China’s Amateur Spying Problem

Recent Features

Features | Economy | East Asia

China’s Amateur Spying Problem

Many see China’s economic espionage as state directed. Actually, marketization of its defense and high-tech industries means there are plenty of freelancers.

With each week seeming to bring with it a new example of a cyber attack launched from China, the issue has in many minds become inextricably linked with the Chinese government. And with China’s state-owned firms dominating the country’s economic landscape – and with Beijing’s apparent willingness to protect them – this perception is only likely to grow.

Yet the U.S. government’s recently released Report to Congress on Foreign Economic Collection and Industrial Espionage, 2009-2011 may well overstate Beijing’s role, while understating the systemic factors, both inside China and internationally, that are now driving economic espionage.

This isn’t to suggest that Chinese intelligence services aren’t involved in the clandestine collection of foreign science and technology – there’s abundant evidence that they steal foreign secret, proprietary, and even open source technologies. The real questions are what kind of economic and industrial secrets are Chinese intelligence really stealing, and how much of the danger to Western interests is really state-directed?

The big espionage cases over the past decade in which Chinese intelligence is alleged to have stolen foreign technology have primarily involved military intelligence interests. For example, Chi Mak – a spy for Chinese military intelligence – reportedly provided the Chinese military with information on damage control systems for U.S. naval vessels and the new Quiet Electronic Drive for the Virginia-class submarine, as well as a specialized circuit break for submarines and the power distribution system for Aegis-related weapons and radar.

Between 2006 and 2008, a Chinese military intelligence agent attempted to use Defense Security Cooperation Agency official Gregg Bergersen to give the Chinese military access to the hardware associated with the Po Sheng – a sophisticated U.S. command, control, and communication systems suite to link Taiwanese forces together and enhance their interoperability with U.S. forces.

Even efforts to penetrate Taiwan’s Chungshan Institute of Science and Technology – the military’s premier weapons development institute – seem to have the Chinese military’s information technological needs at the forefront. For example, missile developer Huang Chen-an, who was arrested for espionage in 2003, provided China with information on Po Sheng and the electronic parameters of Taiwanese missiles.

Example can be piled upon example; however, the basic point remains: Chinese intelligence appears to be a secondary player in economic and industrial espionage. In a list of Chinese economic espionage cases released by the FBI, only four individuals out of 29 successfully prosecuted for economic espionage-related crimes between 2008 and 2010 were involved with Chinese intelligence agencies. Most of these economic spies sold highly technical components or export-controlled equipment that would be of use to engineers and industrial researchers rather than military planners and electronic warfare specialists.

If China seems to generate more economic spies than anywhere else, the obvious question is why? And why do so many “amateurs” get caught?

The French intelligence services have admitted to being involved in intelligence operations to support French business interests. However, French economic espionage never seems to make headlines. It’s not as though economic espionage is easy to uncover and to prosecute, especially in democracies with high burdens of proof like the United States. These two questions suggest something about China that encourages untrained amateurs to pursue criminal entrepreneurialism, and Chinese researchers to tap foreign sources of knowledge by any means necessary.

The National Counterintelligence Executive’s (NCIX) answer to these questions is to hold the Chinese government responsible. Perhaps it’s an offshoot of the “grains of sand” view of Chinese intelligence – a view that posits a vast network of collectors with Beijing at the center sweeping up technology. Or perhaps it’s based on the assumption that the Chinese state owns the economy, making economic espionage Beijing’s prerogative.

But while the Chinese state may be at the heart of the economy, the market reforms of the last thirty years have reduced Beijing’s control over the day-to-day company matters and created business interest groups that pressure the government – national and local – to support their more narrow and parochial interests. The overriding concern with GDP growth has also given companies more freedom to operate.

Unfortunately, the NCIX report challenges this view with little justification and, in some cases, misunderstanding Chinese government programs. The report tells us, for example, the 863 Program “provides funding and guidance for efforts to clandestinely acquire U.S. technology and sensitive economic information.” However, Beijing initiated the State High-Tech Development Plan (known as 863 because of its start date in March 1986) to guide and to fund a research program for national technological modernization. It’s an overt program to fund scientific and engineering advancement, not a clandestine slush fund. At least in this respect, the Chinese government is guilty only of trying to incentivize Chinese researchers into developing world-class capabilities in strategic technology areas as fast as possible.

