China Involved in a Quarter of Significant Cyber Incidents in Past Year, Report Says

China Involved in a Quarter of Significant Cyber Incidents in Past Year, Report Says
A man types on a computer keyboard in Warsaw, on Feb. 28, 2013. Kacper Pempel/Reuters
Chriss Street
Updated:

One quarter of significant cyberattacks over the last 12 months were perpetrated from China, according to data from the Center for Strategic and International Studies (CSIS).

The Washington-based think tank monitors cyberattacks on government agencies, defense, and tech companies, or economic crimes with losses of over $1 million. Its latest global compilation of the cyberattacks over the past 12 months from China accounted for 28 of the 113 incidents.

In addition, a recent CSIS report (pdf) titled “Emerging Technologies and Managing the Risk of Tech Transfer to China” warned that despite deep interconnections between individuals, companies, and civilian agencies in China and the United States, “China’s government and some Chinese companies will use any means, legal or illegal, to acquire technology.”

“China is a determined, well-resourced, and persistent cyber-adversary,” the report said.

Despite a 2015 agreement between China and the United States to stop cyber-espionage for commercial purposes by state actors, Chinese cyber espionage and the theft of IP continue to cost the United States tens of billions of dollars annually, the report noted.

Unlike most cyberattacks that tend to emanate from criminal elements operating in other nations, the report said that the majority of China cyberattacks were performed by state-sponsored intelligence actors to obtain information on emerging technologies identified as strategic priorities by the Chinese regime, including telecommunications, healthcare, semiconductor manufacturing, and machine learning.

Given that “innovation is the cornerstone of future power,” CSIS said that “what was tolerable when China was a developing economy is no longer acceptable, particularly now that it is the second-largest economy in the world and a military competitor.”

China cyberattacks are increasingly integrated into “official collection programs with efforts by individuals, companies, and civilian agencies,” the report said. Instead of relying on intelligence officers operating undercover, China state-actors also recruit businessmen, researchers, and students studying and working in the US to acquire information.

The report suggested the United States mitigate such risks by using “regulation, negotiation, and measures to protect intellectual property.”

It also recommended modernized technology transfer restrictions on emerging technologies, similar to restrictions on foreign investment contained in the Foreign Investment Risk and Review Modernization Act (FIRMMA) modernized.
The report’s specific recommendations include:
  • Create new end-user controls focused on the Chinese government and military recipients for emerging technology;
  • Work with allies to limit Chinese investments that provide access to or control of emerging technologies;
  • Modernize export controls to move away from Cold War-style control performance thresholds; and
  • Increase FBI funding for counterintelligence activities.
It suggested reaffirming National Security Directive NSDD-189 protections for fundamental research. The Reagan-era directive established a national policy for controlling the flow of science, technology, and engineering information produced in federally-funded fundamental research at colleges, universities, and laboratories.

CSIS did not support a ban on Chinese workers and students, but noted that additional scrutiny was necessary for “graduate students in research areas with potential military applications or against “minders”—individuals sent to keep an eye on other Chinese students.”