China outsources cyberspies

Non-state actors are a feature of all cyberspying. But in China, the use of non-state actors matches its historical method of espionage in China.

Center for Strategic and International Studies analyst James Lewis writing for the Lowy Institute:

China’s cyber espionage strategy combines both official programs and the coordination of unruly efforts of thousands of individuals, companies, and civil agencies as intelligence collectors. This broad, diffuse, cyber espionage collection program reflects the traditional Chinese approach to intelligence collection – instead of relying on officers operating under official cover, China’s approach has been described as “a thousand grains of sand,” where businessmen, researchers or students are asked to collect information when they visit a country

This accounts, too, for the profusion of Chinese nationals of a non-intelligence background living abroad who are expected to provide useful information to Beijing.

Online, however, it means there is less control over cybertheft from the top. China cyber-espionage includes official programs plus “independent actions by agencies and companies not directed by the central government” as well as individual criminal activities sometimes working for a larger organization.

As Lewis writes:

The central leadership in Beijing does not control all of these actors and it is not clear that it could control them if it wished to do so, despite strenuous efforts to keep internet freedom in check.

This was seen in the news surrounding the US indictments of the five China military officers for spying.

From the New York Times:

Some military and government employees moonlight as mercenaries and do more hacking on their own time, selling their skills to state-owned and private companies. Some belong to the same online social networking groups.

“There are many types of relationships,” said Adam Segal, a China and cybersecurity scholar at the Council on Foreign Relations in New York. “Some P.L.A. hackers offer their services under contract to state-owned enterprises. For some critical technologies, it is possible that P.L.A. hackers are tasked with attacks on specific foreign companies.”…

A hacker who jumps among wildly divergent victims, he said, is likely to be a contractor. In recent months, FireEye observed a hacker who took aim at foreign defense and aerospace companies, then hacked an online entertainment company. It appeared the hacker was a private contractor.

It’s something to keep in mind in discussions of US-China cyber competition. Without a doubt non-state actors are big in hacking in the US – but it’s not likely they form an integral part of official US cyberwar capabilities. The role of the Chinese cyberattackers suggests there are plenty of side deals between various parts of Chinese government and lone individuals undergirding China’s efforts. That means, Beijing probably couldn’t stop the cybertheft if it wanted to.

A cybersecurity cold war first: Xiang Li, sentenced

Xiang Li was sentenced to 12 years in US prison for selling pirated US software worth more than $100 million. Li is the “first Chinese citizen to be ‘apprehended and prosecuted in the US for cybercrimes he engaged in entirely from China.”

Yep, that’s right. US federal agents arrested Li on the Pacific island of Saipan, where they lured him in the expectation of delivering pirated software.

While it’s not the Cold War all over again, plucking some one off the street, or island shows a more active stance on the part of the US. Unlike the old US-Soviet conflict, trade channels between the US and China remain wide open. Perhaps, too wide. Perhaps this is the start of a narrowing. 

It will be interesting to see China’s response, or non-response. I could imagine the Chinese staying quiet, unwilling to let one software pirate’s extradition spoil the US-China relationship.

But the arrest and sentencing of Li supports the notion, articulated by outgoing White House national security adviser Tom Donilon, that cybertheft was at the “center” of the US-China relationship and not an “adjunct” issue.