Return to

Aug. 27, 2020
Notes from the Pentagon

FBI warns corporations about Chinese theft
Chinese technology theft costs the American economy $225 billion to $600 billion annually in stolen trade secrets, pirated software and counterfeit goods, according to a new FBI report.

“The Chinese government is the world’s principal infringer of intellectual property, and it uses its laws and regulations to put foreign companies at a disadvantage and its own companies at an advantage,” the online report said in a warning to American corporations.

Business with foreign counterparts must be based on reciprocity and grounded in the rule of law, the report noted, but “the Chinese government does not play by the same rules.”

According to the report, China is using its large-scale technology theft to modernize its military forces, using a range of tools, including joint ventures between businesses and economic espionage.

China “aspires to equal or surpass the United States as a global superpower and influence the world with a value system shaped by undemocratic, authoritarian ideals,” the report said.

A number of government plans and programs are used to obtain foreign intellectual property and trade secrets on a scale that the authors call “impressive.”

Beijing’s “Made in China 2025” initiative seeks to dominate 10 industries, including information technology, computer numerical control machine tools, robotics and aerospace equipment.

The report, “China: The Risk to Corporate America,” includes FBI case studies such as an effort by National Key Dragon Head Enterprises, a government-backed firm, to steal special corn seeds from a U.S. agricultural company.

In another case, a U.S. superconductor company sold wind turbine design services to a Chinese firm, which later hacked the American company and downloaded its proprietary information, eventually costing the company over $1 billion in lost market capital. In a third case, a U.S. defense contractor engineer was sentenced to nearly six years in prison for exporting sensitive military technology to China.

“The engineer stole thousands of electronic files detailing the performance and design of guidance systems for missiles, rockets, target locators and unmanned aerial vehicles,” the report said.

China’s method was described as a four-step process of “introduce, understand, assimilate, and re-innovate.”

“Chinese institutions re-innovate foreign technologies, such as military aircraft, high-speed trains, and nuclear reactors, to develop new and state-of-the-art technology,” the report said. “Such advances allow China to achieve generational advances and save time and money on research and development.”

China uses visits to U.S. companies, academic collaborations, expert recruitment and trade shows in a bid to obtain commercial secrets. China also is using cyberespionage and other techniques to steal data, including “clickbaiting” — concealing hyperlinks beneath legitimate clickable content, such as “like” and “share” buttons that allow hackers to gain access to computers.

The FBI urges American companies to adopt strong security strategies aimed at countering the Chinese industrial spying.

The general in charge of Cyber Command says U.S. military cyberforces have adopted a more assertive posture involving preemptive action against foreign hackers.

Army Gen. Paul Nakasone, who is also director of the National Security Agency, stated in a journal article published Tuesday that Cybercom teams conduct “hunt forward” missions in foreign nations to find hacker penetrations of government networks.

The command is shifting from its initial defensive posture — reacting to foreign hacks — to a more proactive approach.

“A reactive and defensive posture proved inadequate to manage evolving threats,” Gen. Nakasone wrote in the journal Foreign Affairs. “Even as the military learned to better protect its networks, adversaries’ attacks became more frequent, sophisticated, and severe. We learned that we cannot afford to wait for cyberattacks to affect our military networks. We learned that defending our military networks requires executing operations outside our military networks. The threat evolved, and we evolved to meet it.”

The article provides some of the first details of the secretive work by the command.

A wake-up call for the policy was a 2008 cyberattack that compromised both unclassified and classified networks at the Pentagon, the four-star general said.

Gen. Nakasone did not provide details, but he was referring to an attack by a virus-infected flash drive that was unwittingly plugged into a U.S. military laptop at a Middle East base. The infection allowed a foreign spy service, reportedly Russia, to create a digital beachhead for stealing data.

Cybercom’s new proactive posture involves better monitoring inside military networks using 68 cyberprotection teams to hunt for malware.

“The cyberprotection teams have improved the speed and effectiveness with which we detect, quarantine and eject intruders from the military’s networks,” he stated.

Second, Cybercom has adopted a policy of “zero trust” that assumes the enemy knows the system and thus every host, server and connection is treated as “potentially hostile.”

“The goal is simple but strategic: We aim to prevent toeholds from turning into beachheads so that a single compromise will not threaten the military’s ability to accomplish its mission,” Gen. Nakasone said.

U.S. military commanders are now expected to treat computer network defense as an essential requirement and “not an afterthought,” he said.

During tensions with North Korea in 2017, “we realized that an important Department of Defense network in the area was vulnerable,” he said. “Proactive leadership ensured that this mission-critical method for commanding and controlling forces was quickly secured.”

Another feature of the command, “defend-forward,” is designed to counter cyberattacks by states such as China and Russia.

“The Chinese government uses cybercapabilities to steal sensitive data, intellectual property and personal data from the U.S. government and U.S. businesses at great cost to the U.S. economy and national security,” Gen. Nakasone said. “In May 2020, the FBI and the Department of Homeland Security warned about the People’s Republic of China’s efforts to compromise medical research into COVID-19 vaccines. The PRC supplements those cyberspace operations with influence campaigns to obscure international narratives about their activities.”

A recent cyberstrategy described the defend-forward policy as “persistent engagement” that recognizes that corrosive cyberattacks are taking place below the level of all-out war.

“We realized that Cyber Command needs to do more than prepare for a crisis in the future; it must compete with adversaries today,” Gen. Nakasone said. “Defending the United States in cyberspace requires executing operations outside the U.S. military’s networks and that the country cannot afford to wait for attacks to come its way.”

The journal article was co-authored by Michael Sulmeyer, a senior adviser to the command.

The White House announced plans to invest over $1 billion in artificial intelligence and quantum information technology in a bid to outpace China’s work in both fields.

The funding, announced by the White House on Wednesday, will be used over five years to create 12 new research centers: seven National Science Foundation units for artificial intelligence and five Energy Department research centers for quantum technology.

A senior Trump administration official said the effort is designed to counter advances by U.S. adversaries, including the Chinese Communist Party.

“Our adversaries around the world, particularly the CCP, have not shied away from twisting emerging technologies like AI to pursue the use of such technologies that we would not stand behind,” the official said. “Whether it’s the suppression of ethnic minorities, whether it’s tracking private citizens, whether it’s the suppression of speech, information — these are all uses of technology which are not in alignment with American values.”

The funding effort is aimed at assuring that the next major technological breakthroughs are made by U.S. or allied companies and not China, the official added.

Private-sector companies such as IBM and Microsoft are working on quantum and AI technology, and venture capital companies near Silicon Valley have been investing tens of billions of dollars into the research.

The Trump administration is doubling research and development over the next two years for AI and quantum technology, requesting $2.2 billion for the 2021 fiscal year.

David Goldman, an American economist who writes about China, said the federal investment is paltry compared with China’s efforts.

“It’s a baby step in the right direction, but it’s missing three zeros,” Mr. Goldman said.

China reportedly has a master plan backed by President Xi Jinping to invest an estimated $1.4 trillion over five years for AI technologies, for its 5G wireless networks, cameras and sensors that will be used in a range of systems from mass surveillance, autonomous vehicles and automated factories.

  • Contact Bill Gertz on Twitter via @BillGertz.

  • Return to