The Chinese are spying on us. Which seems only fair, since we are spying on them too.
You probably remember last year’s journalism hysteria when a Chinese surveillance balloon floated over the US, and the Air Force shot it down off the cost of South Carolina. In the big picture, that was a mere kerfuffle, a foofaraw.
But don’t be fooled. Chinese espionage offers plenty to be worried about. In a 2020 speech, FBI Director Chris Wray called “the counterintelligence and economic espionage threat from China… the greatest long-term threat to our nation’s information and intellectual property, and to our economic vitality.”
Since 2020, it’s only gotten worse. Last October, the heads of intelligence from the US, Canada, UK, Australia and New Zealand – the Five Eyes Alliance – held “an unprecedented joint news conference to warn of… a ‘breathtaking’ Chinese effort to steal technology and economic intelligence and to influence foreign politics in Beijing’s favor.” According to the FBI’s Wray, the purpose of this first press conference in the organization’s 80 year history was to warn that the threat from “China’s espionage… has only gotten more dangerous and more insidious in recent years… The FBI currently has over 2,000 investigations in progress that are linked to China.”
At the same conference, Ken McCallum, the Director General of Britain’s MI5 spy agency reported several examples of his own, including the fact that “suspected Chinese agents have approached over 20,000 people in the UK over professional networking sites like LinkedIn, in order to try to cultivate them to provide sensitive information.”
There are two main reasons why it is very difficult for the West to keep up: China devotes more resources to espionage, and they are playing by different rules than we are.
Regarding resources, Wray testified before a US House committee on January 31 that, “If you took every single one of the FBI’s cyber agents [and] intelligence analysts and focused them exclusively on the China threat, China’s hackers would still outnumber FBI cyber personnel by at least 50 to 1.”
Chinese hackers work not just as government employees, but also for private Chinese companies that specialize in spying. A few weeks ago, leaked documents from the Chinese security firm I-Soon recently revealed a price list of what they charged. If you want to hack Twittter/X accounts and run a disinformation campaign, for $100,000 I-Soon will sell you specialized software to make your targeting and lying more efficient. Do you want a huge database of personal information entered by unwitting users of Facebook and Telegram? For $278,000 that too can be yours.
In addition to devoting greater resources to espionage, China’s authoritarian government is also playing by different rules. Harvard’s Calder Walton summarized key differences in a recent article in Foreign Policy magazine: “Unlike those in Western democracies, China’s intelligence services are not held to account by independent political bodies or the public, nor are they subject to the rule of law… Thanks to successive national security legislation passed under President Xi Jinping, Chinese businesses are required to work with its intelligence services whenever requested to do so… [In addition] facial recognition, phone apps, and CCTV all make China an infinitely harder target for Western agencies to collect intelligence on than Chinese services’ targets in open Western democracies.”
And if that’s not enough, according to David Vigneault, the director of the Canadian Security Intelligence Service, Chinese laws require its citizens “anywhere in the world to provide information to Beijing’s intelligence services.”
Just a few weeks ago, the FBI’s Wray updated Congress on one major cyber operation which he described as part of “the defining threat of our generation.” In the Volt Typhoon project “Chinese hackers [have targeted] critical infrastructure in the U.S., such as water treatment plants, electrical grids, oil and natural gas pipelines and transportation systems.”
The result of operations like Volt Typhoon, according to Congressional testimony by Jen Easterly, Director of the US Cybersecurity and Infrastructure Security Agency, is that “A major crisis halfway across the planet could well endanger the lives of Americans here at home through the disruption of our pipelines, the severing of our telecommunications, the pollution of our water facilities, the crippling of our transportation modes all to ensure that they can incite societal panic and chaos and to deter our ability to marshal military might and civilian will.”
The primary methods behind this particular operation relied on human flaws “by exploiting vulnerabilities in small and end-of-life routers, firewalls and virtual private networks, often using administrator credentials and stolen passwords, or taking advantage of outmoded tech that hasn’t had regular security updates – key weaknesses identified in US digital infrastructure.”
If you have an old Cisco or Netgear router running your home or small business network, it may have been infected by “KV Botnet malware” planted by the Chinese. If so, your router was “chained together [with other infected routers] to form a covert data transfer network supporting various Chinese state-sponsored actors including Volt Typhoon.”
Yikes. Your innocuous little home network could be helping the Chinese to hide the origin of an infrastructure attack someday, since “the botnet’s distributed nature makes the activity hard to trace.” This is a prime example of the way “state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive… cyberattacks against US critical infrastructure in the event of a major crisis.”
In December, the FBI fought back with a court-ordered action to “delete the KV Botnet malware from the routers.” But if you restarted your router after the cleanup, your server will once again be vulnerable. This is one of several reasons that experts say “the legal action is bound to be a only temporary disruption.”
To put it another way, the potential effects of Chinese espionage continue to rise.
In an article entitled “Spycraft and Statecraft,” William J. Burns, the director of the Central Intelligence Agency wrote in the current issue of Foreign Affairs that “This is a time of historic challenges for the CIA and the entire intelligence profession, with geopolitical and technological shifts posing as big a test as we’ve ever faced. Success will depend on… adapting to a world where the only safe prediction about change is that it will accelerate.”
To address the China challenge, Burns reported that the CIA has more than doubled “the percentage of our overall budget focused on China over just the last two years. We’re hiring and training more Mandarin speakers while stepping up efforts across the world to compete with China, from Latin America to Africa to the Indo-Pacific.” The New York Times reported that, “The C.I.A. and the Pentagon’s Defense Intelligence Agency have [also] set up new centers focused on spying on China. U.S. officials have honed their capabilities to intercept electronic communications, including using spy planes off China’s coast.”
Meanwhile, the American and Chinese economies continue to get more intertwined. At the height of the Covid epidemic, many Americans learned for the first time that the US depends on China for things like surgical masks, personal protective equipment, respirators and many other medical products needed to fight the disease. In the early stages of the pandemic, when world supplies were short, China wouldn’t share them.
The top ten products the US imports from China today include lithium batteries, display monitors, smartphones, digital automation systems, pre-dosed medications and data processors. Good luck to all of us if access to these and other Chinese products was cut off during a crisis.
So, at the same time that we continue to compete with China politically and economically, we must simultaneously cooperate and work together to tackle existential challenges to the human race including climate change and avoiding nuclear war.
Last year, Pulitzer Prize winning reporter Thomas L. Friedman visited China for the first time since covid to try to get a grip on what all this means. Hu Xijin, one of China’s most popular bloggers, said to him: “You have been in the first place for a century, and now China is rising, and we have the potential to become the first — and that is not easy for you… [But] you should not try to stop China’s development. You can’t contain China in the end. We are quite smart. And very diligent. We work very hard. And we have 1.4 billion people.”
Based on this and many other interviews, Friedman concluded: “I believe that [China and the US] are doomed to compete with each other, doomed to cooperate with each other and doomed to find some way to balance the two. Otherwise we are both going to have a very bad 21st century.”