James Scott - China’s espionage dynasty : economic death by a thousand cuts

Chinas Espionage Dynasty

Economic Death by a Thousand Cuts

Authors:

• James Scott (Senior Fellow - Institute for Critical Infrastructure Technology)
• Drew Spaniel (Researcher Institute for Critical Infrastructure Technology)

• Ryan Brichant, ICIT Fellow & CTO, Critical Infrastructure, FireEye
• John Sabin, ICIT Fellow & Director, Network Security and Architecture, GRA Quantum

Institute for Critical Infrastructure Technology

The Cybersecurity Think Tank

www.icitech.org

Copyright 2016 Institute for Critical Infrastructure Technology

All rights reserved.

No part of this report may be reproduced or transmitted in any form whatsoever, electronic, or mechanical, including photocopying, recording, or by any informational storage or retrieval system without expressed written, dated and signed permission from the authors.

DISCLAIMER AND/OR LEGAL NOTICES

The information presented herein represents the views of the authors as of the date of publication. Because of the rate with which conditions change, the authors reserve the rights to alter and update their opinions based on the new conditions.

The authors have strived to be as accurate and complete as possible in the creation of this report, notwithstanding the fact that they do not warrant or represent at any time that the contents within are accurate due to the rapidly changing nature of the Internet.

While all attempts have been made to verify information provided in this publication, the authors assume no responsibility for errors, omissions, or contrary interpretation of the subject matter herein. Any perceived slights of specific persons, peoples, or organizations are unintentional.

Joint Staff Department

Second Department

Third Department

Fourth Department

PLA Unit 61398/APT 1/Comment Panda/

Comment Crew/TG-8223

PLA Unit 61486/ APT2/Putter Panda/TG-6952

Deep Panda/APT 19/Shell Crew/Black Vine/Kung Fu Kitten

PLA Unit 78020/ APT 30/ Naikon

Axiom/ Winnti Group

Hurricane Panda

Gothic Panda/APT 3/UPS/Pirpi/Clandestine Fox/TG-0110

NetTraveler/Travnet/ Netfile

Mirage/APT 15/Vixen Panda/Ke3Chang/GREF/Playful Dragon

Hellsing/ Goblin Panda

Stone Panda

Nightshade Panda

Anchor Panda

Numbered Panda/ APT 12/ IXESHE/ DYNCALC/JOY RAT/ Etumbot

Hidden Lynx / Aurora

United Front Department

Overseas Chinese Affairs Office

Consulates and Embassies

United Front Department

Tongs and Hometown Associations

Triads and Street Gangs

Chinese Student and Scholars Associations

Front Companies

Insider Threats

Monitored Communities

The Institute for Critical Infrastructure Technology (ICIT), a nonpartisan cybersecurity think tank, is cultivating a cybersecurity renaissance for our critical infrastructure communities. ICIT bridges the gap between the legislative community, federal agencies and the private sector through a powerful platform of cutting edge research, initiatives and educational programs. Through objective research and advisory, ICIT facilitates the exchange of ideas and provides a forum for its members to engage in the open, non-partisan discourse needed to effectively support and protect our nation against its adversaries.

www.icitech.org

The criminal culture of theft that has been injected into virtually every line of Chinas 13th Five-Year Plan is unprecedented. From state sponsored smash and grab hacking and techno-pilfering, to corporate espionage and targeted theft of IP, the threat is real, the economic implications are devastating and Western Nations are the primary target of Chinas desperate effort to steal in order to globally compete. Never before in recorded history has IP transfer occurred at such a rapid velocity.

The all-encompassing, multifaceted onslaught of cyber-physical Chinese espionage targets industry genres from satcom to defense and from academic research to regional factories manufacturing proprietary blends of industrial materials. China seeks to not only steal but to economically interrupt and cripple. Economic warfare is just as much a part of the strategy as catching up to Western innovation and becoming less dependent on foreign technology. Chinese student and scholar associations, trade organizations, legions of strategically placed insider threats and yes, even criminal organizations such as the Triad, all play their key role in the purloining of intellectual property in contribution to the Chinese agenda. This report covers the primary structure of Chinese espionage initiatives.

Chinas Thirteenth Five-Year Plan (2016-2020) focuses on cutting edge technology and socio-economic reform. The plan calls for innovative technology to improve national infrastructure and more environmentally friendly technology to alleviate Chinas ecological footprint. By 2025, China wants to improve its national technological core, reduce the global perception that its products are of inferior quality (likely by improving their quality by modernizing the underlying manufacturing infrastructure), and diversify its domestic industrial markets. While China will develop some of the technology necessary to aspire towards these goals as the result of the intellectual endeavors of its people, the majority will likely be obtained as stolen intellectual property from the United States and other nations. As ICIT Fellow John Sabin (GRA Quantum) observed When you understand Chinas desire to be a global leader across markets, you can rationalize their preference to simply steal intellectual property. Say, for example, they want to become the world leader in pharmaceuticals. Instead of investing billions of dollars supporting science education and the development of a robust and innovative biomedical industry, China can simply leverage what it already has a competitive advantage in hacking and steal an American companys drug formula in a fraction of the time. The remainder of the plan focuses on balancing welfare gaps and bridging socio-economic differences. Since it is unlikely that the Chinese Communist Party (CCP) will reform its structure to support a more inclusive approach to governance, attempts at improving the standard of living of the Chinese people will likely be gleaned from organizational, structural, and operational models created from dossiers and data exfiltrated from systems belonging to Western organizations. In short, like its predecessors, a majority of Chinas Thirteenth Plan depends on sustained espionage against countries like the United States, Canada, and Australia.

The United States is built upon an intangible economy. Gone are the days when American currency was backed by gold or silver; now, it is backed by ideas. The entire United States economy relies on some form of intellectual property because every industry either produces or uses it. In their March 2012 Intellectual Property and the U.S. Economy: Industries in Focus report, the Economics and Statistics Administration of the U.S. Patent and Trademark Office identified 75 out of 313 industries as IP -intensive. These accounted for 27.1 million jobs, or 18.8% of all employment in 2010. 12.9 million more supply chain jobs were indirectly supported by intellectual property. IP-intensive industries accounted for $5.06 trillion in value added or roughly 34.8 % of the U.S. GDP in 2010. Some researchers estimate that as much as an immediate $300-500 billion and 1.2 million jobs are lost every year due to the theft of intellectual property. These costs may be much greater in consideration of the losses over the potential lifetime of the property.