Foreign Policy Blogs

Trading With The Enemy: Sino-American Cyber-Espionage

China has over 400 million internet users, more than any other nation.  This exponentially increasing population of Chinese netizens entering the global  internet community has not come without serious negative externality.   Over the past decade, there has been a marked increase in cyber-espionage and hacking coming from Mainland China.  Espionage is not new, even between close allies such as the United States and Israel, but the unusually high frequency and intensity of  Chinese cyber-spying from both state and non-state actors is causing great concern.

Besides the traditional attacks on security institutions, Chinese hackers have placed a new focus on private business.  For example, over the last several months network, security experts have noticed that Facebook internet traffic has been purposely routed through China.

“It’s real. It is happening. It can’t be described as an ‘accident’ anymore,” Joffe [Rodney Joffe, senior technologist at DNS (Domain Name System) registry Neustar], who observed similar traffic snafus involving China last year, said in an e-mail to CNET today.

Although Beijing is notorious for draconian internet censorship, having invested inordinate resources in a 30-50,000 man-strong  internet shield, known as the Golden Shield (金盾工程: jīndùn gōngchéng), the new focus is on offensive international attacks and data gathering raids.  In the case of Facebook, analyst are concerned that China is spying on foreign users in order to lift session ID information, personal information, e-mails, photos, chat conversations, all in order to  lift propitiatory information, as well as monitor human rights activism.

The issue of Intellectual Property theft has become a palpable one.  Western economies, especially the U.S., have become knowledge based service economies, where first mover advantage and property right protections are essential to long term economic growth.  The technological advantages the U.S. has enjoyed since the end of the Second World War has been depreciating much faster over the last 10-15 years, especially in relation to the Pacific Rim.   Due to the ease of information transfer, technical capital is being distributed far more quickly than in the past.  Any developed nation, including the U.S.,that wants to maintain its economic edge must address these increasing  cyber security threats.

The infamous “Google E-mail Hacks” of 2010, are a case and point.  Google openly implicated China in an e-mail hacking scandal, but this situation is actually not uncommon, it is just that Google went public and garnered significant media attention due to its status.  Over 34 other companies, tech and defense firms, are also thought to have been targets for corporate espionage by government and non-government actors from China.  Companies doing direct business with “Chinese partners” usually come under attack immediately.  The real numbers are astounding, reported in the press:

A study released by computer-security firm McAfee and government consulting company SAIC on March 28 shows that more than half of some 1,000 companies in the United States, Britain and other countries decided not to investigate a computer-security breach because of the cost. One in 10 companies will only report a security breach when legally obliged to do so, according to the study.

Further Wiki Leaks Revealed,

“Since 2002, (U.S. government) organizations have been targeted with social-engineering online attacks” which succeeded in “gaining access to hundreds of (U.S. government) and cleared defense contractor systems,” the cable said. The emails were aimed at the U.S. Army, the Departments of Defense, State and Energy, other government entities and commercial companies…Between April and October 2008, hackers successfully stole “50 megabytes of email messages and attached documents, as well as a complete list of usernames and passwords from an unspecified (U.S. government) agency,” the cable says.

In a private meeting of U.S., German, French, British and Dutch officials held at Ramstein Air Base in September 2008, German officials said such computer attacks targeted every corner of the German market, including “the military, the economy, science and technology, commercial interests, and research and development,” and increase “before major negotiations involving German and Chinese interests,” according to a cable from that year…French officials said at the meeting that they “believed Chinese actors had gained access to the computers of several high-level French officials, activating microphones and Web cameras for the purpose of eavesdropping,” the cable said.

In mid-2009, representatives of the China Institutes for Contemporary International Relations, a nominally-independent research group affiliated with China’s Ministry of State Security, contacted James A. Lewis, a former U.S. diplomat now with the Center for Strategic and International Studies.  The U.S. government is using Mr. Lewis as a proxy, there have been 3 formal meetings between him and his Chinese counterparts, but no progress has been made.

Various groups in China knows that innovation, like natural resources, is key to keeping the economy growing, which in turn will keep the communist party and it’s hangers-on in the business elite in power.  It appears China will innovate “by hook or by crook”.    The easiest and most cost effective  way to innovate is to steal.  Corporate espionage can be quite profitable:

Business Software Alliance, an international software industry group, estimates that 79% of the software sold in China in 2009 was illegally copied, creating a loss to the industry of US$7.6 billion in revenue. Even more important to Beijing, these statistics mean the vast majority of Chinese computer systems – government and private alike – remain vulnerable to malware.

Malware is important to the Chinese government, because China also claims it has also been the victim of numerous cyber attacks, and therein lies “the rub”.

As Minister of Public Security Meng Jianzhu said in December 2009, “The Internet has become a major vehicle through which anti-Chinese forces are perpetuating their work of infiltration and sabotage and magnifying their ability to disrupt the socialist order”.

Lets get a translation of what Mr. Meng is really saying.  Shall we?

China is no doubt facing a paradox as it tries to manipulate and confront the growing capabilities of Internet users. Recent arrests of Chinese hackers and People’s Liberation Army (PLA) pronouncements suggest that China fears that its own computer experts, nationalist hackers and social media could turn against the government.

And it seems as if China has a lot of disgruntled netizens.  Are “chicken’s coming home to roost”?

In June 2010, the State Council Information Office published a white paper on the growing threat of cyber-crime and how to combat it. Clearly, these challenges have been addressed this year. The Ministry of Public Security (MPS) announced on November 30 that it had arrested 460 suspected hackers thought to have been involved in 180 cases so far in 2010. This is part of the MPS’ usual end-of-year announcement of statistics to promote its success. But the MPS announcement also said that cyber-crime had increased 80% this year and seemed to blame the attacks only on hackers inside China…

These new efforts all contradict China’s long-standing policy of cultivating a population of nationalistic computer users. This effort has been useful to Beijing when it sees a need to cause disruption, whether by attacking US sites after perceived affronts like the Chinese Embassy bombing in Belgrade or preventing access by powerful foreign entities like Google.

Domestic hackers turning on the CCP, is such a concern that the People’s Liberation Army (PLA) has two military units dedicated to this issue, the Seventh Bureau of the Military Intelligence Department (MID) and the Third Department of the PLA. The MID is the offensive arm (or terrorist/spy wing, depending on how you wan t to see things). The Third Department is focused on national defense.  Still, do not expect China to take serious means to halt cyber attacks imminating from the Mainland, instead, expect China to crackdown on non-government aligned hackers who may pose a threat to the CCP (Chinese Communist Party).

Sino-American mutual suspicions are all the rave these days.  Much less discussed in the Western media, but has been on this blog, China’s  love/hate relationship with Russia.  The next installment of this series will look out how increased trade is not necessarily bringing the two Eurasian giants closer together.