China’s expansion of economic espionage boils over

China’s expansion of economic espionage boils over

If you read Google’s explanation about why it threatened to withdraw from China, you might think it’s all about a recent Chinese cyber-attack and Google’s anger over being made complicit in the persecution of human rights activists.

By cyber experts and China hands alike point to a much broader issue: The Chinese government has adapted the tactics it has used for military cyber espionage for corporate purposes and is now using them on a wide scale. Added to a fundamentally unfair business environment for foreign firms, the damaging effects of Chinese cyber spying may be scaring off firms like Google as they weigh the risks of operating there.

"The story is much bigger than the recent attack or concerns about human rights," said James Mulvenon, a preeminent expert and consultant on Chinese cyber activities, "It’s becoming increasingly difficult for international companies to work and operate in China, particularly innovation firms."

As Google announced in its statement, many other firms are being targeted as well. The 34 firms discussed as part of Google’s investigation into the attacks are mostly Silicon Valley technology firms who work with or in China, said Mulvenon. This is all part of the Chinese government’s stated goal of aiding Chinese-owned firms using state power to cull information from that particular sector.

"The Chinese government has made it very clear they have a set of national champions and those champions should be promoted," he said.

Some China experts contend that Google, which has been operating in China since 2004, may be simply fed up with the Chinese government’s pattern of allowing in foreign companies and then appropriating their technology for the benefit of Chinese competitors, in this case the rival search engine Baidu.

"They may be reaching a point where they realize their whole presence in China is being manipulated," said Larry Wortzel, vice-chairman of the U.S.-China Economic and Security Review Commission, which was established by Congress to monitor such issues, "They’re losing code and technology. The Chinese government wants Baidu to succeed."

Wortzel said that China’s regular practice is to allow firms into China for the express purpose of ripping off their propriety technology and feeding it to their Chinese competitors.

"They don’t have any respect for international property rights," said Wortzel, "Once they gain a technology, they use it to reverse engineer it or copy it and then take it and use it to promote a Chinese-owned company."

A huge part of the problem is that there is a lack of policy and legal mechanisms to protect both government and corporate actors in cyberspace. The U.S. response to the increasing cyber threat from China has been improving but is mostly seen as too little, too late. Leaders such as Joint Chiefs Vice Chairman James Cartwright have often called the U.S. government cyber defense effort "dysfunctional," and military leaders have admitted that gargantuan amounts of information and intelligence have been lost.

The Obama administration came into office promising to fix that problem but has faced setbacks along the way.  Shortly after publishing a cyber review in May, Bush holdover cyber chief Melissa Hathaway resigned. Homeland Security cyber head Rod Beckstrom also resigned last year over a turf battle with the National Security Agency. The new cyber czar Howard Schmidt was named in late December.

To be clear, Google is not accusing the Chinese government of anything, and a spokesman would only say that they’ve determined the latest string of attacks "originated from within China."

But cyber security expert Alan Paller, director of research at the SANS Institute, said that attacks like the one on Google can be judged to be government-sponsored, if not government-run outright, due to their sheer sophistication, their massive scale, and the military-like efficiency with which they are carried out.

Paller said his research supports the conclusion that every foreign firm operating in China has likely been penetrated and has software on it that enables outsiders to access it at will. And while attribution of attacks is difficult to prove outright, the string of similar attacks on U.S. government and military installations dating back years shows a pattern of behavior that points directly back to Beijing.

So how do we know the Chinese are shifting those tactics to the economic sphere? One piece of evidence came to light when it was revealed the UK’s domestic intelligence service MI5 sent a letter to over 300 firms warning them of state-sponsored economic cyber espionage attacks coming from China.

"That was the proof to me that the same techniques had been moved over to the economic espionage area," said Paller.