October 6, 2014:
The United States recently revealed that during 2012-13 China based hackers got into networks of at least twelve commercial firms involved with moving equipment, personnel and supplies for the American military. It was implied that such covert Internet based surveillance of American logistics efforts was still a problem. This despite efforts to improve the network security of the firms involved over the last two years. China, as is their custom, denies everything.
All this was made public to make the public more aware of the extent, persistence and skill of Chinese Internet based espionage efforts. This apparently is apparently being done so that that if and when the U.S. does strike back, with sanctions or Internet based mischief, it won’t come as a shock to the public and there will be more appreciation for how widespread this sort of thing is and how long it has been going on.
While the logistics hacks appear to have been commissioned by the Chinese military (who take a keen interest in developing ways to understand and interfere with the enemy logistics efforts) even Chinese freelance spies are using hackers to get specific data. These freelancers put together collections of stolen data they feel will be attractive (and worth paying a lot for) to Chinese intelligence agencies or commercial firms. Thus in Mid-2014 the U.S. charged a Chinese citizen (Su Bin), based in Canada, of just that kind of espionage against the United States. Su Bin was working with two Chinese hackers to steal technical data for American military aircraft (especially the C-17, F-22 and F-35). The thefts took place between 2009 and 2013. These three appear to be freelancers, although Su Bin had plenty of contacts with Chinese aviation firms and thus had no problem finding buyers for whatever the trio obtained. Su Bin was arrested in Canada and is being extradited back to the United States for trial.
In the last few years more American officials have come to openly admit that a whole lot of American military and commercial technical data has been stolen via Chinese Internet (and more conventional) espionage efforts. The Americans are not providing details of exactly how they collected all the evidence, but apparently it is pretty convincing for many American politicians and senior officials who had previously been skeptical. The Chinese efforts have resulted in most major American weapons systems having tech details revealed to the Chinese, in addition to a lot of non-defense technology. It’s not just the United States that is being hit but most nations with anything worth stealing. Many of these nations are noticing that China is the source of most of this espionage and few are content to remain silent any longer.
It’s no secret that Chinese intelligence collecting efforts since the 1990s have been spectacularly successful. As the rest of the world comes to realize the extent of this success there is a growing desire for retaliation. What form that payback will take remains to be seen. Collecting information, both military and commercial, often means breaking laws and hacking back at the suspected attackers would involve even more felonies. China has already broken a lot of laws. Technically, China has committed acts of war because of the degree to which it penetrated military networks and carried away copies of highly secret material. The U.S., and many other victims, has been warning China there will be consequences. As the extent of Chinese espionage becomes known and understood, the call for “consequences” becomes louder. So far, it’s not loud enough to produce any Western response, at least nothing that is visible to the general public.
China has tried hard to conceal its espionage efforts. Not just denying anything and everything connected to its hacking and conventional spying but also taking precautions. As their success continued year after year, some of the Chinese hackers became cocky and sloppy. At the same time the victims became more adept at detecting Chinese intrusions and tracing them back to specific Chinese government organizations or non-government hackers inside China.
Undeterred, China has sought to keep its espionage effort going and has even expanded operations. For example, starting in 2008 China has opened National Intelligence Colleges in many major universities. In effect, each of these is an "Espionage Department" where, each year, several hundred carefully selected applicants are accepted in each school, to be trained as spies and intelligence operatives. China has found that espionage is an enormously profitable way to obtain valuable military and commercial secrets and rewards those who have talent and make a career of it. The Internet based operations, however, are only one part of China’s espionage efforts.
China has always denied these espionage activities, even in the face of copious details revealed during the trials of Chinese citizens, or non-Chinese giving details of who in China was buying what had been stolen. Recently the Chinese have tried to deflect attention from their spying by claiming they are the victims of massive American espionage efforts. These claims gloss over the fact that the United States has a lot more stuff China wants than is the case with U.S. seeking Chinese secrets.
