Chinese ‘Advanced Persistent Threats’ Have U.S. Companies and Consumers in Their Crosshairs

The People’s Republic of China is ramping up cyber-attacks against the United States—and not just against government agencies, but U.S. businesses and consumers as well.

“For too long, U.S. networks and data have been exposed to cyber threats based in China which are using that data to give Chinese firms an unfair competitive advantage in the global marketplace,” acting Secretary of Homeland Security Chad Wolf said in an advisory to U.S. businesses last month.

The advisory notes that China’s Data Security Law of 2020 “represents an even greater shift in the [Chinese Communist Party’s] attitude away from protecting Chinese data systems as a defensive mechanism, and toward collecting data as an offensive act.” A 2017 intelligence law requires Chinese companies and citizens to support the People’s Republic of China’s surveillance and data gathering efforts.

Gone are the days when China’s cyber-attacks narrowly targeted government and intelligence assets. More and more, its spying, theft and manipulation is directed at U.S. businesses and consumers.

Last March, FireEye reported “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.” The campaign targeted a broad range of industries, including finance and banking, health care, tech, universities, manufacturing, telecoms, pharmaceuticals and energy.

In September, the U.S. Justice Department unsealed charges against a group of hackers affiliated with China’s intelligence service, which had infiltrated more than 100 companies and organizations.

“The Chinese government has made a deliberate choice to allow its citizens to commit computer intrusions and attacks around the world because these actors will also help the [People’s Republic of China],” Deputy Attorney General Jeffrey Rosen said when the indictment was made.

The SolarWinds hack identified in December may have compromised the networks of as many as 18,000 companies, including prominent businesses like Cisco, Intel, Nvidia and Deloitte. The National Security Agency (NSA) and the FBI said this month the attack was “likely Russian in origin” (the agencies stopped short of a definitive confirmation). Even so, it provides a playbook for software supply chain attacks that could be replicated by other malicious actors, like China.

It may cost U.S. businesses and government agencies close to $100 billion to contain the damages from the SolarWinds attack.

China’s IP and technology theft costs the United States as much as $600 billion per year. Yet, many U.S. companies are either unaware or have disregarded the Chinese cyberthreat, by failing to adequately safeguard systems, purchasing hardware and software from Chinese companies with known ties to its government and military, and failing to follow proper security protocols.

NPR reported in 2019: “In dozens of interviews with U.S. government and business representatives, officials involved in commerce with China said hacking and theft were an open secret for almost two decades, allowed to quietly continue because U.S. companies had too much money at stake to make waves.”

As a result, many American’s personal information could be at risk.

In the coming weeks, China Tech Threat will explore China’s Advanced Persistent Threats (APTs) and the potential vulnerabilities to U.S. industries.