China's Cyber War on America has been ceaseless, comprehensive and longstanding. In the past 15 years, China has hacked government departments, defense contractors, utility companies, and U.S. and allied intelligence agencies. Pictured: Then US Deputy Attorney General Rod Rosenstein speaks at a press conference on December 20, 2018 about indictments of Chinese government hackers who targeted companies in a dozen countries, which US officials said showed Beijing had not fulfilled its pledge to stop such actions. (Photo by Nicholas Kamm/AFP via Getty Images) |
China's Cyber War on America has been ceaseless, comprehensive and longstanding. In the past 15 years, China has hacked official government departments, defense contractors, utility companies, and U.S. and allied intelligence agencies. The Chinese Communist Party (CCP) has, it appears, integrated China's cyber attack capabilities into its apparent overall plan to surpass the U.S. as the world's leading power.
As part of its efforts, the CCP has for years built up a sophisticated infrastructure within the People's Liberation Army (PLA) to steal critical technical data from U.S. public and private targets. The PLA units in the Second and Third Departments of the General Staff are the principal engineers of China's vast assault to collect U.S. intellectual property.[1] Another unit, probably in the PLA's General Staff's Fourth Department, concentrates its electronic warfare systems to seed malware into U.S. computer networks.[2]
Beijing's cyber offensive against the Free World, however, is only part of what appears China's effort to achieve global leadership in critical future technologies such as artificial intelligence, renewable energy systems, robotics, rare earth element exploitation, biotechnologies, as well as medical and agricultural advances. The Chinese government also exploits bilateral commerce with the U.S. and investment by U.S. companies in the Chinese economy to steal trade secrets.
One early example of this type of intellectual property theft is the sad saga of the Massachusetts-based business, the American Superconductor Corporation (AMSC). This American company, after developing unique software capable of precise control of wind turbines, partnered with a Chinese maker of hardware called Sinovel. The partnership sold their product on the Chinese market until AMSC discovered that Sinovel had illegally obtained the U.S. firm's complete software code by bribing one of its employees.
Another example of Chinese theft of U.S. technology, this time in the robotics field, took pace when Huawei, a Chinese state-connected company (as are effectively all companies there) sent engineers to a T-Mobile laboratory in Seattle. The Chinese engineers, breaking agreed-upon protocols, photographed T-Mobile's "Tappy" robot and stole one of its critical parts.
In 2008, the CCP established an elaborate academically-colored intellectual property collection program called the "Thousand Talents Plan." When the FBI finally targeted this Chinese activity, in 2017, about 7,000 American scientists were already participants, many of them receiving financial support, free laboratory space and other incentives for the results of their research.
China's theft of development plans of the U.S. Air Force's most modern fighter aircraft, the F-35 Lightning II, enabled China to replicate an equivalent craft in its J-31 stealth fighter. Some defense experts wager that China's Chengdu J-20 fighter is also a product of China's cyber attack assault against both the U.S. and Russia. Still another Chinese cyber attack on a U.S. target contributed to the production of China's newest transport aircraft. This attack, in October 2009, was directed against Boeing's C-17 U.S. transport aircraft, by the once super-secret Shanghai-based cyber "Unit 61398." [3]
U.S. allies in Europe and Asia are also targets of China's global cyber attack offensives. These attacks have included hacking assaults on the intelligence agencies of the United Kingdom, France's Ministry of Defense, and Germany's Office of the Chancellor. U.S. Pacific allies like Japan, India and Australia also have suffered from Chinese cyber attacks. China also evidently employs its cyber capabilities to involve itself in the national elections of foreign states, such as Cambodia and Indonesia. Chinese involvement in U.S. elections more is circumspect and sophisticated than that, say, of Russia. The Trump administration, for instance, charged that China sought to influence the 2018 Congressional elections by retaliating against farm-belt state voters for U.S. trade tariffs on Chinese imports.
Other instances of China's relentless effort to steal critical information from official U.S. sources include the theft of data from NASA, the Office of Personnel Management (OPM), the U.S. Navy, the Joint Propulsion Laboratory as well as other venues. The OPM attack allowed the transfer of about 21 million records of former and then-current U.S. federal employees, and was enabled by China's introducing the malware "Sakula" into federal computers. Another form of malware that Chinese hackers have employed in the past was the remote-access "Poison Ivy." One embarrassing discovery of Chinese cyber capabilities revealed that the CCP was using NSA's own hacking tools to assist China's cyber sweeps against the U.S.
Private entities with U.S. defense contracts such as Lockheed Martin have been prime targets. Even U.S. financial centers are not immune, as Morgan Stanley would admit. Another cyber attack, emanating from China's Hebei Province, targeted more than 40 U.S. companies, all of which found that defense-related data had been stolen.
These attacks will likely continue, as past attempts by U.S. administrations to reach cessation agreements with Beijing seem to have been futile. China clearly views cyber attacks as a weapon of warfare with little risk of eliciting an aggressive U.S. response. In fact, PLA leaders in China's Guangzhou Military Region have publicly called for Chinese operators to continue the "People's War," win the cyber war, and prepare for attacks on satellites in space.
Appendix: Partial list of U.S. targets of China's cyber attacks*
- Morgan Stanley (January 2010)
- Twenty small businesses suffer wire transfers (March/April 2011)
- Networks of 48 countries in chemical and defense industries (October 2011)
- U.S. Chamber of Commerce computer networks penetrated (December 2011)
- USAF plans for F-35 Fighter stolen (February 2012)
- NASA computers compromised (March 2012)
- Twenty-three pipelines hacked (February 2013)
- U. S. Department of Labor, Agency for International Development, and Army Corps of Engineers: DAM inventory hacked (May 2013)
- U.S. Naval contractor hacked (June 2018)
- Aerospace companies hacked (October 2018)
- U.S. Navy contractors ship-maintenance and missile plans stolen (December 2018)
- Wire and bank fraud (January 2019)
- U.S. Cancer Research Institutes hacked (August 2019)
- Twenty unnamed U.S. utility companies hacked (September 2019)
* This list is a sampling of several hundred unclassified cyber-attacks against Free World countries initiated by China. This list was published by the Center for Strategic and International Studies (Washington D.C.)
Dr. Lawrence A. Franklin was the Iran Desk Officer for Secretary of Defense Rumsfeld. He also served on active duty with the U.S. Army and as a Colonel in the Air Force Reserve.
[1] Deceiving the Sky: Inside Communist China's Drive for Global Supremacy by Bill Gertz. Encounter Books: New York. 2019. P. 65.
[2] Ibid. p.65.
[3] Ibid. pp.70-71.