Chinese Cyber-Espionage Growing: U.S. Report

Defense News

11/06/2011

Chinese Cyber-Espionage Growing: U.S. Report

By WENDELL MINNICK

TAIPEI - A new U.S. intelligence report declares the most active and persistent perpetrator of economic espionage is China.

The report, issued by the U.S. Office of the National Counterintelligence Executive (ONCIX), draws on the inputs and reporting from more than a dozen U.S. law enforcement and intelligence collection bodies, including the CIA, FBI, DIA and NSA.

China views economic espionage as an "essential tool in achieving national security and economic prosperity," the report said.

The report - "Foreign Spies Stealing U.S. Economic Secrets in Cyberspace: Report to Congress on Foreign Economic Collection and Industrial Espionage, 2009-2011" - indicates the U.S. intelligence community judges the use of cyber tools is now a greater threat than more traditional espionage methods.

A recent Chinese espionage case in the U.S. contrasts the shift from traditional espionage tradecraft to today's cyber espionage techniques. Dongfan Chung, a former Boeing and Rockwell engineer who had worked on the B-1 bomber and space shuttle, was sentenced by a U.S. Federal Court in 2010 to 15 years for having 250,000 pages of sensitive documents in his home.

"This is suggestive of the volume of information Chung could have passed to his handlers between 1979 to 2006," the report said.

The logistics of handling the physical volume of so many documents, equal to "four 4-drawer filing cabinets," are staggering. However, according to the report, today the information could have easily fit onto a compact disc or transferred via e-mail. "Cyberspace makes possible the near instantaneous transfer of enormous quantities of economic and other information."

The costs of cyber espionage on commercial U.S. business are high.

■ Between 2008 and 2009 an employee of Valspar Corporation, David Yen Lee, downloaded proprietary paint formulas valued at $20 million with the intent of selling it to China.

■ Meng Hong, a Dupont Corporation research chemist, downloaded proprietary information on organic light-emitting diodes in 2009 with the intent of transferring the data to a Chinese university.

■ Yu Xiang Dong, a product engineer with Ford Motor Company, copied 4,000 Ford documents onto an external hard drive in 2009 with the intent of transferring the data to an automotive company in China.

China's intelligence services seek to "exploit" Chinese citizens or persons with family ties to China to recruit. Of the seven cases that were adjudicated under the Economic Espionage Act in 2010, six involved a link to China.

U.S. corporations and cyber security specialists have reported an "onslaught" of computer network intrusions originating from China. "Some of these reports have alleged a Chinese corporate or government sponsor of the activity," but the U.S. intelligence community has not been able to confirm these reports.

In a study released in February, McAfee attributed an intrusion attempt they labeled "Night Dragon" to a Chinese Internet Protocol (IP) address and indicated the intruders stole data from the computer systems of petrochemical companies.

In January 2010, VeriSign iDefense identified the Chinese government as the sponsor of intrusions into Google's networks.

MANDIANT, a cyber security company, reported in 2010 that information was pilfered from the corporate networks of a U.S. Fortune 500 company during business negotiations in which the company was looking to acquire a Chinese firm.

The report states that China is driven by its longstanding policy of "catching up fast and surpassing" the Western powers. "An emblematic program in this drive is Project 863, which provides funding and guidance for efforts to clandestinely acquire U.S. technology and sensitive economic information." Project 863 lists the development of "key technologies for the construction of China's information infrastructure."

In terms of military technology, China is focusing on two areas: marine systems designed to jump-start the development of a blue-water navy, and aerospace systems that will allow China's air force to develop air supremacy.

The U.S. is not the only victim of Chinese cyber espionage, according to the report. South Korea claims that in 2008 the country lost $82 billion in proprietary information from Chinese and other hackers. Japan's Ministry of Economic, Trade and Industry (METI) conducted a survey of 625 manufacturing firms in 2007 and found that more than 35 percent reported some form of technology loss and more than 60 percent of those leaks involved China.

Since late 2010, hackers have accessed more than 150 computers at France's Finance Ministry, exfiltrating and redirecting documents relating to the French G20 presidency to Chinese sites.

The British Security Service's Centre for the Protection of National Infrastructure warned hundreds of business leaders in 2010 of Chinese economic espionage practices, including the giving of gifts of cameras and memory sticks equipped with cyber implants at trade fairs and exhibitions.

German officials also noted that business travelers' laptops are often stolen during trips to China. "The Germans in 2009 highlighted an insider case in which a Chinese citizen downloaded highly sensitive product data from the unidentified German company where he worked to 170 CDs," the report says.

China always denies reports of being involved in cyber espionage and often responds with counteraccusations.