New fears over Chinese espionage grip Washington

New fears over Chinese espionage grip Washington
© iStock

Fresh concerns over Chinese espionage are gripping Washington as lawmakers fear Beijing is gaining sensitive details on U.S. technologies.

Lawmakers are scrutinizing the Pentagon over its efforts to keep military secrets safe from hackers, after Chinese actors allegedly breached a Navy contractor’s computer and collected data on submarine technology.

U.S. officials stepped up warnings that China regularly steals American intellectual property and technology, through cyberattacks and other means — allegations Beijing denies.

ADVERTISEMENT

The issue took center stage at a congressional hearing Thursday, as lawmakers on the House Armed Services Committee pressed Trump administration officials on their efforts to protect U.S. military assets from Chinese spies.

The Washington Post reported earlier this month that hackers linked to the Chinese government had penetrated computers used by a contractor working for the Naval Undersea Warfare Center in January and February. The hackers stole over 600 gigabytes of data, including information on a secret submarine technology project.

Rep. Adam SmithDavid (Adam) Adam Smith Top Dem: Hard to see Trump-Putin summit 'as anything other than treason' Ocasio-Cortez draws ire from Democrats: ‘Meteors fizz out’ Overnight Defense: Washington reeling from Trump, Putin press conference MORE (D-Wash.), the ranking member of the Armed Services Committee, did not explicitly reference the incident, but noted a recent briefing on a cyber breach had left him concerned about the military’s protections against foreign-aligned hackers.

“It was shocking how disorganized, unprepared and quite frankly utterly clueless the branch of the military was that had been breached,” Smith said. “Even in this day and age, we haven’t figured out how to put together a cyber policy to protect our assets, in particular with our defense contractors we work with who store our data but not with adequate protection.”

Rep. Jim LangevinJames (Jim) R. LangevinHillicon Valley: New fears over Chinese espionage | T-Mobile, Sprint execs to testify on B merger | Cyber firm denies hacking back on China | Salesforce workers criticize border patrol contract New fears over Chinese espionage grip Washington Spotlight falls on Russian threat to undersea cables MORE (D-R.I.), a member of the committee, confirmed to The Hill after the hearing that lawmakers had been briefed on the incident, but declined to offer further details.

“The Armed Services Committee is engaged and we are meeting with [the Defense Department] to understand who was breached and what was taken,” Langevin said. He agreed that the government is not adequately addressing threats to the military supply chain.

“I’m going to be pressing to make sure that we rework and redo our contracting authority to require stronger cybersecurity protections,” he added.

The concerns over Chinese espionage are not limited to military technology.

Last Tuesday, a bipartisan group of lawmakers led by Sen. Marco RubioMarco Antonio RubioSenate GOP attempts to wave Trump off second Putin summit GOP senator: We should accept Trump's 'apology' for Russian election interference comments Controversial Trump judicial nominee withdraws MORE (R-Fla.) and Rep. Jim Banks (R-Ind.) asked Education Secretary Betsy DeVosElizabeth (Betsy) Dee DeVosDon’t worry (too much) about Kavanaugh changing the Supreme Court Overnight Defense: Fallout from tense NATO summit | Senators push to block ZTE deal in defense bill | Blackwater founder makes new pitch for mercenaries to run Afghan war Blackwater founder makes new pitch for mercenaries to take over Afghan war MORE to investigate research partnerships between Chinese telecommunications giant Huawei and U.S.-based universities. They suggested the partnerships could provide Beijing an avenue for stealing technologies being developed in America, posing a threat to national security.

Huawei declined to comment on the letter Friday.

Officials and lawmakers are trying to address the scope of the problem.

At the hearing Thursday, officials described a multifaceted effort by China to acquire information on U.S. technologies, particularly those developed for the government and military.

It includes the pursuit of research partnerships with academic institutions and government laboratories, in addition to cyber espionage campaigns that target defense contractors and IT and communications providers, they said.

Kari Bingen, the principal deputy under secretary of Defense for intelligence, told lawmakers that the Pentagon is implementing a “more comprehensive approach” to protecting sensitive information held by defense contractors, as well as unclassified but still valuable information held by the American defense industrial base.

Bingen declined to go into specific details in the public, unclassified hearing. But she did say the federal government needs to take a more aggressive approach to protecting sensitive information and deterring would-be hackers.

“There is a deep concern with [the] cyber data exfiltration issue, and it’s one that the Chinese in particular are targeting,” Bingen said.

“We are playing defense right now, particularly in the cyber domain, and we need to be playing offense.”

Security professionals observed a considerable decline in Chinese cyber espionage targeting U.S. businesses after a 2015 agreement between then-President Obama and Chinese President Xi Jinping to stop supporting cyber-enabled intellectual property theft against the other country's businesses.

However, some cyber experts say that Chinese actors continued to target defense contractors to gain intelligence on military technology.

New research from cybersecurity firm Symantec suggests that Chinese cyber activity against U.S. targets could be picking up overall.

The company revealed Tuesday that a previously unidentified Chinese cyber espionage group had breached satellite communications, telecommunications firms and geospatial imaging, as well as a defense contractor in the United States.

The company believes the hacks took place between November 2017 and early May of this year. They represent the first instance of the hacking group targeting U.S. organizations since 2015. Symantec has been tracking the group internally since 2013.

“This was an aggressive campaign,” said Jon DiMaggio, senior threat intelligence analyst at Symantec who led the research.

The hackers focused on the operational systems of the targets, suggesting they were interested in gaining intelligence on how the satellite systems work or monitoring or changing their data flow.

DiMaggio also said the hackers could have sought access to the systems to potentially disrupt them if they wanted.

“Whether this is going to signify that there is this increase in those China-U.S. attacks, time will have to tell,” said DiMaggio. “But it was unexpected.”

The Symantec research, however, did not specifically link that activity to the Chinese government.

Asked about the research Thursday by an Armed Services lawmaker, Michael Griffin, undersecretary for research and engineering at the Pentagon, declined to comment but said such activity would concern him.

“That is a topic that I really do not want to discuss in a public setting. Broadly, your comment taken on its face is very concerning. It’s for me very concerning to have read about it in the papers,” Griffin told Rep. Doug LambornDouglas (Doug) LambornOvernight Defense: VA pick breezes through confirmation hearing | House votes to move on defense bill negotiations | Senate bill would set 'stringent' oversight on North Korea talks New fears over Chinese espionage grip Washington Races to watch in Tuesday’s primaries MORE (R-Colo.).

“I’d welcome the opportunity to discuss this stuff in a more closed setting,” he added.

Espionage fears are also at play in the controversy over Chinese telecom firm ZTE, which is pitting the administration against Congress.

Many argue that Huawei, ZTE and other Chinese firms could provide a means for Beijing to conduct spying on U.S. targets.

The Commerce Department in April banned U.S. companies from doing business with ZTE, citing allegations the company violated Iran sanctions laws this year.

The ban almost led to the company closing its doors before President TrumpDonald John TrumpNFL freezes policy barring players from protesting during anthem McConnell spokesman on Putin visit: 'There is no invitation from Congress' Petition urges University of Virginia not to hire Marc Short MORE, locked in tense trade negotiations with China, backed a deal to keep ZTE alive.

But lawmakers, who see ZTE as a national security threat, are seeking to block the administration from allowing the company to resume business with U.S. firms.

On Monday, the Senate passed an annual defense policy bill that includes language keeping the penalties on ZTE in place.

The administration, though, has vowed to try and remove that language from the final bill.