Special feature Cyberwar and the Future of Cybersecurity Today's security threats have expanded in scope and seriousness. There can now be millions -- or even billions -- of dollars at risk when information security isn't handled properly. Read More

Members of the US government held a conference in Washington this week on the topic of Chinese theft of intellectual property from US technology firms and the US academic sector.

Officials said the purpose of the conference -- named the China Initiative Conference -- was to bring the US private sector and the academic and research communities up to speed with the US government's investigations.

For the duration of four hours, some of the highest officials from the Federal Bureau of Investigations (FBI) and the Department of Justice (DOJ) spent their time raising a sign of alarm and putting the private and academic sector on alert about the threats they are currently facing in terms of intellectual property (IP) theft from Chinese entities.

"The threat from China is real, it's persistent, it's well-orchestrated, it's well-resourced, and it's not going away anytime soon," John Demers, Assistant Attorney General for National Security, opened the conference.

"This one to me really stands out as the greatest long-term threat to our nation's information and intellectual property, and to our economic vitality," said FBI Director Christopher Wray.

More than 1,000 cases of IP theft

The FBI director says cases have been piling up since 2018, ever since the DOJ launched the China Initiative campaign to counter and investigate Beijing's economical espionage.

"The FBI has about a thousand investigations involving China's attempted theft of U.S.-based technology in all 56 of our field offices and spanning just about every industry and sector," Wray said.

John Brown, FBI Assistant Director for the Counterintelligence Division, said the bureau has already made 19 arrests this fiscal year alone on charges of Chinese economic espionage.

In comparison, the FBI made 24 arrests all last fiscal year, and only 15, five years earlier, in 2014.

Image: FBI

Wray said the Beijing government has shown "they're willing to steal their way up the economic ladder at [the US'] expense."

Several FBI and DOJ bigwigs were at the conference to hammer the point home for attendees during a four-hour marathon.

US Attorney General William Barr also gave a speech, urging the US and allies to invest in Nokia and Ericsson to counter Huawei's growing presence on the 5G market, but also teased new charges against Chinese hackers.

Adam Hickey, Deputy Assistant Attorney General; William Evanina, Director of the National Counterintelligence and Security Center; several US district attorneys; presidents and CEOs from US companies; and members from the US' biggest universities also gave speeches and attended panels to detail their experiences on dealing with China, and to raise a sign of alarm for other US companies and universities.

Chinese theft takes place indiscriminately

US officials said all Chinese theft operations are happening based on an well-established plan handed down from the Beijing government, with areas of interest to target, which the Sino government sees critical to becoming self-sufficient.

"They're not just targeting defense-sector companies. The Chinese have targeted companies producing everything from proprietary rice and corn seeds to software for wind turbines to high-end medical devices," FBI Director Wray said.

"And they're not just targeting innovation and R&D. They're going after cost and pricing data, internal strategy documents, bulk PII; really just about anything that can give them a competitive advantage," he added.

"They're also targeting cutting-edge research at our universities," Wray said.

Further, Jay Town, US Attorney for the Northern District of Alabama, said the theft attempts don't happen only in the US big cities and technological centers like Silicon Valley or New York. They happen all over the country, from Alabama to Iowa.

Image: FBI

Anything goes

The primary purpose of the conference was to get US companies and the academic sector up to date with all the techniques the Chinese government is using to get their data on US technology.

"China is using a wide range of methods and techniques," Wray said.

"And I'm talking about everything from cyber intrusions to corrupting trusted insiders. They've even engaged in outright physical theft" the FBI Director said.

"They've pioneered an expansive approach to stealing innovation through a wide range of actors, including not just Chinese intelligence services but state-owned enterprises, ostensibly private companies, certain kinds of graduate students and researchers, and a whole variety of other actors all working on their behalf."

Image: FBI

The techniques vary. Some are criminal, while some are in a gray area that US officials hope US companies would know to avoid.

Business partnerships that companies will regret

For example, entering into a business partnership is not illegal, but several of the US officials invited to speak at the conference said that partnerships with Chinese partners often involves a transfer of US technology.

Many times, the Chinese companies continue to use the technology even after partnerships end, ignoring copyrights and trademarks.

Wray says that China is deliberately exploiting the weaknesses and the openness of the US academic environment and the openess of the US economy, while also using their closed system to block US companies from entering the Chinese market.

"They often require our businesses to put their trade secrets and their customers' personal data at risk as the cost of gaining access to China's huge market," Wray said. "And they make American joint ventures operating in China establish those Communist Party cells within their companies."

Lacking access to China's huge market many companies ignore the risks, cut corners in vetting their partners, and enter partnerships with Chinese firms.

FBI officials said many companies don't see the damage their doing to themselves in the long run by handing over costly research & development (R&D) work to Chinese partners at much inferior prices, all for the promise of being able to do business in China.

William Evanina, Director of the National Counterintelligence and Security Center, warns that many of these companies may end up not opening factories of production units in the future due to IP theft, all while Chinese companies will be getting help from the Beijing government via subsidies or other government programs.

Beijing is bankrolling its companies into top market positions through government funds and allowing these companies to skirt all the downsides of having to deal with the lows of the global economy.

