WASHINGTON, DC — China is by far the most active economic espionage offender in the United States today, often pilfering or attempting to steal U.S. firepower and the fruits of American brainpower, experts and national security officials told the Senate Judiciary Committee on Wednesday.
During a hearing titled “China’s Non-Traditional Espionage Against the United States: The Threat and Potential Policy Responses,” John Demers, the assistant attorney general for the national security division at the U.S. Department of Justice (DOJ) revealed via written testimony:
We cannot tolerate a nation that steals our firepower and the fruits of our brainpower. And this is just what China is doing to achieve its development goals. While China aspires to be a leading nation, it does not act like one. China is instead pursuing its goals through malign behaviors that exploit features of a free-market economy and an open society like ours. … From 2011-2018, more than 90 percent of the Department’s cases alleging economic espionage by or to benefit a state involve China, and more than two-thirds of the Department’s theft of trade secrets cases have had a nexus to China.
Currently, DOJ is dealing with “three pending cases against former U.S. intelligence officers who are alleged to have spied for China—which is an unprecedented number,” Demers declared.
Echoing the DOJ official, Peter Harrell from the Center for a New American Security think-tank noted in his written testimony:
China is by far the most active practitioner of economic espionage today. While it is challenging to accurately estimate the costs of such espionage, in 2017 the U.S. China IP Commission estimated that the total cost of China’s theft of IP, which also includes more prosaic forms of IP theft like piracy and counterfeiting, costs the U.S. economy at least $225 billion annually and possibly as much as $600 billion.
China’s cyber espionage capabilities have exceeded the U.S. government’s ability to defend against the threat, a top U.S. Department of Homeland Security (DHS) official conceded.
In his prepared remarks, Christopher Krebs, the director of the Cybersecurity and Infrastructure Security Agency at DHS, said:
Our adversaries’ capabilities online are outpacing our stove-piped defenses. Specifically, there has been a critical gap in cross-sector, cross-government coordination on critical infrastructure security and resilience. Working together with the private sector and other government partners, we are taking collective action to strengthen cross-sector, cross-government coordination against malicious cyber actors.
Krebs identified China as one of the top cyber espionage rivals facing the United States, along with Russia, Iran, and North Korea.
One of the witnesses noted that China had integrated civilian and military efforts in the pursuit of intelligence.
China’s “military is also likely to help secure business information,” Dean Cheng from the Heritage Foundation think-tank testified, adding, “In the realm of computer network operations, the PLA [People’s Liberation Army] quite clearly expects to operate closely with non-military and even non-governmental forces.”
“PLA cyber units appear to operate specifically in conjunction with other parts of the Chinese government, especially those parts responsible for various aspects of information security,” he added.
Despite the ongoing threats, the U.S. government is not fully aware of what technology is leaving the United States, James Mulvenon from SOS International, LLC testified, adding:
While Chinese cyber threats and clandestine spying against the United States dominate the public discourse, a far more serious and insidious threat is posed by China’s informal or ‘extralegal’ transfers of US technology. Operating under the radar, these quiet diversions of US technical know-how are carried out by groups and individuals in the US, whose support for China erodes America’s technological edge and ability to compete in international markets.
Regardless of whether these informal transfers of US technology are legal (or illegal), the real danger lies in the fact that US regulators have no visibility into what leaves our country; whether it is owned by or merely accessible to these agents; and whether the technology is or should be under export restriction or protected to maintain our competitiveness.
The witnesses told the Senate panel the U.S. needs a whole of government approach in collaboration with the private sector to combat Chinese efforts to subvert U.S. economic and national security.
Harrell urged Congress to consider “hack back” measures.
“‘Hacking back’ proposals would need to be carefully tailored to mitigate potential unintended consequences and to protect innocent parties, and the risks need to be carefully evaluated. That said, I recommend that Congress carefully consider “hacking back” proposals that would enable U.S. companies to take a broader range of active measures to defend themselves against cyber espionage and other cyber attacks,” he said.