This news analysis was originally dispatched as part of Epoch Times China email newsletters. Subscribe to the newsletters by filling your email in the “China D-brief” box under this article.
Chinese telecommunications company Huawei recently unveiled its new P9 smartphone, and as a recent Wired headline states, “Huawei just copied the iPhone—down to the last screw.”
Incidents like this aren’t anything new when it comes to Chinese tech companies. Epoch Times noted back in 2014 that Chinese company Xiaomi had built its entire brand around copying Apple, right down to its CEO dressing like Steve Jobs during product events.
The recent development does, however, highlight an important issue.
Just a few months ago, U.S. leaders were adamant about stopping the Chinese regime’s use of cyberattacks to steal information from U.S. companies. This led to the agreement, announced by President Barack Obama and Chinese leader Xi Jinping, on Sept. 25, 2015, to end the use of cyberattacks for economic theft.
Obama stated, at the time, “We’ve agreed that neither the U.S. or the Chinese government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage.”
There is mixed reporting on how effective the agreement was. A “60 Minutes” segment on Jan. 17 noted that the day after the announcement, Chinese cyberattacks on U.S. businesses continued as usual. Cybersecurity company FireEye claimed the agreement did reduce the number of Chinese cyberattacks on U.S. companies, but its claims are also contested by other cyber researchers.
As I mentioned in an article around that time, however, the key problem with the cyber agreement is that it only addressed cyberattacks used for economic theft, and it only addressed economic theft conducted through cyber.
In other words, the agreement does nothing to stop cyberattacks used for intelligence gathering. This means the Chinese cyberattacks on the Office of Personnel Management, which stole 21.5 million records on current and former U.S. federal employees, falls outside the program.
And just as importantly, the agreement does nothing to stop Chinese economic theft using methods other than cyberespionage.
That last part is important. The part that’s often overlooked in China’s use of cyberattacks for economic theft, is that cyber is merely one of many tools the Chinese regime uses for theft of information, and all its tools are in turn just extensions of a system being directed by Chinese policy.
The Chinese regime still has a large focus on using conventional spies to steal information. Over the course of just three weeks in April, there were four cases of alleged Chinese spies targeting the United States.
Even this month, there has already been one case of an individual conducting what resembles espionage on behalf of the Chinese regime. A former U.S. Army contractor was sentenced to six months in home confinement for lying on his security clearance form by concealing that he formerly served in the Chinese People’s Liberation Army. The individual had also violated security protocols by connecting a USB drive to a computer on the Army network, then trying to cover his tracks.
MORE:Canada Says Huawei Employees May Be Spies, Rejects Immigration Applications
The fact is, the Chinese Communist Party has a vast system for stealing information from the United States and from U.S. businesses.
Its other methods include its use of vast networks of student spies, its use of academic research partnerships, its use of front organizations including Chinese hometown associations, its use of business partnerships around research, and its use of inviting foreign experts on key topics to visit China and either present or cooperate on research around their expertise.
Then, there are Chinese “grey markets,” where Chinese factories that manufacture foreign goods simply do additional production runs, so they can make and sell the products themselves.
Stopping the cyberattacks won’t stop the problem. Cyber certainly makes it easier for the Chinese regime to steal products and designs, but again, they have plenty of other tools at their disposal.
Think of cyber as just one head of a hydra. You can cut off the head, but two heads will grow back in its place. With the Chinese regime, if cyber is removed from the equation of economic theft, it will simply find other, more effective means.
Yet, just like the mythical hydra, the way to stop this system is to stop swinging at the appendages, and go straight for the heart—and for the Chinese regime, the heart of these programs are its internal policies and facilities for stealing and copying foreign technology.
MORE:Faced With Barrage of Chinese Spies, US Expands Rules for National Security Cases
Its policies for economic theft include Project 863, the Torch Program, the 973 Program, and the 211 Program. It also has a vast system of centers designed to reverse-engineer stolen technology, known as China’s National Technology Transfer Centers or National Demonstration Organizations.
With recent U.S. efforts to stop the Chinese regime’s use of economic theft, the question shouldn’t be whether the cyberattacks stopped. The questions should be whether the Chinese regime ended its policies that guide economic theft, and whether it closed its facilities dedicated to copying stolen technology. The answer so far to both of these questions is a simple “no.”

