Business 101

Don’t bring your cell phone to meetings in China, you might get hacked

September 28, 2012
September 28, 2012

As part of their rush to meet the Party’s impatient expectations for technological progress, Chinese entities appear to have become the world leaders in cyber-hacking and theft of trade secrets. Combined with anxiety about losing their technology to Chinese partners, foreign executives in China sometimes behave as if they are operating behind enemy lines. 

The forced technology transfer features of Chinese industrial policies have generated deep distrust. But industrial cyber-espionage and cyber-hacking from China is prompting companies to act as if business in China constitutes a form of economic warfare.

In an October 2011 report to Congress, 14 US intelligence agencies identified China as the No. 1 threat to US firms through cyber-hacking and the theft of trade secrets. While the report detailed many Chinese government policies that appear to support and encourage these activities, the intelligence agencies stopped short of saying the Chinese government is directly involved. Some analysts believe that state-owned enterprise national champions—under tremendous pressure to innovate but incapable of doing so—are significant drivers of Chinese industrial cyber-espionage. “Chinese actors are the world’s most active and persistent perpetrators of economic espionage,” the US government report stated. “US private sector firms and cybersecurity specialists have reported an onslaught of computer network intrusions that have originated in China, but the IC (intelligence community) cannot confirm who was responsible.”

According to the October 2011 report to the US Congress, the areas most threatened are:

  • Information and communications technology, which forms the backbone of nearly every other technology.
  • Business information that pertains to supplies of scarce natural resources or that provides foreign actors an edge in negotiations with US businesses or the US government.
  • Military technologies, particularly marine systems, unmanned aerial vehicles and other aerospace/aeronautic technologies.
  • Civilian and dual-use technologies in sectors likely to experience fast growth, such as clean energy and health care/pharmaceuticals.

It should be no surprise that seriously schizophrenic behavior by multi-nationals in China is becoming the norm. CEOs continue to display big smiles and voice “win-win” rhetoric when visiting. But their in-country executives often behave as if they are working behind enemy lines. Corporate conference calls discussing anything remotely sensitive no longer take place on Chinese telecom networks. Some multinationals don’t even trust the Hong Kong phone system. They instead require executives to travel to South Korea to make important calls, or fly home for face-to-face meetings. Many technology multinationals and foreign governments forbid their people from bringing smart phones or laptops to China, and some US government officials are forbidden to connect to the government network (.gov) from within China’s borders.

Ken Lieberthal, a former top Clinton administration China policy-maker who now heads a China center at the Brookings Institution, described his own protocol to the New York Times. Instead of his own electronics, he brings a “loaner” cellphone and laptop, and he wipes the laptop clean upon his return. In China, his phone never leaves his sight and during meetings he turns it off and removes its battery to avoid having the microphone turned on remotely. To bypass any key-logging software, he brings his Internet passwords on a flash drive to copy and paste them rather than typing them in.

As Jacob Olcott, a cybersecurity expert at Good Harbor Consulting, told the Times, “Everybody knows that if you are doing business in China, in the 21st century, you don’t bring anything with you. That’s ‘Business 101’—at least it should be.”

Based on available information regarding attacks from China, Russia, and other countries, a former FBI agent estimates that the total value of the information stolen from corporate networks in 2011 reached almost $500 billion. Respected analysts, including James Mulvenon, a cybersecurity expert at Defense Group Inc., believe there is ample evidence to show that China is responsible for the vast majority of this loss. Google Inc., DuPont, Johnson & Johnson, and General Electric represent just a few of the companies that have admitted losing proprietary data to hacker- thieves, and several (including Google) have publicly pointed to China as the source of the intrusions.

In December last year Bloomberg obtained intelligence data indicating “at least 760 companies, research universities, Internet service providers and government agencies were hit over the last decade by the same elite group of China-based cyber spies.” Bloomberg said that the companies “range from some of the largest corporations to niche innovators in sectors like aerospace, semiconductors, pharmaceuticals and biotechnology.”

“What has been happening over the course of the last five years is that China—let’s call it for what it is—has been hacking its way into every corporation it can find listed in Dun & Bradstreet,” Richard Clarke, former special adviser on cybersecurity to President George W. Bush, told an October 2011 conference on network security. “Every corporation in the US, every corporation in Asia, and every corporation in Germany—and using a vacuum cleaner to suck data out in terabytes and petabytes. I don’t think you can overstate the damage to this country that has already been done.”

The Chinese government steadfastly denies these accusations. Given the ability of hackers to mask their location and affiliations, it has been impossible to gather court-ready evidence implicating Chinese authorities in cyber-theft. Six of the seven cases adjudicated in the US in 2010 under the Economic Espionage Act involved Chinese nationals. Some of these cases were limited to corporate espionage aimed at business gains. But others clearly involve economic espionage in which the state is both the guiding hand and the final beneficiary of the criminal activity.

Excerpted from No Ancient Wisdom, No Followers: The Challenges of Chinese Authoritarian Capitalism. Published by Prospecta Press, 2012. 

We welcome your comments at ideas@qz.com.

Top News

Powered by WordPress.com VIP
Follow

Get every new post delivered to your Inbox.

Join 26,363 other followers