage. Analysts point to China’s new J-20 and J-31 stealth fighters that closely resemble the US F-22 and F-35 jets. This week, as part of the Trump Administration’s initiative to fight Chinese economic espionage,
US prosecutors charged two officers of China’s Ministry of State Security and a team of hackers with the attempted theft of jet-engine technology. Earlier this year, the US Navy confirmed that Chinese government hackers had hacked a Navy contractor’s computers and stole over 500 GB of highly sensitive data on undersea warfare. The Trump administration has announced plans to step up indictments of and sanctions on China-backed hackers. The Hoover Institute warns that China relies on a broad range of state and non-state actors to advance its objectives and has recently accelerated the intensity of their efforts to undermine US democratic institutions.