China’s Theft & Espionage: What Must Be Done « Breaking Defense | #espionage | #surveillance | #ceo | #businesssecurity | #

Chendgu J-20 fighter prototypes, considered suspiciously similar to the American F-35 Joint Strike Fighter

Nick Eftimiades, a retired senior intelligence officer and now a lecturer at Penn State Harrisburg, offers a detailed prescription below for how to blunt Chinese economic and cyber espionage. No-fly lists, worldwide travel limits, restrictions on universities against sharing data or working with suspected/known thieves, and more rigorous US Customs screening in China might help slow the greatest transfer of wealth in modern human history. Read on! The Editor

I combed through more than 400 cases of Chinese espionage and detailed the outlines of the People’s Republic of China’s national effort to collect foreign technology using state and Communist Party entities, state-owned enterprises, select universities, private companies and individuals. The result for the United States: the loss of millions of US jobs, degradation of American industry, the rise of Beijing’s global political and economic clout, and a significant increase in China’s high tech military capabilities.

Nick Eftimiades

One has to note Beijing’s creativity and management in combining all the elements of ‘societal power,’ including manipulating financial markets, economic incentives, industrial policy, political and economic coercion, foreign policy, threat of military force, and technological strength to create the world’s first “digital authoritarian state.” It is unfortunate that the West has largely been the source of this growing strength.

China is not the only country to engage in such practices. Russia, Iran and even some U.S. allies engage in systematic, government-sponsored economic espionage (trade secrets, intellectual property theft) and technology theft. It would seem many governments and people are quite willing to violate U.S. laws in the quest to possess or sell U.S. trade secrets and technology. Violating a country’s laws is nothing new in the murky world of espionage. Every time an intelligence service conducts espionage in another country, it violates that country’s laws, and that includes US intelligence overseas. The difference is that the U.S. and many allies do not participate in economic espionage and technology theft with the intent of transferring wealth. In Russia and Iran that practice is common, In China, it has become a national sport.

So Whose Fault Is It Anyway?

Shakespeare wrote “The fault, dear Brutus, is not in the stars, but within ourselves.”  He was right. The current free-for-all of economic espionage, technology theft, and transfer of U.S. wealth is the fault of the US government. For decades, insiders (myself included) have highlighted the strategic shift in growth and importance of commercial technology and the impact on the economy. The lesson one learns in government is that innovative and strategic thinking usually gets in the way of short-term mission accomplishment. No one knew this strategic shift better than former Defense Secretary Ash Carter: “When I first got into this business everything of consequence that was made was in the US and the really important stuff was made by the Department of Defense. Now everything is made commercially and globally.”

The concerns of a handful of strategic thinkers were largely ignored while the US intelligence, law enforcement and defense bureaucracies circled the wagons around their precious secrets, totally ignoring the strategic shift in the importance of commercial technology and economic trade secrets. 

Congress and successive presidents also share responsibility for the current situation, which has led to serious degradation in America’s global position and security. The question US policy makers must now ask is not how we got into this mess, but how we get out of it. 

Chinese president Xi Jinping in military uniform.

Deterrence Measures

Two forms of economic espionage must be addressed: those acts that physically occur within US borders, and those which are conducted from abroad through cyber means. Cyber espionage has come into vogue for two reasons. First, cyber espionage actors enjoy a measure of anonymity, and second, there are often few consequences if they are caught conducting cyber espionage for those operating outside the US.

Deterring such behavior is a key objective that might be achievable by a policy targeted at domestic institutions and against cyber criminals abroad. In current doctrine, strategists often claim deterrence is difficult to obtain or even understand in the cyber world. However, deterrence is achievable against individuals and institutions who conduct economic espionage and theft of trade secrets against the US, even through cyber means. One approach: limit individual’s access to the US and impose worldwide travel restriction.