FBI officials say they've been having meetings with US companies for the past year to warn them against the practices of the Chinese government and its state-controlled private sector firms.

Investigations in the US academic sector

But the theft of US IP and R&D hasn't been taking place in the business sector only. The US academic sector has also been heavily targeted, primarily due to its openness, its less regulated environment, but also due to its richness in advanced technologies and R&D work.

For example, just last month, the US charged the Chair of the Department of Chemistry and Chemical Biology at Harvard University for lying to US authorities about his participation in China's Thousand Talents Plan.

According to the DOJ: "China's Thousand Talents Plan is one of the most prominent Chinese Talent recruit plans that are designed to attract, recruit, and cultivate high-level scientific talent in furtherance of China's scientific development, economic prosperity and national security. These talent programs seek to lure Chinese overseas talent and foreign experts to bring their knowledge and experience to China and reward individuals for stealing proprietary information."

US officials now fear that R&D work done at Harvard with US government grants may have ended up in the possession of the Chinese government.

Furthermore, this is not the only case, but one of many the US government is investigating involving members of the academic sector.

Image: FBI

Other cases involve US professors, but others also involve Chinese students in the US, who are either recruited by Chinese intelligence services to steal proprietary data or act on their own.

China is rewarding IP theft

According to US officials say that China appears to be encouraging IP theft from foreign countries, and has a system in place to reward these actions.

"There are certainly a lot of cases where we don't have evidence beyond a reasonable doubt that the Chinese government has procured or sponsored the theft, but we see patterns where the theft is rewarded after the fact," said Adam Hickey, Deputy Assistant Attorney General.

"There's a structure set up to encourage it," Hickey added. "So you don't need the state to sponsor it at the front end if the state rewards you at the end."

These sponsorships usually involve government funds for starting a business around the stolen information.

Image: FBI

Hackers play a big role, but so do insiders

And in today's interconnected world, China's hacking apparatus still plays one of the biggest roles in the country's IP theft efforts.

However, Chinese hackers don't act alone anymore. Chinese state-sponsored hacks have also recently involved insiders at recruited at the targeted companies and highly skilled and highly trained intelligence agents that coordinate all these operations from an upstream position.

In October 2019, ZDNet ran a story on how China's efforts into establishing a foothold in the aviation industry by building its own home-grown plane left a trail of hacks across the aviation industry.

Image credit: Aerotime

A nugget hidden in the article was the fact that China's hacking efforts don't involve a "cyber" division at one of its military units, like it used to be in the late 2000s and early 2010s.

Nowadays, China's hacking efforts follow a different pattern.

According to reports from varied sources, Chinese hacking operations are ordered by the Chinese Ministry of State Security, they're coordinated by intelligence officers assigned to specific areas of interest, who in turn hire private contractors in order to isolate and distance any intrusions from the Beijing government. These contractors can be known criminal hackers, security researchers, security firms, or regular IT professionals.

If these contractors can't breach a target, intelligence officers assigned to specific cases come into action. They operate on the ground, near targets, by recruiting company insiders, or even coercing Chinese employees to aide their hacking efforts using blackmail or threats against families living at home.

"This is a story related to me during one of my outreach events and it involved a Chinese national was an employee of an American firm who was approached by someone," said Adam Hickey, Deputy Assistant Attorney General.

"The intimation was that they worked for the [Chinese] government and the request from that person was that the employee take a thumb drive and just put it in his computer at work.

"The suggestion was that if he didn't do that there would be negative ramifications for individuals at home," Hickey said.

While this worked for some time, now, US investigators are starting to catch one to the Chinese government's new modus operandi. In October 2018, US officials arrested the first-ever Chinese intelligence officer on accusations of hacking.

The involvement of Chinese intelligence officers in hacking operations has also not gone unnoticed beyond US government circles. For example, US cyber-security firm Recorded Future also found ties between the Chinese government and hired hackers while looking into past Chinese hacks.

Furthermore, Intrusion Truth, an online group of anonymous cyber-security analysts, have gone one step further. For the past three years, they've been revealing the real identities of Chinese hackers, along with their affiliation with certain provincial departments of the Chinese Ministry of State Security (MSS).

They linked a Chinese hacking group known as APT3 to MSS Guangdong, APT10 to MSS Tianjin, APT17 to MSS Jinan, and APT40 to MSS Hainan.

Following Intrusion Truth's research, the DOJ filed charges against APT3 and APT10, charging individual hackers, employees of security firms, and intelligence officers alike. Speaking at the China Initiative conference, US Attorney General William Barr hinted at future indictments on this front.

"Chinese theft by hacking has continued, and you should expect more indictments and prosecutions in the future," Barr said.

Making people aware

Officials said they had multiple CEO summits and meetings with academics across the US in the last year about the topic of Chinese theft of US intellectual property.

"Because the threat is very different and very incremental you don't necessarily focus on it and how it fits into a bigger picture," said Richard Donoghue, US Attorney for the Eastern District of New York.

"The Chinese are playing a long game," Town, the US Attorney for the Northern District of Alabama said.

"We have been deceived too long," said John Brown, FBI Assistant Director for the Counterintelligence Division. "I think we have woken up. I think we're taking the initiative, being aggressive."

You can watch the full China Initiative Conference below: