Chinese espionage in the United States
China is alleged to have begun a widespread effort to acquire U.S. military technology and classified information and the trade secrets of U.S. companies. The Chinese government is accused of stealing trade secrets and technology, often from companies in the United States, to help support its long-term military and commercial development. China has been accused of using a number of methods to obtain U.S. technology (using U.S. law to avoid prosecution), including espionage, exploitation of commercial entities and a network of scientific, academic and business contacts. Although it uses a network of contacts to collect information used to benefit Chinese businesses, each bit of information does not invite scrutiny or prosecution by the U.S. government. Espionage cases include Larry Wu-Tai Chin, Katrina Leung, Gwo-Bao Min, Chi Mak and Peter Lee.
In addition to traditional espionage, China partners civilian Chinese companies with American businesses to acquire technology and economic data and uses cyber spying to penetrate the computer networks of U.S. businesses and government agencies; an example is the December 2009 Operation Aurora. U.S. law enforcement officials have identified China as the most active foreign power involved in the illegal acquisition of American technology. On May 19, 2014, the United States Department of Justice announced that a Federal grand jury had indicted five People's Liberation Army officers for stealing confidential business information and intellectual property from U.S. commercial firms and planting malware on their computers.
For a list of individuals suspected or convicted of spying on the United States for China, see: List of Chinese spy cases in the United States.
The People's Republic of China has used a number of methods to covertly gather intelligence in the United States. Individuals attempt to obtain targeted information from open sources such as libraries, research institutions and unclassified databases. Chinese travelers are recruited to carry out specific intelligence activities, and the Chinese government debriefs returnees from exchange programs, trade missions and scientific-cooperation programs. Chinese citizens may be coerced to cooperate in acting classes.
Partnerships between Chinese and foreign companies have been accused of existing solely to give Chinese defense industries access to advanced technology. The regulatory and commercial environment in China pressures American and other foreign companies to transfer technology to their Chinese partner companies as part of doing business in their country. Foreign companies provide technology, capital and manufacturing expertise to obtain access to Chinese markets, and high-tech equipment is purchased by Chinese agents operating front organizations in Hong Kong. Some items (computers, semiconductors, software, telecommunications devices, and integrated circuits) may be used for military or civilian purposes. China also uses state-run firms to purchase American companies with access to the targeted technology.
China also accesses foreign technology through industrial espionage, with U.S. Immigration and Customs Enforcement officials rating China's industrial-espionage and theft operations as the leading threat to U.S. technological security. Between October 2002 and January 2003 five Chinese businessmen were accused of illegally shipping equipment and trade secrets from California to China, and U.S. officials prevented a Chinese man from shipping a new, high-speed computer used in classified projects (including nuclear-weapons development) from Sandia National Laboratories.
A 1999 United States House of Representatives Select Committee on U.S. National Security and Military and Commercial Concerns with the People's Republic of China report, known as the Cox Report, warned that China has stolen classified information on every thermonuclear warhead in the country's intercontinental ballistic missile arsenal. Information is collected through espionage, reviews of U.S. technical and academic publications and interaction with U.S. scientists. China tasks a large number of individuals to collect small pieces of information (which are collated and analyzed), and individual agents can more easily escape suspicion. U.S. government personnel suspect that China's intelligence-gathering efforts directed towards the development of modern nuclear weapons are focused on the Los Alamos, Lawrence Livermore, Sandia and Oak Ridge National Laboratories. China is known to have stolen classified information on the W-56 Minuteman II ICBM, the W-62 Minuteman III ICBM, the W-70 Lance short-range ballistic missile (SRBM), the W-76 Trident C-4 submarine-launched ballistic missile (SLBM), the W-78 Minuteman III Mark 12A ICBM, the W-87 Peacekeeper ICBM and the W-88 Trident D-5 SLBM and weapon-design concepts and features.
China conducts political and corporate espionage to access the networks of financial, defense and technology companies and research institutions in the United States. Email attachments attempting to enter the networks of U.S. companies and organizations exploit security weaknesses in software. A recipient opens an email attachment, apparently from a familiar source, containing a program which embeds in the recipient's computer. The remotely controlled program allows an attacker to access the recipient's email, send sensitive documents to specific addresses and turns on such instruments as web cameras or microphones.
In January 2010, Google reported "a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google". According to investigators, the Google cyber-attack targeted the Gmail accounts of Chinese human-rights activists. At least 34 other companies have been attacked, including Yahoo, Symantec, Adobe, Northrop Grumman and Dow Chemical.
In January 2013, The New York Times reported that it was the victim of hacking attempts originating from China during the previous four months after it published an article on Prime Minister Wen Jiabao. According to the newspaper, the "attacks appear to be part of a broader computer espionage campaign against American news media companies that have reported on Chinese leaders and corporations."
Chinese cyber-attacks seem to target strategic industries in which China lags; attacks on defense companies target weapons-systems information, and attacks on technology companies seek source code critical to software applications. Operation Aurora emphasized what senior U.S. government officials have called an increasingly serious cyber threat to critical industries.
Amitai Etzioni of the Institute for Communitarian Policy Studies has suggested that cyberspace could be a fruitful realm for the United States and China to implement a policy of mutually assured restraint allowing both states to take measures they deem necessary for self-defense while agreeing to refrain from offensive steps. Such a policy would require oversight.
2010-2012 Compromise of CIA Network
Between 2010 and 2012, the Chinese government was able to arrest or kill between 18 and 20 CIA assets within China. A joint CIA/FBI counterintelligence operation, codenamed "Honey Bear", was unable to definitely determine the source of the compromises, though theories include the existence of a mole, cyber-espionage, or poor tradecraft. Mark Kelton, then the Deputy Director of the National Clandestine Service for Counterintelligence, was initially skeptical that a mole was to blame.
In 2007 McAfee alleged that China was actively involved in cyberwarfare, accusing the country of cyber-attacks on India, Germany and the United States; China denied knowledge of these attacks. In September 2007 former senior U.S. information security official Paul Strassmann said that 735,598 computers in the U.S. were "infested with Chinese zombies"; computers infected in this manner can theoretically form a botnet capable of carrying out unsophisticated yet potentially dangerous denial-of-service attacks. A cyber spying network known as GhostNet, using servers primarily based in China, was reported as tapping into the classified documents of government and private organizations in 103 countries (including Tibetan exiles); China denied the claim.
In December 2009 and January 2010 a cyberattack, known as Operation Aurora, was launched from China on Google and over 20 other companies. Google said that the attacks originated from China, and it would "review the feasibility" of its business operations in China as a result of the incident. According to Google, at least 20 other companies in a variety of sectors were also targeted by the attacks. According to McAfee, "this is the highest profile attack of its kind that we have seen in recent memory."
In May 2014, a U.S. Federal grand jury indicted five Chinese military officers for cybercrimes and stealing trade secrets. It was alleged that the Chinese officers hacked into the computers of six U.S. companies to steal information that would provide an economic advantage to Chinese competitors, including Chinese state-owned enterprises. China said that the charges were "made-up", and the indictment would damage trust between the two nations. Although the indictments have been called relatively meaningless, they could limit travel by the officers due to U.S. extradition treaties.
Effect on Chinese and Asian Americans
The high-profile reporting of Chinese spy cases, especially these later found falsefully accused, by the U.S. news media has raised concerns by civil-rights groups about the racial profiling of Chinese Americans as spies. In the Wen Ho Lee case, Lee's attorneys said that the scientist was unfairly singled out by government investigators because of his ethnic background. Bo Jiang's case in 2013 was called by his lawyer as another example of witch-hunting Chinese spies. Another Chinese American, Sherry Chen (a National Weather Service employee in Ohio), was falsefully accused of spying on U.S. dams in 2014 after she contacted a former classmate—now a senior Chinese official—and advised him about finding information in the United States on how dams are financed. Analyzing several recently similar falsefully accused Chinese American victims, a prominent Chinese American and a member of the Committee of 100, Dr. George Koo wrote an article in 2015 warning that "Chinese Americans continue to be victimized by racial profiling".
- Chinese intelligence activity abroad
- Cold War
- Confucius Institute
- Cox Report
- Cyberwarfare in the United States
- Economic and Industrial Espionage
- Google China
- Office of Tailored Access Operations
- Operation Aurora
- United States intelligence operations abroad
- Gregg Bergersen
- Katrina Leung
- Chi Mak
- Larry Wu-Tai Chin
- Finkle, J., Menn, J., Viswanatha, J. U.S. accuses China of cyber spying on American companies. Reuters, Mon 19 May 2014 6:04pm EDT.
- Clayton, M. US indicts five in China's secret 'Unit 61398' for cyber-spying. Christian Science Monitor, 19 May 2014
- deGraffenreid, p. 30.
- Global Security. "Ministry of State Security Operations." (accessed March 11, 2010).
- Wortzel, p. 6.
- Wortzel, p. 9.
- Helft, Miguel and John Markoff, "In Rebuke of China, Focus Falls on Cybersecuirty," The New York Times, January 13, 2010.
- Wortzel, p. 8.
- Polmar, Norman and Thomas B. Allen, Spy Book: The Encyclopedia of Espionage, Second Edition, (New York, NY: Random House Reference, 2004), p. 125.
- "China Seen in Push to Gain Technology Insights". The New York Times. 6 June 2013. Retrieved 18 June 2017.
- Markoff, John; Rosenberg, Matthew (3 February 2017). "China’s Intelligent Weaponry Gets Smarter". Retrieved 18 June 2017 – via NYTimes.com.
- "The Unpleasant Truth About Chinese Espionage". 22 April 2016. Retrieved 18 June 2017.
- Trade (2 August 2016). "Why Access To China Can Be Suicide For U.S. Companies". The Federalist. Retrieved 18 June 2017.
- https://www.facebook.com/dlamothe. "Navy officer accused of passing secrets faces espionage and prostitution charges". Washington Post. Retrieved 18 June 2017.
- Eftimiades, p. 28.
- Wortzel, p. 5.
- Wortzel, p. 4.
- Wortzel, p. 3.
- U.S. Department of Defense, Annual Report to Congress on the Military Power of the People's Republic of China, (Washington, DC: July 2007), p. 29.
- deGraffenreid, p. 99.
- deGraffenreid, p. 98.
- deGraffenreid, p. 100.
- Cha, Ariana Eunjung and Ellen Nakashima, "Google China cyberattack part of vast espionage campaign, experts say," The Washington Post, January 14, 2010.
- "Google cyberattack hit password system – NY Times," Reuters, April 19, 2010.
- Perlroth, Nicole (2013-01-30). "Hackers in China Attacked The Times for Last 4 Months". The New York Times. Retrieved January 31, 2013.
- Amitai Etzioni, The Diplomat. "MAR: A Model for US-China Relations". The Diplomat. Retrieved 2014-08-25.
- Mazzetti, Mark; Goldman, Adam; Schmidt, Michael S.; Apuzzo, Matthew (May 20, 2017). "Killing C.I.A. Informants, China Crippled U.S. Spying Operations". The New York Times. Archived from the original on May 20, 2017. Retrieved May 20, 2017.
- Waterman, Shaun (17 September 2007). "China 'has .75M zombie computers' in U.S.". United Press International. Retrieved 2007-11-30.
- "Researchers: Cyber spies break into govt computers". Archived from the original on April 3, 2009. Retrieved July 29, 2011.
- "CTV News: Video clip". Watch.ctv.ca. Retrieved 2014-08-25.
- "Foreign Ministry Spokesperson Qin Gang's Remarks on the So-called Chinese Cyber-Spy Ring Invading Computers in Countries". Fmprc.gov.cn. Retrieved 2014-08-25.
- "Chinese embassy scoffs at reports of cyber spying". Theaustralian.news.com.au.
- "A new approach to China". Google Inc. 2010-01-12. Retrieved 17 January 2010.
- "Google Attack Is Tip Of Iceberg", McAfee Security Insights, Jan. 13, 2010
- "Beijing denies corporate cyber spying charge against five Chinese military officials". China News.Net. Retrieved May 20, 2014.
- "The Cyber Cold War". The Huffington Post.
- "Racial Bias in the Wen Ho Lee Case? | PBS NewsHour". Pbs.org. 1999-12-14. Retrieved 2014-08-25.
- "The Prosecution Unravels: The Case of Wen Ho Lee", nytimes.com, Feb. 5, 2001
- Dujardin, Peter (21 March 2013). "Attorney: Former NASA contractor subject of 'witch hunt'". Daily Press. Retrieved 21 March 2013.
- Nicole Perlroth (May 9, 2015). "Accused of Spying for China, Until She Wasn’t". The New York Times. Retrieved May 10, 2015.
the facts didn’t quite meet the law
- Koo, George (2015-05-18). "Chinese Americans continue to be victimized by racial profiling: Opinion". atimes.com. Retrieved 2015-05-19.
- deGraffenreid, Kenneth (ed.), The Unanimous and Bipartisan Report of the House Select Committee on U.S. National Security and Military Commercial Concerns with the People's Republic of China ("The Cox Report"). Select Committee, U.S. House of Representatives (Washington, DC: Regnery, 1999)
- Eftimiades, Nicholas, Chinese Intelligence Operations (Annapolis, MD: Naval Institute Press, 1994)
- Wortzel, Larry M., Hearing on "Enforcement of Federal Espionage Laws." Testimony before the Subcommittee on Crime, Terrorism, and Homeland Security of the House Committee on the Judiciary, U.S. House of Representatives, January 29, 2008
- United States and Canadian computer security researchers monitor a Chinese cyber-spying operation
- Chinese coordinated assault on the email accounts of journalists, academics, and human rights activists
- Google decides to lift censorship in China
- More journalists have their email accounts hacked
- Google reaction to Chinese cyber attack
- More examples of how China steals U.S. Military Secrets
- Britain warns businesses of the Chinese spying threat
- Vast Chinese espionage campaign
- Chinese spy buys Pentagon secrets