What Not To Do

The Trump administration has explored enhanced screening of Chinese students and scholars coming to the United States. Not a good idea. The process will almost certainly fail at determining an individual’s future course of action. Few scholars come to the US with the premeditated intention of stealing technology that has, quite likely, yet to be invented.  Also, there are 360,000 Chinese scholars and students in the US. Given the number of cases that have come into the American judicial and regulatory system it is unlikely that even one percent are involved in technology theft. American principles are that we don’t judge an entire group by the actions of a very few.

What To Do

Commercial technology and trade secrets have become the currency of the future. The simple problem is that governments and private entities have very little to lose and much to gain by stealing technology and trade secrets from advanced industrialized economies. However, the US can establish conditions to make those actions more costly to individuals and academic institutions whether or not they reside in the US.  Deterrence at an individual and institutional levels (not at the government level) would probably dissuade significant numbers of people from committing economic espionage or stealing US technology. 

Educate Foreign Scholars And Business People Who Visit the US

Any person coming to the United States to study or work in a critical high-tech field should be presented with a document as part of the visa application process. The US online visa application already includes a yes-or-no question as to whether the applicant intends to commit “espionage, sabotage, or export control violations.” This is only one of dozens of ‘yes-or-no’ questions.  Additional verbiage (or a web page/document) is required, notifying the visa applicant of the severity of economic espionage and technology theft and potential prison penalties. 

Multi-year visas for students and scholars could require filling out an online course — call it Freedom and Democracy in America — that details some aspects about American democracy and the rule of law. Will this practice stop a person committed to the theft of US technology? Absolutely not. However, it will be enough to deter some visiting scholars or business persons if there is a prospect of going to jail, being barred from contact with US academic institutions, attending scientific conferences, or from boarding US flights. In the case of China, this information is particularly important because Chinese culture often does not recognize the law as a binding contract in society the way it is in the West, relying more on “Guan Xi” personal relations. 

A No-Fly list for Economic Espionage, IRP violators And Cyber Hackers

We have a No Fly list for persons even remotely suspect of being affiliated with a terrorist organization.  Creating and enforcing a similar No Fly and visa denial list with allies would be an effective deterrent to individuals involved in economic espionage and technology theft. Businesses and academics can not function without the ability to travel and collaborate internationally.

The US government maintains multiple lists of those persons involved in the theft and illegal export of technology.  For example, the US Commerce Department maintains a “Denied Persons List” list of violators of US export law and an Entity List with more than 130 Chinese companies, research institutes and government entities identified as having engaged in illegal exports or acting contrary to US national security and foreign policy interests. This list includes state-owned enterprises such as the China Aerospace Science and Industry Corporation Second Academy and 13 of its research institutions; China Electronics Technology Group Corporation’s 14th Research Institute and two of its institutions; China Electronics Technology Group Corporation 38th Research Institute and seven of its institutions; China Tech Hi Industry Import and Export Corporation; and China Volant Industry.

The US Treasury Department maintains a list of “Specially Designated Nationals And Blocked Persons List” that identifies a very wide variety of persons, governments, public and private entities subject to US sanctions for everything from cyber crimes to drug trafficking. The State Department maintains a list of entities and individuals who have violated the Arms Export Control Act and the International Traffic in Arms Regulations. Presumably these are integrated into the Department of Commerce “Entity List”. 

Many of these lists are publicly available to ensure US exporters can get the information. A similar process for “No Fly” travel can be used against foreign companies, business persons, and academics conducting economic espionage or technology theft. Those persons do need not to be convicted and there are already processes and mechanisms in place to implement this type of program with established safeguards. The U.S. should establish No Fly and visa refusal criteria with allies for those people engaged in economic espionage.  We may struggle to stop global economic and cyber espionage efforts but we can limit the travel of those involved. The US should begin this process with its FIVE EYE partners (Canada, Australia, New Zealand, United Kingdom) and Japan, France and Germany.

