In part 2 of our Cyberwar series we’ll take a look at how the Chinese government utilizes the US’s open business environment to stage intelligence operations on American soil.
Reconnaissance: While there has been a lot of recent press on Cambridge Analytica, the reality is there’s a giant industry that sells information on individuals who play a role in national security. Everything from the identities of active duty military personnel and defense contractors to intelligence officials is for sale. By buying data from LinkedIn, advertising firms, conference organizers and trade associations, Chinese intelligence is able to get detailed personal information on every American citizen. As Bob Gourley wrote on CTO Vision, America's enemies don't need to hack Equifax to get data on Americans, they can just buy it.
Engagement: Nearly everyday there is an event in Silicon Valley where developers meet to discuss topics such as cybersecurity, machine learning, block chain, high-speed wireless and a host of other new technologies. And at every event you’ll always find someone representing Chinese investors. Similar interactions occur at technical conferences, trade shows and even university campuses around the country. Such events allow Chinese intelligence operatives to gain critical knowledge on emerging technology.
Infiltration: Once Chinese operatives have identified technology of interest they gain quick access by offering companies access to the Chinese market as well as investment funds. Unaware of the fact that they are interacting with a Chinese intelligence operative, most companies willingly disclose their trade secrets. In some critical areas like machine learning, Chinese intelligence operatives have infiltrated almost every start up - a topic now getting attention from Committee on Foreign Investment in the United States (CFIUS).
To stop the flow of sensitive information to China will require classifying all information on individuals, companies and strategic technologies under the International Traffic in Arms Regulations (ITAR). Currently ITAR is focused on regulating the export of military technologies however Chinese intelligence operates inside America. By classifying all information under ITAR transfer of data to non-US citizens is deemed an export even if it happens in America. Thus Chinese intelligence operatives would not be able to buy identities of government personnel nor attend cybersecurity conferences without State Department approval.
The more difficult task for the US Government will be to reverse the investments China has made in technology start ups. Currently any company that has a Chinese investment is viewed as a national security risk by the US Intelligence Community (even though they let foreign operatives into the country). The consequences of being defined a risk are very serious from no access to US Government contracts to not being able to get security clearance.
To reverse Chinese investments in strategic companies Congress would have to to pass a Bill that voids all transactions. Thus any start up that got an investment from a person who was a known by the US Intelligence Community as a foreign operative would be allowed to legally reverse the transaction and clear their name. As start ups will not have the money to pay back Chinese investors an alternative mechanism such as a note without a date or interest rate will also have to be created.
As with all national security initiatives, shutting down Chinese intelligence operations on American soil will take many years. In the meantime the burden of protecting oneself falls upon individual citizens.
Stay up on these and other related issues at the CTOvision Cybersecurity and Cyberwar Portal. And sign up for our Cybersecurity and Cyberwar weekly to get the summary of all the week's hot topics in cyber.