While Chinese Cyber War operations in this area get a lot of publicity, the more conventional spying brings in a lot of stuff that is not reachable on the Internet. One indicator of this effort is the fact that American counter-intelligence efforts are snagging more Chinese spies. This is partly due to increased spying effort by China as well as more success by the FBI and CIA. All this espionage, in all its forms, has played a large part in turning China into one of the mightiest industrial and military powers on the planet. China is having a hard time hiding the source of the new technologies they are incorporating into their weapons and commercial products. Many of the victims initially had a hard time accepting the fact that the oh-so-eager (to export) Chinese were robbing their best customers of intellectual property on a grand scale. Now Western firms are a lot more wary about dealing with the Chinese.
China has been getting away with something the Soviet Union never accomplished; stealing Western technology, then using it to move ahead of the West. The Soviets lacked the many essential supporting industries found in the West (largely founded and run by entrepreneurs) and was never able to acquire all the many pieces needed to match Western technical accomplishments. Soviet copies of American computers, for example, were crude, less reliable, and less powerful. It was the same situation with their jet fighters, tanks, and warships.
China gets around this by making it seemingly profitable for Western firms to set up factories in China, where Chinese managers and workers can be taught how to make things right. At the same time, China allows thousands of their best students to go to the United States to study. While many of these students will stay in America, where there are better jobs and more opportunities, some will come back to China and bring American business and technical skills with them. Finally, China energetically uses the "thousand grains of sand" approach to espionage. This involves China trying to get all Chinese going overseas, and those of Chinese ancestry living outside the motherland, to spy for China, if only a tiny bit.
This approach to espionage is nothing new. Other nations have used similar systems for centuries. What is unusual is the scale of the Chinese effort and that makes a difference. Supporting it all is a Chinese intelligence bureaucracy back home that is huge, with nearly 100,000 people working just to keep track of the many Chinese overseas and what they could, or should, be trying to grab for the motherland. This is where many of the graduates of the National Intelligence College program will work.
It begins when Chinese intelligence officials examine who is going overseas and for what purpose. Chinese citizens cannot leave the country, legally, without the state security organizations being notified. The intel people are not being asked to give permission. They are being alerted in case they want to have a talk with students, tourists, or business people before they leave the country. Interviews are often held when these people come back as well.
Those who might be coming in contact with useful information are asked to remember what they saw or bring back souvenirs (legal or otherwise). Over 100,000 Chinese students go off to foreign universities each year. Even more go abroad as tourists or on business. Most of these people were not asked to actually act as spies but simply to share, with Chinese government officials (who are not always identified as intelligence personnel), whatever information they obtained. The more ambitious of these people are getting caught and prosecuted. But the majority are quite casual and individually bring back relatively little and are almost impossible to catch.
Like the Russians, the Chinese are also employing the traditional methods, using people with diplomatic immunity to recruit spies, and offering cash, or whatever, to get people to sell them information. This is still effective and when combined with the "thousand grains of sand" methods, brings in a lot of secrets. The final ingredient is a shadowy venture capital operation, sometimes called Project 863 that offers money for Chinese entrepreneurs who will turn the stolen technology into something real. No questions asked. If you can get back to China with the secrets, you are home free and potentially very rich.
But there are some legal problems. When the Chinese steal some technology, and produce something that the Western victims can prove was stolen (via patents and prior use of the technology), legal action can make it impossible, or very difficult, to sell anything using the stolen tech outside of China. For that reason, the Chinese long preferred stealing military technology and tried to avoid using stolen commercial tech in a way that made it easy to determine the source of stolen data. This meant keeping stolen commercial tech inside China. And in some cases, like manufacturing technology, there's an advantage to not selling it outside of China. Because China is still a communist dictatorship, the courts do as they are told, and they are rarely told to honor foreign patent claims when stolen tech is discovered in China by its foreign owners.
But increasingly, Chinese firms are boldly using their stolen technology, daring foreign firms to try and use Chinese courts to get justice. Instead, the foreign firms are trying to muster support from their governments for lawsuits outside China. Naturally, the Chinese government will howl and insist that it’s all a plot to oppress China. This has worked for a long time, but many of the victims are now telling China that this conflict is being taken to a new, and more dangerous, level.