However, 863 Program funding makes its way into illicit technology theft in two ways: anxious recipients who can’t complete a project with indigenous parts and criminal entrepreneurs who seek to exploit the program. For example, Silicon Valley software engineers Ye Fei and Zhong Ming attempted to transfer intellectual property to a company in China, with the FBI’s investigation revealing the two sought 863 Program sponsorship for a company they planned to start with their ill-gotten technology.

The problem is Beijing has put a lot of money on the table without much in the way of guidelines for how researchers go about fulfilling their grants in an increasingly competitive and marketized Chinese economy. Combine this with a loose regulatory environment for intellectual property rights’ protection and the result is a big gray market for technical gadgets and specialized components needed to overcome technical hurdles and meet project deadlines. While the broad contours of the needs of Chinese leading laboratories can be identified, the specific requirements are as unpredictable as technical glitches, giving Chinese economic and industrial espionage a scattershot look despite its focus.

If the report lacks an appreciation for the marketization of China’s defense and high-tech industries, it fares even worse on the cyber front. “No evidence of involvement by independent hackers in economic espionage has been found in intelligence or academic reporting to date” may be technically true – intelligence or academic reporting that feeds into NCIX may not contain such references – but the reasoning is suspect if not outright false. The absence is “in large part due to the absence of a profitable market for the resale of stolen information.”

Corporate spooks, however, tell a very different story. While true that few companies will buy obviously stolen information, information is easier to launder than money and leaves fewer traces than cash and international financial transactions.

As Andrew Brown points out in his recent book The Grey Line: Modern Corporate Espionage and Counterintelligence, information laundering is a large and growing market even if only based on the growth of specialized consulting services, promising strategic insights into the competition.

Apart from transferring information from place to place, the Internet also allows companies to plant stolen information discretely in cyberspace, allowing them to claim the stolen information as legitimate, openly-available data. Such techniques far outpace the ability of law enforcement to keep up, especially when information crosses international borders.

It’s easy to treat Chinese protestations of innocence on hacking with the attitude of “the lady doth protest too much,” but it behooves observers to be more careful. Just because Beijing’s interest is in denying hacking doesn’t mean China is lying – at least not entirely. While few companies have an interest in collecting information from the systems of Tibetan government-in-exile, Beijing clearly does, and the GhostNet investigation showed how the fruits of such cyber activities ended up in the hands Chinese border guards. Targeting U.S. defense industrial companies or computer security companies, or a bevy of other commercial targets, is in the interests of a variety of foreign government, military and corporate elements.

Making China appear the guilty party isn’t particularly difficult for even the modestly talented hacker. Most Chinese computers – more than 90 percent by most estimates – use pirated operating systems and software, meaning they don’t receive regular security patches and so retain nearly all of the original security vulnerabilities.

This lack of security suggests such systems are exceedingly easy to exploit and can be used as a stepping stone toward more important targets. The extent to which Beijing is aware of this practice could explain China’s sense of vulnerability and exasperation at always being criticized.

Ultimately, placing responsibility for most of this activity on the Chinese government implies foreign governments can pressure Beijing to change, reduce, or otherwise constrain economic espionage activity – human and technical – emanating from China. But because of the market and moral hazard inherent in China’s research funding and desire to catch up with the West, countries and companies now are dealing with systemic level challenges intrinsic to a rapidly modernizing China ruled by the Chinese Communist Party (CCP).

So how should foreign, and indeed the Chinese, governments respond? Making individual arrests on low-level collectors and individual entrepreneurs has all of the effect of arresting the street-level enforcer for the mob – a bad guy may be off the streets, but the underlying reasons for why they were there in the first place remain unchanged.

Any positive change will depend on the willingness of the CCP to reform the political system and governance. Unfortunately, the same factors that encourage economic espionage as a workaround are the same factors that allow the CCP to collect rents off of China’s modernizing economy. And Western governments for their part would do well to understand that blaming Beijing may feel good, but this is a problem that goes way beyond government policy.

Peter Mattis is editor of the Jamestown Foundation's 'China Brief.'