FBI Director Warns of Chinese Espionage Threats

FBI Director Christopher Wray said in an interview on CBS’s Sunday news program 60 Minutes that the current level of cybersecurity threats from China was “unprecedented in history” and highlighted the country’s attempts at cyberespionage.

“The biggest threat we face as a country from a counterintelligence perspective is from the People’s Republic of China,” he stated. “They are targeting our innovation, our trade secrets, our intellectual property on a scale that’s unprecedented in history.”

He pointed to the Chinese Communist Party’s hacking program, which he said was larger than that of every other nation combined.

“They have stolen more of America’s personal and corporate data than every nation combined,” Wray continued. “It affects everything from agriculture to aviation to high-tech to healthcare, pretty much every sector of our economy.”

He explained that anything that makes an industry tick is a target, and that, in response, the FBI is opening a new Chinese counterintelligence investigation about every 12 hours. He added that there is “well north” of 2,000 of these investigations ongoing, involving all 56 of the organization’s field offices.

“It’s a measure of how significant the threat is,” Wray said.

Partnering to Deter Chinese Cyberespionage Threats

Wray also highlighted the need to work closely with partners in the international community and with private companies at home in the U.S. to help protect critical infrastructure.

SaaS Alerts, a provider of a platform that managed service providers (MSPs) employ to secure software-as-a-service (SaaS) applications, published a report in March suggesting a significant level of collusion occurring among cyberattacks being launched from within Russia and China.

Phil Neray, vice president of cyber defense strategy at CardinalOps, a threat coverage optimization company, explained China has been a top nation-state threat for many years, given their strategic use of cyberespionage to acquire expertise in key technologies such as biotech, semiconductors, defense and energy, by stealing proprietary intellectual property from the west.

He added they’ve also targeted PII in attacks against government organizations like the Office of Personnel Management (OPM) and large health insurance organizations like Anthem, two of the largest data breaches in history.

“Organizations need to protect themselves by deploying continuous monitoring at all levels of their infrastructure, including endpoints, network, cloud and identity,” he said.

They must also ensure they have SOC detection policies in place that match the latest adversary techniques employed by Chinese attackers such as DeepPanda, as documented in the MITRE ATT&CK framework.

A Two-Fold Threat

Casey Ellis, founder and CTO at Bugcrowd, a crowdsourced cybersecurity specialist, said the specific threat to the U.S. from China, in his opinion, is two-fold: Corporate espionage in the form of intellectual property theft and data theft from general intrusion to provide insights in support of the Chinese Communist Party’s (CCP) economic warfare strategy.

He explained the main differentiator when it comes to the Chinese cybersecurity threat is that the CCP’s position on global economic dominance (including the disruption of the dominance of America’s existing hegemony) is a clearly articulated issue of public policy, has been for decades and that China has an investment in and technical focus behind it that most other countries don’t have.

“Organizations need to protect themselves from this in the same way they would any espionage threat—understand what constitutes the ‘crown jewels’, prioritize the defense of and detection around these assets and perform threat modeling the likelihood and veracity of an intrusion.”

He added that the interesting thing, here, is that the threat to the average consumer is an abstract one: Data stolen for nation-state espionage isn’t, for example, likely to be used for fraud if the threat actor is Chinese.

“The main threat to the average consumer, as is true for most nation-state threat actors, is dis/misinformation, weaponized memes and subversive propaganda through social networks and traditional media,” Ellis explained.

Last October, the former chief software officer for the U.S. Air Force, Nicolas Chaillan, said the U.S. is falling far behind China in cybersecurity. In a no-holds-barred interview, he unloaded his frustrations, built up over three years of what he called inept bungling at the Pentagon.

He quit his job last month in disgust, warning, “We are setting up critical infrastructure to fail.”

Nathan Eddy

Nathan Eddy is a Berlin-based filmmaker and freelance journalist specializing in enterprise IT and security issues, health care IT and architecture.

nathan-eddy has 240 posts and counting.See all posts by nathan-eddy