Skip to main content

China's Cyber Spies Are Stealing More Than Secrets

John Lee

In his February 12 State of the Union speech to congress, President Barack Obama declared that American cyber “enemies” were not just stealing identities and hacking into personal and corporate email but also acquiring the ability to hack into the country’s civilian systems such as power grids, financial institutions and air traffic control infrastructure.

Then earlier this week, US cyber-security firm Mandiant released an explosive report accusing the Chinese People’s Liberation Army of funding and orchestrating an extensive program of cyber-espionage against American firms. Chinese state-backed news outlets immediately labelled the report groundless, but the growing weight of evidence means that Beijing’s blunt strategy of denial is becoming less plausible. And Chinese industrial cyber-espionage will soon replace barbs over currency policy as the major economic bug-bear between the two economic giants.

The Mandiant report puts into the public space what government agencies, cyber-security firms and private companies already acknowledge readily but in private: China has become the leading perpetrator of industrial theft through malicious cyber activities originating from the country. The report goes way further than the broad-based accusations that are usually levelled against Chinese entities.

For a start, it traces the attacks to an entity named APT1, a single organisation of operators linked to four large networks in Shanghai, two of which are based in the city’s Pudong New Area. Significantly the PLA’s Unit 61398 – a secret unit engaging in “Computer Network Operations” for the military – is also located in the same group of buildings from which APT1’s cyber-activity originates. Unit 61398 reports to the PLA General Staff Department, which in turn reports directly to the Central Military Commission, the country’s peak decision-making body on military matters. If so, it is certain that China’s top civilian leaders in the Standing Committee of the politburo would have intimate knowledge of the activities of Unit 61398.

Moreover, quantity matters. The Mandiant report indicates that hundreds of terabytes of data have been stolen by Unit 61398 from at least 141 American corporations spread across 20 sectors. Significantly, these sectors correspond to those that have been labelled “strategic” and “important” to current and future Chinese “comprehensive national power” by the country’s leaders. For example, the four most targeted commercial sectors by Unit 61398 are information technology, aerospace, satellites and telecommunications, and scientific research.

The US administration has been reluctant to openly “name and shame” China as the major perpetrator of industrial cyber-espionage for fear of damaging an already fraught relationship between the two countries. There are a number of reasons to believe that this is about to change.

First, US firms are no longer fearful that their access to the Chinese market would be restricted if they make a fuss and are beginning to urge the government to champion the cause. The difference now is that the scale, sophistication and frequency of these cyber-espionage activities originating from China have become impossible to ignore.

American industry groups and intelligence agencies are beginning to quantify the collective value of lost intellectual property as possibly being in the hundreds of billions of dollars.

Second, it is well known that newly appointed Secretary of State John Kerry has a strong interest in this issue. In February last year, and as chairman of the Senate foreign relations committee, Kerry openly announced that he would raise the issue of Chinese trade theft with Xi Jinping on the latter’s first visit to the US as the putative president. Significantly, Kerry deliberately made a broader issue intellectual property theft by declaring that Chinese cyber-activity against US firms was an “egregious, palpable demonstration of the practice that we are deeply concerned about”.

Finally, putting pressure on Beijing over its cyber activities plays nicely into the Obama administration’s aim to use economic statecraft to further its leadership and influence in the region over China. In taking up the issue of industrial cyber-espionage against China, Obama will find growing support from countries such as Japan, South Korea, Singapore, India and Australia.

Governments spying on each other is fair game, but government entities stealing information from private firms in foreign countries is a different thing altogether. At stake is billions of dollars of intellectual property. More than that, it is about the world’s second-largest economy not playing by the rules that has ensured its rise.

Related Articles

Build a Fleet that Contests Every Inch

Bryan Clark

China’s coast guard and maritime militia have mounted what essentially is an insurgency in the East and South China Seas for nearly 15 years, buildi...

Continue Reading

The Significance of China’s Fujian Aircraft Carrier

Patrick M. Cronin

Eighty years after aircraft carriers became the capital ship of great seafaring nations, China's third carrier is making waves. Fujian, named for the ...

Continue Reading

Defending Guam

Rebeccah L. Heinrichs et al.

Guam, “where America’s day begins,” constitutes an indispensable strategic hub for the United States. The largest of the Mariana Islands in the ...

Continue Reading