Read the full article here

This news analysis was originally dispatched as part of Epoch Times China email newsletters. Subscribe to the newsletters by filling your email in the “China D-brief” box under this article.
The first U.S.-China dialogue under a new cybersecurity agreement concluded last week—but what was left unmentioned was much more important than what was said.
According to Xinhua, the official mouthpiece of the Chinese Communist Party, the Chinese representatives claimed they identified the individuals who breached the U.S. Office of Personnel Management (OPM), and explained that “the case turned out to be a criminal case rather than a state-sponsored cyber attack as the U.S. side has previously suspected.”
The statement is unlikely to be a surprise to anyone following cybersecurity. The Chinese regime always denies its involvement in cyberattacks, regardless of evidence. Most interesting is that in a statement giving a brief recap of the meeting, the U.S. Department of Justice gave no mention of the discussion on the OPM hack.
In a way, the Chinese regime has become a boy who cried wolf: it has lied so often that many experts—including many U.S. officials—don’t give its claims much weight.
The Washington Post reported that even prior to the cybersecurity meeting from Dec. 1 to Dec. 2, the Chinese regime claimed it “arrested a handful of hackers it says were connected to the breach” of OPM, yet also cited an unnamed U.S. official stating “we don’t know that if the arrests the Chinese purported to have made are the guilty parties.”
“There is a history [in China] of people being arrested for things they didn’t do or other ‘crimes against the state,’” the official said.
The bilateral meeting between the Chinese Minister of Public Security, the U.S. Secretary of Homeland Security, and the U.S. Attorney General was the first under the new U.S.-China cybersecurity agreement, announced by President Barack Obama and Chinese Communist Party leader Xi Jinping on Sept. 25.
The stance brought to the table by the Chinese representatives was likely well in line with what U.S. officials expected.
John Carlin, assistant attorney general for national security, explained during a Dec. 3 presentation that after the U.S. Department of Justice indicted five Chinese military officers in May 2014 for their involvement in state-run cyberattacks, the Chinese regime altered its line on cybersecurity.
The Chinese regime’s initial response, Carlin said, was of “indignant denials.” Just a year later, however, it’s response moved towards one claiming that they also oppose and combat theft of commercial secrets—and other forms of cyberattacks.
The shift in official line seems to chime with the ancient Chinese saying: “It’s the thief who yells ‘stop thief.’”
Of course, there are plenty of reasons why experts would choose to not believe the Chinese regime’s claims that it arrested hackers, or that it had nothing to do with the breach.
The Chinese regime’s state-sponsored cyberattacks have already been deeply exposed. Most of its military hackers operate out of its General Staff Department, Third Department. In July, the Project 2049 Institute think tank even traced one the Chinese hacker units to a government office in Shanghai.
The OPM breach was tied to several other Chinese state-sponsored cyberattacks, which cybersecurity experts dubbed “Deep Panda.” The same hackers who breached the OPM also breached health insurance company Anthem.
MORE:Murder, Money, and Spies Investigative SeriesCHINA SECURITY: China Reins in Its Hacker Army
The stolen private information is being used by Chinese agencies to build a database on Americans. An insider in China detailed this database, and told Epoch Times that the system for big data analytics is based on the same database the Chinese regime uses for spying on its own people.
It is also possible that Chinese officials were telling a half-truth, and that the hackers behind the OPM breach were not officially under the Chinese regime or its military. But, with bit of background on the Chinese cyber army, this still wouldn’t free them from blame.
The Chinese regime revealed the structure of its cyber army in the 2013 edition of its military publication, “The Science of Military Strategy.” Its cyber army has three tiers: the first being specialized military units, the second being specialists in civilian organizations and government agencies, and the third being groups outside the Chinese regime “that can be organized and mobilized for network warfare operations.”

Read the full article here

Rumor has it the Chinese regime will move its cyberwarfare units under a single command structure. Unnamed sources told Bloomberg in mid-October that Chinese cyber units from all departments would be moved under a centralized command under the Central Military Commission.
Changes were allegedly discussed during the Chinese Communist Party’s (CCP) Fifth Plenum, attended by more than 350 top CCP officials, where they lay out the new five-year economic plan.
Bloomberg followed with some interesting analysis, but in my opinion, it missed the mark. First of all, the Chinese regime already has a command structure for its cyber departments, which on the surface—and under proposed changes—is headed by the Central Military Commission. Second, proposals for the new Chinese military structure give a much more complex picture of how its cyber units will be managed.
As things stand now, the CCP’s cyber units are broken into three tiers. The structure, which is already under the Central Military Commission, was detailed in the latest edition of The Science of Military Strategy, published by the top research institute of the People’s Liberation Army (PLA). While the document was released in 2013, details on the cyber structure were only reported in the West in March this year.
At the top of the cyber structure are the specialized PLA military units assigned to attack and defend networks. Next are the specialists in civilian organizations—including the the Ministry of State Security and the Ministry of Public Security—that are “authorized by the military to carry out network warfare operations.” The third tier are groups outside the regime, which presumably include nationalistic hackers (often known as “Patriot Hackers”), that can be called on for cyber operations when needed.
The Central Military Commission is technically in charge of these units, but when it comes to actual power within the PLA, things aren’t that simple.
According to the surface structure, the Central Military Commission heads the General Staff Department, which in turn heads the hacker units under its Third Department. In an investigative report in September, however, Epoch Times revealed that the real power behind the PLA hackers is the 61 Research Department of the Third Department.
The 61 Research Institute is led by Maj. Gen. Wang Jianxin, son of Wang Zheng who pioneered the CCP’s signals intelligence operations under Mao Zedong. Sources told Epoch Times that while Wang’s department is several tiers below the Central Military Commission, he’s an extremely powerful man.
This is where the new structure comes into play. It ties into plans to restructure the entire PLA, and cut 300,000 troops, announced by CCP leader Xi Jinping in early September.
Shortly after the announcement, South China Morning Post—which has been growing increasingly close to the Chinese regime—released an infographic showing a proposal for the new structure.
Under the current system, most of the military is controlled by the Central Military Commission, with some power shared with the State Council through its joint influence over the Ministry of National Defense.
With the new structure, however, a large chunk of military units would be placed under the Ministry of National Defense—which means the State Council would have more of a hand in their operations.
The State Council is technically the government of China, but it’s still controlled by the CCP.
Meanwhile, the unit in charge of the hackers—the General Staff Department—would be given command over three other departments: General Political Department, General Logistics Department, and the General Armaments Department.
In an odd knot, control of those same three departments will be shared under the Ministry of National Defense. And oddly, also under the Ministry of National Defense will be some departments with ties to cyberespionage. Among them are the regional defense and research departments, the National Defense University, the Academy of Military Science, and the National University of Defense Technology.
In other words, the military hackers would officially remain under the Central Military Commission, but departments tied to their operations would be jointly controlled by an office managed by both the Central Military Commission and the State Council.
Keep in mind, these are still just proposals. But it appears the changes aren’t meant to consolidate command of the CCP’s hackers. Instead, it looks like the changes are designed to reign in the hackers by giving the State Council some indirect sway over their actions. Several sources have told Epoch Times that the Chinese regime has trouble controlling finances tied to military hackers, and this has caused forms of corruption that the leadership wishes to stem.
The new system would give the State Council—the highest executive agency in the Chinese state (though of course below the Politburo Standing Committee)—more oversight. This puts the infrastructure for economic theft under the Ministry of Defense, while giving more government oversight over the activities, thus depriving the PLA of some of its autonomy.

