The directors of the UK Military Intelligence, Section 5 (MI5) and the US Federal Bureau of Investigation on Wednesday shared a public platform for the first time and warned of China’s increased espionage activity on UK and US intellectual property.
Speaking to an audience of business and academic leaders, MI5 director general Ken McCallum and FBI director Chris Wray argued that Beijing’s Made in China 2025 program and other self-sufficiency tech goals can’t be achieved without a boost from illicit activities.
“This means standing on your shoulders to get ahead of you. It means that if you are involved in cutting-edge tech, AI, advanced research or product development, the chances are your know-how is of material interest to the Chinese Communist Party,” said McCallum.
“And if you have, or are trying for, a presence in the Chinese market, you’ll be subject to more attention than you might think,” he added.
The Chinese Government sees cyber as the pathway to cheat and steal on a massive scale
McCallum described China’s efforts to acquire Western expertise, technology, research as a planned and professional “coordinated campaign on a grand scale” that has been strategically executed across decades.
China’s efforts have stepped up significantly, McCallum said, with MI5 running seven times as many investigations against Chinese activity today than in 2018.
“The most game-changing challenge we face comes from the Chinese Communist Party. It’s covertly applying pressure across the globe,” said McCallum. Threats MI5 is working to counter include covert theft of trade secrets, patient cultivation of contacts, and establishing a “debt of obligation.” Advanced persistent threats are deployed when needed, too.
The MI5 director also warned that China was working to change attitudes to suit the Chinese Communist Party’s interests and support it dominating the international order – and playing the long game to normalize mass theft as “the cost of doing business these days.”
Wray added that in the US, China’s efforts spare none and are visible in both big cities and small towns, Fortune 500s and startups, and across everything from aviation, to AI, to pharma.
The FBI director then referred to China’s hacking program as “lavishly resourced” and “bigger than that of every other major country combined.”
“The Chinese Government sees cyber as the pathway to cheat and steal on a massive scale,” said Wray.
Wray said the efforts were not just big, they were effective, offering the following insight on cyber attacks:
Over the last few years, we’ve seen Chinese state-sponsored hackers relentlessly looking for ways to compromise unpatched network devices and infrastructure.
And Chinese hackers are consistently evolving and adapting their tactics to bypass defenses. They even monitor network defender accounts and then modify their campaign as needed to remain undetected.
They merge their customized hacking toolset with publicly available tools native to the network environment—to obscure their activity by blending into the ‘noise’ and normal activity of a network.
However, he warned, it’s not just through hacking that the Chinese state-backed threats act, but “by making investments and creating partnerships that position their proxies to steal valuable technology.”
Wray described all Chinese companies as beholden to the Chinese Communist Party (CCP) in some form, with the government disguising its intent to obtain influence.
Efforts include creating elaborate shell games to outsmart government investment-screening programs, passing statutes like the 2015 critical infrastructure law that requires companies to store data domestically and convenient for government access. He cited a 2020 law that required malware-laden Chinese software be used by foreign companies filing taxes – forcing the companies into installing their own backdoors – as another example of the CCP at work.
On the same day as the two spook bosses issued their warnings, the US National Counterintelligence and Security Center issued a bulletin [PDF] offering more detail of China’s efforts by detailing tactics used by Beijing to infiltrate US business and government for the purpose of exerting influence.
Know your foe
The FBI, NCSC, and MI5 all warned against confusing the Chinese diaspora with the CCP and Beijing.
“If my remarks today elicit accusations of Sinophobia, from an authoritarian CCP, I trust you’ll see the irony,” said Wray.
Liu Pengyu, spokesperson for China’s embassy in Washington, responded on Wednesday denying interference, accusing the US of cyberattacks itself and characterizing criticism as “US politicians who have been tarnishing China’s image and painting China as a threat with false accusations.”
China’s foreign minister Wang Yi and US secretary of state Antony Blinken are scheduled to meet at the G20 Foreign Ministers’ meeting this week. The agenda, according to Chinese state-sponsored media is “to exchange views on current China-US relations and major international and regional issues.”