Executive Order To Screen People Attending Public Education Institutions

The United States government provides considerable grants, funding, and tax benefits to public universities. There is no reason the public universities should have a relationship with overseas persons associated with economic espionage or theft of technology. In many cases this practice amounts to the American taxpayer funding theft of technology from American academic institutions. While these public universities already report foreign contracts to the Department of Education, a Presidential Executive Order could prohibit US universities from sharing research with individuals associated with economic espionage or theft of technology. That order would also deny entry of foreign academics to the United States for research or conferences if identified by the US Departments of State, Commerce, Treasury, or Justice as being involved in the theft of. In addition, foreign universities showing a history of cyber espionage, violating US copyrights, or technology theft (and there are many in this category) would also be restricted from sending students to the US or engaging in joint research projects on critical technologies.  Academics who cannot travel, collaborate, or publish with Western universities might as well find a new line of work. 

Allies are likely to join in this effort, although some may do so reluctantly. Like other criminals, those stealing technology will go to the most vulnerable target.  If the US hardens its technology underbase, other targets become more attractive. Again, this program would work far better if coordinated with similar programs implemented by allies.


US Customs inspectors in China must be allowed to do their jobs. Customs officers abroad play a very important role in ensuring fraudulent goods and other contraband never make it to the US. In China, the four US Customs inspectors stationed there can only request permission from the Chinese customs service to inspect outgoing cargo. This unique situation leads to high levels of corruption in China’s customs service. Interviews with US importers reveal that customs delays (legitimate or otherwise) in products leaving China are usually resolved within a day through bribes paid by Chinese business partners to customs officers.

Trump at the 2018 NATO summit

Work With Allies

The US must reach out to its allies as well as international bodies such as NATO, the EU and the United Nations to craft a coordinated effort to combat economic espionage and technology theft. An aggressive enforcement approach only in the U.S. will just shift the problem to other high-tech industrialized economies. Many advanced industrialized countries have already been victims of cyber economic espionage, IPR violations, and technology theft. Coordinated international efforts should include establishing an international working group to achieve the following goals:

Increased law enforcement information and intelligence sharing between partners. This would include joint databases and channels for sharing data on:

  • Cyber espionage
  • IPR theft
  • Illegal Technology Transfer

Coordinated investigative, operational, customs enforcement, and diplomatic responses to foreign cyber economic espionage, IPR theft, and illegal technology transfer:

  • Deny visas to scholars associated with economic and related crimes
  • Restrict joint programs to non-critical research with universities and research institutes associated with cyber and economic espionage
  • Restrict travel on carriers of those engaged in economic espionage, cyber espionage, and related crimes.
  • Legitimate customs inspections for goods leaving China.    

What Should Congress Do?

Strengthen trade secrets laws

Congress should be at the forefront of protecting US companies from espionage. Criminal and civil penalties provided limited deterrence value as long as a competitor can capture a market by stealing trade secrets. Companies are often willing to pay a $100 million fine if they can capture a multi-billion dollar market.  It is simple economics. Laws need to be strengthened to ensure companies are not allowed to do business in the United States if convicted of serious cases of economic espionage. 

Update the Foreign Agents Registration Act

When the Foreign Agents Registration Act was passed in 1938, there was a simple telecommunications system in the United States. The law and its definitions of “persons acting as agents of foreign principals in a political or quasi-political capacity” needs to be updated to be applicable in the modern era of Internet, Fake News, Artificial Intelligence, deep fakes, and social media. 

Most Favored Nation Status (MFN) and Trade Talks

China’s rise is largely due to the Clinton administration and Congress approving MFN status.  Revoking that status is unwise and impossible given the level of economic integration between the two countries. However, Congress should pass a law requiring the incumbent presidential administration to annually certify that China is meeting the conditions established during the current trade talks. The same law could include certification that China is meeting its commitments made under the Obama administration to cease cyber espionage (or other subsequent agreements). A violation would restart tariffs or other punitive measures. 

Rectifying behavior in conducting economic espionage, cyber espionage, and theft of technology  will not come easy. Strong enforcement and diplomatic actions — done unilaterally and in concert with international partners — are necessary to preserve a prosperous future for those willing to work hard to achieve it.

Nick Eftimiades is a lecturer at Penn State Harrisburg‘s School of Public Affairs. The views expressed here are those of the author and do not reflect the views of the university.

Source link

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App







National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.