Chinese Corporate Cyber Espionage by Christopher R. Lew Ph.D

I attend some of the talks at security conferences for technical interest, others for political interest. This one, at 2013 B-Sides San Francisco was the latter and Mr. Christopher R. Lew, author of several Chinese history books, did not disappoint; it was immensely interesting. That morning I had been watching a news report in the hotel on Chinese espionage with various pundits debating the issue and one military official in particular underscoring the seriousness of the threat and how we as a nation need to get off our collective butt and respond to it. So that was great preparation for this talk.

B-Sides San Francisco

Historian Christopher R. Lew

Christopher R Lew China Politics & Cyber Espionage

I went into the talk prepped with the U.S. side of the issue and then the speaker gave the Chinese side. Mr. Lew is an academic Chinese historian with security knowledge. His education has given him a cultivated sense of where China is coming from historically and how that shapes that culture’s plan for its future survival. He started off with a boilerplate disclaimer about his opinions being his own and not intended to necessarily reflect those of his company or the United States so perhaps I should do the same.

The opinions of this talk represented here are solely those of M. J. Power and do not necessarily reflect the editorial views of NT OBJECTives or its affiliates, the United States, China, Earth, or the known or yet to be discovered Universe. I daresay God might agree with me, but only if the atheists are correct concerning His existence.Chinese political system and cyber espionage

Chinese Political System

The speaker started off talking about most people’s impression of the Chinese political system and how that impression is incorrect. Most people according to him think that the government has a lot of control but that there are more or less autonomous business and other entities that much like this country have to render unto Caesar but are otherwise, at least somewhat, self-determining. This is incorrect. The Chinese Communist Party (CCP) (not to be confused with the CCCP – Cyrillic abbreviation for the Soviet Union :->) controls everything.

Russian and Chinese Politics and Imports

Side note: More than idle Nerd humour in the parens there, it would be an interesting inquiry for any poli-sci student to compare and contrast the Russian and Chinese approaches to communism in the 20th century and the Russian and Chinese approaches to capitalism in the 21st century.  I can offer some firsthand knowledge.  Our company employs Russian emigrants and some actual citizens of Russia.  But we do not employ any Chinese nationals (that we know of).  

On the other hand, my home, like yours, is filled with stuff that was Made in China.  I even have a couple of items that were Hecho en China (thought I might have woken up in TJ with no memory of how I got there when I first saw that… both kindeys intact though).  My earliest memory of noticing and being kind of surprised that something I bought was Made in China was in 2,000 when I bought a 750MHz Win98 computer which I still have (Спасибо Китайский Народов для великам информацам технологиям).  If you want to buy something Made in Russia however, you have to do a bit of digging. Though I did see some cool stuff at the hobby store that was.

So back to the talk… the realities of the Chinese political system make it highly unlikely that corporate/militiary IT attacks by enterprising independent hackers for personal gain are going on. It is in fact being ordered by the CCP. Further, continuing the above point, the People’s Liberation Army of the Republic of China (PLA) and all the corporations are directly controlled by the CCP. The corporations present a conventional corporate Board of Directors sort of face when dealing with the rest of the world but that is a façade; the companies are indeed motivated by profit but their primary purpose is to serve and be under direct control of the government. The CCP is so ingrained in Chinese culture that one might as well say that they speak English when dealing with English-speaking clients but we suspect that behind the scenes they might be Chinese.

So, the Army, the corporations, everything, is part of the Chinese Communist Party.  Therefore any cyber-espionage would have to be tolerated by said government. “Tolerated” being the conciliatory way of saying instigated by it. As far as the citizens are concerned, the state filters what you see and do. Sort of like блат in Soviet Russia or, “it’s not what you know but who you know,” in this country, the Chinese citizens know the game (2 steps forward, 1 step back) and have ways of dealing within the system. For example, after a PLA employee does his/her prescribed work in the prescribed hours, if he/she greases the right palms, he/she can then use the state equipment (truck, computer, etc.) for personal projects in off hours.  This would seem to contradict what has been said so far but not really. These personal projects are not going to scale very large or get very far.

A thread that ran throughout the talk was that of ethical justification. China, and specifically the dictatorship government of China, is engaged in military and commercial oriented cyber-espionage and rather brazen and unapologetic about it. Theirs is basically a “cost of doing business” argument. That is, espionage is simply something that great powers do. It also stinks of “boys will be boys” insofar as it is a macroscopic version of that microscopic copout. I recall reading that at Nuremberg when Göring was first captured he was rather jubilant and jovial towards his captors basically taking for granted that as a head of state he would naturally be accorded certain courtesies and spared the culpability that is necessary to impose upon the lower classes, based on the idea that the Nazi government was simply doing what all governments do.

