China spy balloon in America waiting to be shot down showing national security and data collection

When The Balloon Goes Up

In military parlance, the phrase “when the balloon goes up” refers to the moment when hostilities with an adversary are imminent. The term, used frequently during World War II, referred to hundreds of balloons, connected by steel cables, being released all over Britain to prevent Nazi bombers from being able to safely fly over cities and release their bombs. To the inhabitants, the sight of these balloons was a visible warning of imminent enemy action.

The Chinese spy balloon that sailed over the continental United States signifies something different. It is the first visual representation of a vast—and increasingly brazen—penetration of American networks and communications systems.

Over the past two decades, Chinese military and intelligence operatives have collected or stolen such a quantity of sensitive data that former National Security Agency Director Keith Alexander described it as “the single greatest transfer of wealth in history.” Cyber penetrations, corporate espionage and trade secret misappropriation are all occurring on a massive scale to this very day. Aside from military personnel records and sensitive technology, Chinese cyber actors have also targeted financial credit reports (Equifax), flight records (United Airlines), passport and travel details (Marriott’s Starwood unit), and protected health information (many health care systems). Couple this information with data that more than 140 million Americans willingly hand over every day to China’s ByteDance—TikTok’s parent company, of which the Chinese Communist Party is part owner—and we begin to get a glimpse of the full scope of China’s massive data collection efforts.

The simple truth of the matter is that we have allowed Chinese and Russian penetration of our systems. We assumed that because Americans created the Internet, we would dominate the technology. That has been a critical mistake. Our software is fundamentally vulnerable because of weaknesses in the supply chains used to create it. Much-ballyhooed cloud computing services are only as secure as the underlying data center infrastructure. And if we have learned anything from Russia’s compromise of SolarWinds in 2021, it is that any company—even the best cybersecurity companies in the world—can be penetrated. The Chinese Advanced Persistent Threat groups tracked by the likes of Mandiant and units of the federal government have proven on repeated occasions that they can penetrate cloud service providers and remain invisible for years, quietly extracting technical information and observing decision-making processes within the targeted institutions.

It is important to understand why China, in particular, is collecting so much data which would quickly overwhelm even the most efficient analysts or data mining systems in existence today. The answer is two-fold: artificial intelligence (AI) and quantum computers.

China is arguably the world leader in AI development. But for AI to work, the algorithms need to be trained on substantial quantities of high-quality data. Chinese laws mandate that any data crossing its border is subject to inspection and must be turned over to government officials upon request. This compulsory data sharing arrangement means that any company operating in China or doing business in China can be compelled (with or without its knowledge) to feed China’s AI development. Add to that the troves of data collected by large Chinese social media platforms, such as TikTok, and China’s quantity of AI training data expands exponentially.

The Chinese government also is collecting as much data as possible – both encrypted and unencrypted – because of the coming era of quantum computing. With a large quantum computer, China will be able to crack communications, stored data, and networks currently secured with conventional encryption techniques. This means that any financial data, trade secrets, health information, classified databases and satellite communications – whether encrypted or not – will be vulnerable. This also means that any encrypted data collected today will be able to be broken and read. Though experts anticipate China’s development of a quantum computer remains several years away, China is laying the groundwork for the most significant compromise of American data yet.

“The digital environment around us has changed so dramatically in the last 25 years, while our government hasn’t kept up,” former director of the Cybersecurity and Infrastructure Security Agency Chris Krebs told a conference in August 2022. “We need to rethink the way we interact with technology.”

To protect against threats, organizations across every sector should look for alternative encryption methods to protect their networks and their data. Earlier this year, the National Security Agency published is “Commercial National Security Algorithm Suite 2.0 Cybersecurity Advisory” in which it detailed how a quantum computer would render conventional systems vulnerable to compromise. “Given the foreign pursuits in quantum computing, now is the time to plan, prepare and budget for a transition” to quantum resistant technologies, it said.

Americans should not view the Chinese spy balloon as the proverbial balloon going up; rather, we should view it as a galvanizing moment to stop a campaign of massive data collection by our authoritarian adversaries that has remained largely invisible to millions of Americans.

By Michael G. McLaughlin and William J. Holstein, co-authors of Battlefield Cyber: How China and Russia Are Undermining Our Democracy and National Security.