As early as 2008 Professor Peter Navarro in his book The Coming China Wars warned of the increasing use by China of asymmetrical warfare. The United States must refuse to tolerate Chinese ongoing “test attacks” on US military computer and satellite systems. A growing problem was China’s ability to acquire sensitive defense industry technologies. Such secrets are often acquirws through highly sophisticated industrial espionage programs. It is often “dual-use” technologies that are transferred by American companies. Professor Navarro then recommended that funds be increased for efforts to detect and prevent illicit technology transfers to China. Existing bans on technology transfer should be strongly enforced. All forced direct and indirect technology transfers in all trade agreements must be banned.
In 2013 then Secretary of Defense Chuck Hagel at an international meeting in Singapore referred to the Chinese state and military entities that are stealing commercial secrets from American firms in cyberspace. In a speech to the Asia Society in New York in March 2013, outgoing national security adviser Thomas Donilon said that cyber espionage by state-based or state-funded entities is now at the “forefront” of American-Chinese relations. He added that “US businesses are increasingly speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber intrusions emanating from China on an unprecedented scale.” (John Lee in journal World Affairs, September/October 2013).
The report that year by respected cyber security firm The Mandiant estimated that there were more than twenty “advanced persistent threat” (APT) groups operating from China with the government’s support and funding. It designated one of these groups as APT1, describing it as “one of the most prolific cyber espionage groups in terms of sheer quantity of information stolen” and asserting that APT1 alone has stolen hundreds of data terabytes from at least one hundred and forty-one mostly private firms spread across twenty industries. Two of APT1’s four large networks are located in a PLA compound in Shanghai’s Pudong New Area. Given that the compound is host to the PLA’s Unit 61398, whose mission is to engage in “harmful computer operations,” including obtaining commercially valuable data from foreign enterprises, the report reasonably concludes that APT1 is virtually indistinguishable from Unit 61398. This unit reports to the PLA General Staff Department, which, in turn, reports directly to the Central Military Commission—the country’s top military decision-making body, chaired by President Xi himself. If the report is accurate, it can be safely assumed that China’s top civilian leaders in the Standing Committee of the Politburo are well aware of Unit 61398’s activities—and of APT1’s as well.
The Mandiant report concluded that the material stolen from US industry includes electronic data on product development and use, test results, system designs and product manuals, manufacturing procedures, business and strategy plans, negotiation and pricing strategies, and details of joint ventures and collaboration with other entities. Minutes of board and executive meetings and the e-mail content of senior employees have also been targeted.
Estimates by American industry and intelligence agencies put the value of the stolen data in the hundreds of billions of dollars. Washington’s National Counterintelligence Executive flatly stated in a November 2011 report that China is “building its economy” on “US technology, research, and development, and other sensitive forms of intellectual property.”
The Chinese leadership has persisted in its cyber espionage, despite these hazards, because it believes that these activities are essential to the innovation-based economy it sees as its national future. In its twelfth five-year plan (2011–15), the government committed itself to ensuring that the country’s massive state-owned enterprises (SOEs) would continue to dominate key sectors of its economy.
SOEs generate nearly eighty-three percent of the combined Chinese revenues and own more than ninety percent of combined assets of the country’s leading five hundred firms. Indeed, the three largest SOEs in China—Sinopec, PetroChina, and National Grid—make more profit than the combined profits of the five hundred largest private firms in the country, according to 2012 figures released by China’s State-owned Assets Supervision and Administration Commission and the National Bureau of Statistics.
Yet although some giants such as Sinopec and China Mobile pile up enormous profits each year, as a whole China’s SOEs perform poorly even with their monopolistic advantages, gargantuan size, and the state support and leverage that accompanies it.
Stealing information from foreign firms, whether they are located inside China or on foreign soil, is certainly a cheaper and faster way to remedy innovation deficits than to do the hard work of indigenous development. Cyber espionage is necessary because China has become stuck between the rock of its lofty goals and the hard place of its modest achievement. Burdened by statism and the anti-competitive practices that breed its gnawing inefficiency, China’s state-owned enterprises cannot innovate at the level and pace that will produce self-sufficiency, much less global leader status. Its private sector, which might actually rock the cradle of innovation, is stifled by an unlevel playing field and stunted by the legal system’s failure to protect intellectual property rights and the judiciary’s refusal to robustly enforce contract law.
China’s “national champions” in the state-owned enterprises need to out-perform international commercial rivals to grow their revenues in domestic and foreign markets. Since they appear unable to do this on their own, they use data theft to win the game.
(the information above is from the article in World Affairs by John Lee. He is the Michael Hintze Fellow and an adjunct professor at the Centre for International Security Studies at the University of Sydney and a nonresident scholar at the Hudson Institute).
BBC News in July 2015 reported that in June US officials said China was responsible for a major data breach of the Office of Personnel Management (OPM). The hacking of federal government computers could have compromised the records of four million employees.
Republican presidential candidates have commented on the recent OPM cyber hack to attack concluding that the Obama administration has failed to protect the United States against Chinese stealing of secrets.
Marco Rubio and Rick Perry have called for the US to threaten sanctions against organizations linked to hacking, while Mike Huckabee has argued that the US should “hack China back”.
The hack against the OPM is not the first time that China is suspected of beeing behind a cyber attack against the US.
An earlier attempt to breach OPM networks was blocked in March 2014, with the US saying China was behind the attack.
In November 2014 a hack compromised files belonging to 25,000 employees of the Department of Homeland Security, as well as thousands of other federal workers
In March 2014 hackers breached OPM networks, targeting government staff with security clearance, but the attempt was blocked before any data was stolen. The intrusion was reportedly traced to China
In 2006, hackers believed to be based in China breached the system of a sensitive bureau in the US Department of Commerce. Hundreds of workstations had to be replaced