In part 2 of our Cyberwar series we’ll take a look at how the Chinese government utilizes the US’s open business environment to stage intelligence operations on American soil.
Reconnaissance: While there has been a lot of recent press on Cambridge Analytica, the reality is there’s a giant industry that sells information on individuals who play a role in national security. Everything from the identities of active duty military personnel and defense contractors to intelligence officials is for sale. By buying data from LinkedIn, advertising firms, conference organizers and trade associations, Chinese intelligence is able to get detailed personal information on every American citizen. As Bob Gourley wrote on CTO Vision, America’s enemies don’t need to hack Equifax to get data on Americans, they can just buy it.
Engagement: Nearly everyday there is an event in Silicon Valley where developers meet to discuss topics such as cybersecurity, machine learning, block chain, high-speed wireless and a host of other new technologies. And at every event you’ll always find someone representing Chinese investors. Similar interactions occur at technical conferences, trade shows and even university campuses around the country. Such events allow Chinese intelligence operatives to gain critical knowledge on emerging technology.
Infiltration: Once Chinese operatives have identified technology of interest they gain quick access by offering companies access to the Chinese market as well as investment funds. Unaware of the fact that they are interacting with a Chinese intelligence operative, most companies willingly disclose their trade secrets. In some critical areas like machine learning, Chinese intelligence operatives have infiltrated almost every start up – a topic now getting attention from Committee on Foreign Investment in the United States (CFIUS).
To stop the flow of sensitive information to China will require classifying all information on individuals, companies and strategic technologies under the International Traffic in Arms Regulations (ITAR). Currently ITAR is focused on regulating the export of military technologies however Chinese intelligence operates inside America. By classifying all information under ITAR transfer of data to non-US citizens is deemed an export even if it happens in America. Thus Chinese intelligence operatives would not be able to buy identities of government personnel nor attend cybersecurity conferences without State Department approval.
The more difficult task for the US Government will be to reverse the investments China has made in technology start ups. Currently any company that has a Chinese investment is viewed as a national security risk by the US Intelligence Community (even though they let foreign operatives into the country). The consequences of being defined a risk are very serious from no access to US Government contracts to not being able to get security clearance.
To reverse Chinese investments in strategic companies Congress would have to to pass a Bill that voids all transactions. Thus any start up that got an investment from a person who was a known by the US Intelligence Community as a foreign operative would be allowed to legally reverse the transaction and clear their name. As start ups will not have the money to pay back Chinese investors an alternative mechanism such as a note without a date or interest rate will also have to be created.
As with all national security initiatives, shutting down Chinese intelligence operations on American soil will take many years. In the meantime the burden of protecting oneself falls upon individual citizens.
Stay up on these and other related issues at the CTOvision Cybersecurity and Cyberwar Portal.
Also see the CTOvision Guide to National Security Technology and
Track the most disruptive technologies by diving into our categorized index:
Artificial Intelligence Companies – A fast overview of Artificial Intelligence companies we believe are poised to cause the most positive disruption in the enterprise.
Big Data Companies – Reference to the greatest, most disruptive Big Data companies in the tech ecosystem.
Business Intelligence Companies – We assess these to be the Business Intelligence Companies most impactful for delivering real decision advantage.
Cybersecurity Companies – We apply our deep expertise in cybersecurity to assessing the best across multiple categories including:
- Cyber Threat Intelligence
- Endpoint Detection and Response
- Governance, Training, Education, Process
- Managed Services, Outsourced Security
- Microsegmentation and Container Security
- Network Traffic and Analysis
- Security Scanning And Testing
Cloud Computing Companies – We include both platform and software as a service providers, capturing only the most innovative and disruptive.
Collaborative Tool Companies – These are the firms that help humans connect to humans to create, manage and lead.
Infrastructure Companies – Critical enterprise foundations for business agility.
IoT Companies – Internet of Things and Industrial Internet of Things are here. How do you manage them?
Mobile Companies – Help manage, configure, secure and optimize these very powerful capabilities.
Robotics Companies – Including innovations in Robotic Process Automation, Drones, and industrial robotics.
Services Companies – We only track a few, the ones we really know well.
Tech Titans – These are the big players. We track the tech titans closely since their capabilities change continuously.
VC, PE and Finance Companies – Keeping an eye on the investors can give indications of coming developments.
You can also use our topical pages to get up to speed quickly on the current status of the major megatrends. See our pages on Cloud Computing, Artificial Intelligence, Mobility, Big Data, Robotics, Internet of Things, Cybersecurity and Blockchain and Cryptocurrencies.