As the proceedings continued and it became ever more evident that he would be held accountable, this changed and ultimately he bit a cyanide capsule and cheated justice. In that earlier time though, a journalist asked him how one prosecutes a state such as Nazi Germany and he said something to the effect of, “indeed, how are you going to get the farmer to put down his hoe and go off and fight possibly to the death… you do it with slogans, rousing anthems, pomp and circumstance.” The journalist betrayed his (or maybe it was her) own conceits by then saying, “sure, in a dictatorship but not in a democracy.” To which Göring sardonically replied, “same in any state, democracy, dictatorship, whatever.” So pardon my, I think, relevant all-states-are-basically-the-same diversion… back to the speaker’s thesis:  basically it is upon us (the United States) to let them know that cyber-espionage is unacceptable by fighting/preventing it.

Made in China1Made in China3

So all the above is the what, what is the why? The Chinese government sees the future of the country as depending on double digit economic growth, continued growing of the middle class, and maintaining a strong military. Ultimately they want the rest of the world to have to come to them for any industry be it green energy, IT, biotech, whatever. No great surprise there either; that is what every nation wants. Their strategy for leapfrogging the rest of the world and particularly the West is indigenous innovation wherever possible with espionage to fill in the cracks. Espionage of both a military and commercial nature. The speaker implied that ideology is giving way to materialism. This is an interesting point of view to someone like me as I have come to regard ideology (any ideology) as nothing more than a wealth hoarding strategy. That confirms the speaker’s position but from the other direction. I might say, “if you can’t feed them food and material goods, feed them bullshit,” to the speaker’s, “if you can’t bullshit them (anymore), give them food and material goods.”

Further, the speaker has noted that there is always a big picture to the Chinese espionage.

If we enlarge our view to encompass the forest, we will see that each individual tree (act of espionage) is part of a coordinated effort to increase the efficacy of Chinese industry and military might. One act of espionage can and often does facilitate another. Supply chain dynamics prescribe the attack strategy and coordination. An example is the recently unveiled Chengdu J-20 stealth fighter. It looks a good deal like an F-22 Raptor with canards. No coincidence… it was built in part from espionage of Lockheed/Martin and has Russian engines.  It is interesting to review the Cold War for some insights here.


America’s preoccupation with the USSR was primarily military in nature and that was the sort of espionage about which the US principally worried.  At Farnborough in 1989, an article in Flying magazine declared that, “these latest examples of Soviet aeronautical engineering (AN-225, MiG-29, Su-27) dispel the notion that Soviet military aircraft are simply Fred Flintstone copies of Western designs.”  That sums it up… the biggest threat from the USSR was not when they were copying our stuff but when they were innovating.  Further supporting that thesis, it is common knowledge that Stalin had spies in the Manhattan Project but it seems to be not common knowledge that their espionage, while comprehensive, was of strategic value in simply knowing the existence of the American atom bomb and not so much how it is made.

The Soviet scientists did build their first bomb with the espionage knowledge because they didn’t want to risk getting Stalinated if their bomb design didn’t work.  But they had their own design which did, in fact, work. The China problem is more complex. The threat is military and industrial and the corporate espionage weakens the US a lot more than the Soviets building airplanes that look like B-29’s, Vickers VC-10’s, F-111’s, etc. The economic/cultural threat is much more profound and has the potential to resonate through much more of the future than the military threat. The Cold War had a life limit measured in decades because, though there was a lot of ideological posturing, the conflict was primarily conducted in a pugilistic manner.  Evaluating both China and the EU, the United States strategy for long term survival needs to be continued innovation and careful protection of its intellectual property.

About M. J. Power 22 Articles
Connect with Mike on Google+

1 Comment

  1. The most likely reasons for a possible US vs China war could be a US invasion of North Korea or an escalation of the Taiwan dispute. A war of such nature would be fought in the Pacific, which would be of advantage to the better equipped-and-trained US Navy. However, if the US decides to secure its position by invading China, the outcomes would be quite different…and devastating. To understand this in a realistic perspective, what follows is a multi-dimensional analysis of a possible US-China war scenario, encompassing historical trends with the (known) present day military capabilities of both countries.

Leave a Reply

Your email address will not be published.