U.S. INTELLIGENCE OFFICIALS ALSO OBSERVED HACKED INFORMATION BEING TRANSFERRED FROM DATA CENTERS CONTROLLED BY CHINESE INTELLIGENCE AGENCIES TO QUASI-PRIVATE, QUASI-PUBLIC CHINESE DEFENSE BUSINESSES.
American officials stewed as
new fighter jets and other weapons systems
stolen U.S. designs. Using their own technical spying capabilities, U.S. intelligence officials also observed hacked information being transferred from data centers controlled by Chinese intelligence agencies to quasi-private, quasi-public Chinese defense businesses. Years ago, though, this purloined data would remain with Chinese companies for “competitive uses,” said a former senior NSA official. It was like “a gift to be used effectively” from Chinese intelligence to its defense sector partners, this person recalled. This earlier model of cooperation, however, was unidirectional, with data passed from China’s spies to its own industrial base, as part of Beijing’s race for technological parity with Washington.
But the use of private Chinese conglomerates to provide the know-how and data-processing firepower for China’s intelligence apparatus represents a new stage in this evolution, U.S. officials say. “The companies they are using are portraying themselves as large, legitimate, multinationals that have footprints across jurisdictions,” said the former Trump-era national security official. “These are not simply tiny little . . . defense contractors working inside China. They are major multinationals with footprints all over the world.” China’s “use of their private sector entities furthers not only their intelligence gathering, but processing,” said Ryan, the former top NSA official.
Key legal restrictions and cultural norms mean American spy agencies cannot induce U.S. firms to sift through the fruits of its own cyberspying; they have had to build these data analysis capabilities for themselves, U.S. officials say. And they cannot, for example, commandeer private U.S. companies’ data-processing power to help them create a composite picture of what the Chinese know about, say, U.S. government employees based on Beijing’s prior hacks. But synthesizing these parallel databases has been a priority for U.S. officials, who have worked to mirror image at least some of what they believe the Chinese possess, according to three current and former senior officials. This can be a laborious process. “It took us forever to condition” the data from the OPM breach, the current senior intelligence official said.
But when U.S. officials eventually analyzed all this data, the picture that emerged about what, in fact, the Chinese knew was not a pretty one. U.S. intelligence reporting on the subject is “sickening to your stomach,” the senior intelligence official said.
we examine the emerging laws, regulations, and technologies that are both enabling greater data collection and impacting cross-border data flows. This series catalogs the data localization laws, comprehensive national data regulations, government data collection, and monitoring and surveillance technologies that are shaping the global data governance landscape and carrying wide-ranging impacts for individuals, companies, governments, multilaterals, and non-profits.
“Look at Equifax. Add Anthem, the financial stuff, Marriott, there’s nothing they don’t know about us,” said the current official, referring to a series of breaches of U.S. firms perpetrated by Chinese hackers. “We are constantly trying to mimic what they do know” about Americans who might be targets for Chinese spies, they said. “And then we marry that up with intelligence that we get about what their interests are. Then we go back and give defensive briefs” to these potential targets, the current senior official said. “That’s kind of the new business model we have right now.”
China might be testing out a “new business model” as well, Trump-era officials fear. During the first few years of the Trump administration, conversations “bounced around” at the National Security Council and within U.S. intelligence agencies on how China’s hunt for security through data—through, for instance, synthesizing data from Marriot, Equifax, OPM, and other hacked organizations to identify U.S. spies—may have converged with its larger economic objectives, according to the former Trump-era national security official. The thinking “is still relatively immature” in that area, this source said. But U.S. officials believe China may be leveraging stolen personal information to attempt to undermine the American economy, through putting companies
in strategically important business sectors, even if these companies don’t perform classified work.
These datasets might also be used to benefit Chinese businesses in other ways, officials say. “If I’m looking to expand a hotel chain or expand into the international travel market, having United Airlines, Marriot, or American Airlines customer records” could provide Chinese firms clear potential advantages “for due diligence and market research purposes,” said Kanuck, the former top U.S. cyber-focused intelligence official. Likewise, Kanuck said, the hack of Anthem could give Chinese firms obvious insights into the U.S. health care market. The massive data tranches could also be used as inputs to build better algorithms for artificial intelligence programs, officials say.
While some of this weaponized data could be derived from hacks, Trump-era officials also worried that attempted investments in U.S. firms by some Chinese businesses was aimed at gaining control over personal data in U.S. companies’ possession—which could then be passed back to the Chinese intelligence services. The Trump administration’s increased use of the Committee on Foreign Investment in the United States process—in which an interagency group reviews foreign purchases for national security threats—to block takeovers of some U.S. companies by Chinese firms was
, officials say.
Then-Chinese Vice President Xi invites then-U.S. Vice President Joe Biden to view an honor guard during a welcome ceremony inside the Great Hall of the People in Beijing on Aug. 18, 2011. Lintao Zhang/Getty Images
Navigating the U.S.-China relationship will be the most momentous foreign-policy challenge for the incoming Biden administration. But in the vanishingly small world of bipartisan officialdom, the integrated threat posed by Beijing may represent the last great unifying issue in the national security sphere. The Biden administration’s China strategy seems likely to be a difference in degree from its predecessor, not in kind.
For American national security officials, deep worries about the Chinese government’s relationships with its world-spanning private sector companies—including telecom giants like Huawei, massive e-commerce platforms like Alibaba, and social media behemoths like ByteDance, which operates the TikTok platform—will increasingly influence the U.S.-Beijing relationship. China has already succeeded in isolating one out of every five humans on the planet from the global data ecosystem; now, in a defensive mirror image, U.S. policymakers are instituting more stringent controls aimed at segregating Americans’ data from Chinese companies—and, by extension, Beijing’s formidable intelligence apparatus.
DRIVEN BY FEARS OVER INTERNAL INSTABILITY AND EXTERNAL THREATS TO ITS RULE, THE CHINESE COMMUNIST PARTY HAS DETERMINED THAT DATA SECURITY IS TANTAMOUNT TO REGIME SECURITY.
Driven by fears over internal instability and external threats to its rule, the Chinese Communist Party has determined that data security is tantamount to regime security. But this strategy creates some internal tensions for Beijing. “The Chinese cybersecurity system today requires backdoors into every single company and individual in China,” said a former senior intelligence analyst. “And they are willing to admit that these [backdoors] could enable attackers and may decrease the cybersecurity of the companies.”
This is a trade-off China’s leaders seem willing to make, at least for now—even though these policies may catalyze an economic decoupling with China’s most important trading partner, and even though this decoupling might itself drive domestic instability. Meanwhile, the bear hug between Chinese intelligence and Chinese industry continues to squeeze together ever more tightly. After all, said the former senior intelligence analyst, “this is a country with omnipresence in its companies.”
Editor’s Note: This is the third in a three-part series. The covers how the data wars began between the two nations after CIA networks were uncovered in China. The covers how U.S. sources in China went dark at a critical moment during Xi’s rise, while Beijing’s hacking continued.
