Based on testimony from top U.S. law enforcement and national security officials in front of the Senate Homeland Security and Governmental Affairs Committee, the Chinese cyber threat to the United States appears to be much greater and more extensive than originally thought. According to FBI Director Christopher Wray, Chinese intelligence agencies are becoming much more sophisticated in how they conduct spying activities in the realm of cyber espionage. They are engaging a variety of different players – ranging from counterintelligence officials posing as diplomats to “for hire” cyber syndicates – in order to carry out the massive and systematic theft of state secrets, trade secrets, data and valuable intellectual property.
The evolving Chinese threat
In fact, so advanced and persistent has the Chinese cyber threat become, says FBI Director Christopher Wray, that China should now be viewed as the “most severe counterintelligence threat” to the United States. While Russia has meddled in past elections and Iran has been linked to cyber threats against critical infrastructure, China has been brazenly stealing U.S. intellectual property and using all of this stolen IP to bolster China’s economic power. For now, say intelligence officials, the Chinese cyber threat is bigger even than the domestic terrorism threat.
At an April 2019 event hosted by the U.S. Council on Foreign Relations that focused on the cyber threat from China, Wray suggested that China was “stealing its way up the economic ladder.” And so it’s perhaps no surprise that Wray used the federal hearing in Washington, DC to describe some of the various tactics that China has been deploying to steal U.S. intellectual property and state secrets.
For example, China regularly recruits university graduates and researchers in order to bring data and technology secrets back to China. To accomplish this goal, the Chinese state systematically abuses certain programs in place – such as the “Thousand Talents” program, designed to entice overseas Chinese to come back to Mainland China – in order to access intellectual property. From the Chinese perspective, says Wray, just about anyone – a diplomat, an executive, a researcher, a student, a hacker-for-hire, or a low-level employee – can become an agent involved in cyber and economic espionage.
To give an idea of just how pervasive the Chinese cyber threat to American interests has become, Wray notes that the FBI now has more than 1,000 investigations open into the theft of intellectual property, with almost all of them leading back to China. At every one of the FBI’s 56 field offices across the United States, there is at least one investigation open into potential Chinese cyber-espionage. Overall, says Wray, the Chinese cyber threat is “deep,” “diverse,” “wide” and “vexing.”
In the past, Wray has cited China’s “societal approach to stealing innovation,” and it appears that the situation is getting worse, not better. While certain events – such as the signing of a new trade deal – might put economic espionage initiatives on the back burner, nothing seems to deter China from trying to tap into America’s trade and commercial secrets. According to Wray and other U.S. officials, simply “blacklisting” a company or banning executives from traveling to the U.S. won’t stop Chinese efforts.
Implications for national security
Obviously, constant Chinese intrusions into both corporate and government computer networks implies a vast threat to U.S. national security. Military secrets stolen from top defense contractors, for example, could be used by China to develop state-of-the-art weaponry that rivals anything in America. Economic trade secrets could be used to bolster huge Chinese tech giants such as Huawei as they expand globally. And access to sensitive state secrets could put U.S. negotiators at a disadvantage when hammering out a new trade deal or proposing new resolutions at the United Nations.
And, say top U.S. officials at the Department of Homeland Security, Chinese cyber threat actors are now carrying out a “blended” approach, in which they merge their cybercrime and cyber-espionage activities. This, too, could have profound implications for U.S. national security. For example, a new ransomware virus developed to shake down private sector corporations for cash might now be unleashed on the computer networks and industrial control systems of critical infrastructure within the U.S. In one nightmare national security scenario, Chinese military or intelligence agencies might attempt to bring down the U.S. power grid or disrupt major transportation hubs.
Responses to the Chinese cyber threat
So what can the U.S. do to respond to the advanced, persistent Chinese government cyber threat and safeguard national security? According to FBI Director Christopher Wray, there has to be a mindset change in America. Instead of focusing on preventing attacks from taking place, corporations and government entities should be focused on detecting and then mitigating threats. In other words, only a naïve person would assume that U.S. networks could be made 100% secure against the Chinese cyber threat. Instead, corporations and government agencies must find new ways to detect threats already present within their networks.
In addition, universities also have a role to play in defending national security. They must become much more aggressive about protecting themselves from exploitation. Chinese intelligence officials are becoming so adept at using students, researchers and academics to steal technology that U.S. universities need to wake up to this fact. Otherwise, they might be facing a situation in which the results of tens of millions of dollars of U.S. government funding have essentially been diverted to China. And private corporations should re-think current practices, such as storing any of their sensitive corporate data on Chinese servers based in China. According to Chinese laws, it is relatively easy for the Chinese state to get access to this data as needed.
New approaches to cyber defense
The big question, of course, is whether the U.S. will eventually carry out a much more offensively-minded strategy in order to deter the Chinese cyber threat and protect national security. For example, suggests U.S. Senator Mitt Romney, the U.S. government might engage in a strategy of “mutually assured disruption,” in which U.S. intelligence agencies carry out tit-for-tat cyber attacks against the Chinese. That might at least make China re-think its approach to counterintelligence, say some U.S. lawmakers.
Of course, there is always the risk of escalating things too far, too fast, but obviously, something needs to be done to mitigate the Chinese cyber theat. It’s now possible to argue that the unofficial Chinese technological development strategy of “rob, replicate, replace” has gone too far already. If the U.S. is serious about protecting national security, then it needs to meet the Chinese cyber threat head-on.