Defence

Made in China: Corporate Espionage in the United States

April 21, 2021

Michael Ellmer

 

Chinese subversion, in its various forms, is one of the largest geopolitical threats to the United States in contemporary times. Corporate espionage is a proven method used by the Chinese government in order to conduct an internal soft war against the US and its superior conventional military force and homeland defence.

 

Despite its connotation with the industrial and digital age, the practice of corporate espionage can be traced back centuries. According to Mara Hvistendahl at Foreign Policy“From classical Greek cities to modern U.S. corporations, the theft to trade secrets has marked a transfer of power almost as routinely as bloodshed. The methods have switched from old-fashioned spying to online hacks, but the motivation remains the same: winning.

 

Francois Xavier d’Entrecolles was a 17th century Jesuit “known for his friendliness and wisdom”. d’Entrecolles charismatic personality and keen intellect allowed him to in tandem be an effective travelling missionary for his religious order and a chronicler of the cultural transfer he experienced abroad.

 

In 1698, d’Entrecolles was sent to China with a small detachment of Jesuits, and his primary mission digressed from theology. Back in France, Chinese manufactured porcelain – originating from the Chinese city of Jingdezhen – was a highly sought after good among the middle and upper class. D’Entrecolles was tasked with learning the methods and materials required to manufacture porcelain. This mission was an early account of what is now classified as corporate espionage.

 

 

Corporate Espionage Defined

 

According to the United States FBI, corporate espionage is “foreign power-sponsored or coordinated intelligence activity directed at the U.S. government or U.S. corporations, establishments, or persons, designed to unlawfully or clandestinely influence sensitive economic policy decisions or to unlawfully obtain sensitive financial, trade, or economic policy information; proprietary economic information; or critical technologies.” This definition applies to industrial and economic espionage; two alternate and commonly used terms for the same practice.

 

On the 15th of June 1917, the US Congress passed the Espionage Act, which “made it a crime for any person to convey information intended to interfere with the U.S. armed forces prosecution of the war effort or to promote the success of the country’s enemies”. The US had just entered World War I, and the Wilson Administration viewed the substantial German population within the states as a possible threat, depending on the degree of loyalty to their fatherland. This congressional move set a clear definition of what espionage was and established a precedent for future cases.

 

 

Tactics, Techniques & Procedures

 

For the sake of brevity, it would be beneficial to establish the common TTPs behind modern corporate espionage, as a framework for analyzing its role within Chinese subversion.

 

  • Targets

    Target selection is based on the desired intelligence from the actor conducting the espionage. Within the corporate branch, primary targets are companies within the defense, tech, and financial sectors. Private companies spy on these targets to gain trade secrets and pertinent information on a competitor’s inner workings, but with the goal of financial gain. State actors have a similar goal, but instead of targeting for financial gain, their goal is to exploit a weakness or recovery information for a strategic advantage. Targets can be as large as a multinational conglomerate, or as small as an individual worker with relevant access or considerable influence within the target company.

 

  • Hacking

    The digitalization of society has been both a blessing and a curse in the business sector. With expediency of information transfer and data storage comes cybersecurity threats and a continuous cat and mouse game between system vulnerabilities and innovative hackers. A strong argument can be made that hacking is the apex of the corporate espionage methodology. It of course comes with challenges and limitations, such as facing a robust cyber-defence. Nonetheless, the ability for hackers to penetrate a system remotely, or use stolen system credentials to smoothly ease into a target’s network, add to its common appeal. Hacking could include phishing, malware insertion, and everything in between with the ease of access to a wide assortment of data extracting tools.

 

  • Sabotage

    By definition, sabotage is the deliberate destruction, damaging, or obstructing of “something”. If a foreign agent can infiltrate a company, either physically or digitally, the use of sabotage can cripple a research and development project, or even a company’s financial sector. This could amount to corrupting essential data on a target company financial or personnel records, or in an extreme sense, hacking into a target’s network and installing a destructive virus on infrastructure.   

 

  • Social Engineering

    With social engineering, actors can “hack” into the minds of their targets, and if successful gain access to sensitive information. Effective use of social engineering in corporate espionage can result in the acquisition of a company employees user information, which can then be used to gain unauthorized access to a target system. A skilled agent can utilize tactical questioning and HUMINT techniques to coerce a target into divulging information without them realizing it.

  

 

Made in China

 

China and corporate espionage have been married for many years and have seemingly never left the honeymoon phase. Instead of “losing the spark”, their relationship has only flourished in the current era, especially with China emerging as a possible future contender for the world’s number one superpower. Corporate espionage is an efficient way for the expedited accomplishment of the PRC’s lofty economic goals.

 

On the 19th of May 2015, China issued the “Made in China 2025” plan. According to their state council website, “The plan proposed a ‘three step’ strategy of transforming China into a leading manufacturing power by the year 2049”, which is coincidentally the People’s Republic of China’s 100th anniversary of existence.

 

Underneath that plan lies ten key sectors that the PRC labels as a priority: New information technology, high-end machine tools and robots, aerospace equipment, ocean engineering equipment and high-end vessels, high-end rail transportation equipment, electric-saving cars and new energy cars, electrical equipment, farming machines, new materials (such as polymers), and bio-medicine (including high-end medical equipment).

 

According to the Council of Foreign Relations, “Beijing’s ultimate goal is to reduce China’s dependence on foreign technology and promote Chinese high-tech manufacturers in the global marketplace.” With that, one may argue that the US supplies the bulk of foreign technology annotated in the quote. In order to advance past that dependence, corporate espionage almost seems like a requirement on the side of the PRC, especially with the currently fractured Sino-US relations.

 

National level planning documents have shed light on the strategic collection objectives of the PRC, as written by Nicholas Eftimiades in his book Chinese Espionage Operations and Tactics. Those documents are “used as the basis for China’s collection – legal or otherwise – of foreign technology.” Furthermore, specific collection objectives that coincide with the “Made in China 2025” plan have been proven to be the “targets of more than half of China’s global economic espionage efforts.”

 

The waters are murky regarding the symbiotic relationship between China, the US, and economic dependence. Even though the PRC may be taking steps towards economic independence, the road to that goal has been built using the tradecraft of corporate espionage.

 

 

 

Image: The Hacker News (link)

 

 

Related Post