China Heads List of International Technology Thieves
A U.S. Justice Department initiative seeks to stem the hemorrhaging.
U.S. trade secrets are being stolen by Chinese espionage at an alarming rate, and a Justice Department initiative is focusing on stopping the stealing. While cyber espionage is well known and hugely effective, the insider threat has shown to be equally damaging as the Middle Kingdom fuels its economic and military sectors with state-of-the-art U.S. technology.
The past two years has seen a pronounced increase in China’s state-sponsored theft of trade secrets, reports Jay I. Bratt, chief of the counterintelligence and export control section in the National Security Division of the Justice Department. China is actively seeding academia and research institutes with people who would have an incentive to provide technology, and it has aggressively targeted former members of the U.S. intelligence community who have not been successful in their private sector lives.
Bratt explains that his section’s main focus is the nation-state threat, as opposed to the counterterrorism section’s non-state actor threat. His section deals with counterintelligence, state-sponsored cyber, foreign influence and export control and sanctions. China is active across all of these portfolios, he states.
Bratt notes that China is not the only nation targeting U.S. trade secrets for espionage. Russia, Iran and North Korea round out the quartet that actively pursues U.S. secrets. Iran is highly focused on gaining U.S. commodities that can be used in industrial and military applications. The oil and gas industries in particular can benefit from U.S. systems, and Iran’s missile and nuclear programs seek U.S. technology to reach their aims. Bratt offers that more than 40 percent of his section’s export control cases each year involve Iran, and that has remained constant before, during and after the Iran nuclear deal. “Iran is probably the leading violator when it comes to seeking to acquire U.S.-origin commodities and services in support of its industries and its military,” he declares.
He continues that his section has seen an increasing number of North Korea “proliferation finance” cases over the past few years. With the rogue nation suffering under the weight of UN sanctions, it is badly in need of hard currency, so it is using front companies to engage in otherwise-prohibited U.S. dollar transactions.
Russia continues to steal U.S. trade secrets, with Bratt citing an aerospace case his section brought last year. And, as with Iran and China, cyber is a major medium for Russian espionage efforts.
But China’s efforts are the most comprehensive and most alarming, so the Justice Department has focused its efforts through its China Initiative. This represents an effort to counter China’s national security threats by “identifying and prosecuting those engaged in trade secret theft, hacking and economic sabotage,” according to the initiative.
“You see it across a range of industries,” Bratt says. “You see it particularly in the high-tech sector.” He cites one pending case in which a Chinese company stole trade secrets for the development of dynamic random-access memory (DRAM) chips from a California firm. Suddenly, a Chinese company, using the trade secrets of a U.S. company, displayed a DRAM manufacturing capacity out of nowhere. “That threatens a major sector of the high-tech industry that the U.S. has developed over the years,” he points out.
Both cyber espionage and the insider threat are well-represented in Chinese espionage efforts, Bratt allows. Some cyber intrusions insert malware into a network, which agents use to exfiltrate trade secrets. One case involved a person who recruited hackers on behalf of the Chinese military to break into an aerospace company and steal secret information.
“It may be harder sometimes to do the cyber intrusions,” Bratt says. “Certainly having an insider or someone who has a motive to steal the technology and turn it over to a foreign country is an equal opportunity crime.”
This illustrates an obvious vulnerability—the people who are hired. Bratt says a company must have enough fail-safes built into its system to be able to recognize when a theft is occurring. “Making sure you are capable of finding the theft when it occurs is a key to deterring it,” he states. Another key activity is to vet people when they are hired.
The department learns about most of these thefts from industry, Bratt relates. Most companies have insider threat programs, and they will notice if someone is downloading large volumes of data from their network or sending data-rich emails with large attachments from company addresses to outside ones. It is important that companies report these types of conduct to the FBI immediately, he says.
Jay I. Bratt will be discussing Chinese technology espionage issues in a panel discussion at the AFCEA/INSA Intelligence and National Security Summit, being held online September 16-18, 2020.