Read the full article here

US President Barack Obama speaks next to Chinese President Xi Jinping at a joint press conference after their meeting at the White House in Washington,DC on September 25, 2015.      (YURI GRIPAS/AFP/Getty Images)US President Barack Obama speaks next to Chinese President Xi Jinping at a joint press conference after their meeting at the White House in Washington,DC on September 25, 2015.      (YURI GRIPAS/AFP/Getty Images)

This news analysis was originally dispatched as part of Epoch Times’ China email newsletters. Subscribe to the newsletters by filling your email in the “China D-brief” box under this article.

U.S. leaders sealed their Sept. 25 cyber agreement with the Chinese regime recently, sending them a list of Chinese hackers identified as having stolen commercial secrets from U.S. businesses, and requesting their arrests.

In an unexpected turn of events, Chinese authorities actually made some of the arrests. Now, experts and U.S. officials are now paying close attention to whether China prosecutes the hackers.

But while this makes for an interesting show, the new developments do not, by any means, spell an end to Chinese state-sponsored economic theft.

The opposite may be more likely: by passing evidence on Chinese hackers to Chinese authorities, the United States might unintentionally help the Chinese regime close gaps in its system for economic theft.

More seriously, however, is what type of evidence U.S. authorities will hand to Party representatives when they gather enough evidence for arrests. If the hackers stand trial in China, they’ll not only need information on allegations, but also proof that shows how the information was gathered.

Chinese authorities could very easily take this information as a road map for how U.S. investigators are detecting attacks. Using this information, they could adjust their methods each time, and make it cyberattacks progressively more difficult to pin down.

The result could be that Chinese state-sponsored cyberattacks not only continue, but become even more difficult to detect.

Firstly, the agreement only forbids, as Obama puts it, “cyber-enabled theft of intellectual property.” This does nothing to address intellectual theft through the Chinese regime’s various other means.

In other words, it doesn’t forbid economic theft. It just addresses one method of economic theft.

And being the opaque system that it is, the Communist Party has plenty of leeway to play U.S. authorities for fools.

It would be simple to put on show trials and let the hackers go free afterward, while telling U.S. authorities they’re serving time behind bars. It would also be easy for them to pin the blame on unrelated, innocent parties.

The only time it could be verified that the Party had arrested the right people would be in the rare cases that U.S. authorities could obtain photographs and detailed profiles of Chinese hackers. For those keeping track, they’ve only been able to publicly identify around six specific hackers over the last decade, according to publicly available information.

The biggest piece left unmentioned, however, isn’t about the hackers at all. The part being missed is that the Chinese Communist Party is behind the attacks—and what the U.S. really needs is proof that the Chinese regime has dismantled its massive system for economic theft.

This means showing proof that they’ve rescinded state policies calling for economic theft—getting rid of programs such as its Project 863. It means showing proof that it has dismantled military branches involved in state-sponsored cyberattacks, particularly those under its General Staff Department, Third Department. And it means showing proof that state-run transfer centers throughout China tasked with reverse engineering stolen technology have been closed.

None of this appears to be on the cards, or even under discussion.

As this newsletter reported last week, the agreement only addresses a small part of the overall system for Chinese state-run economic theft. Hackers get the most attention, but the Chinese regime also uses a vast network of insiders—old fashioned human spies—who carry out this work.

The insiders working on Chinese economic theft operate in the sister department to its military hackers: the General Staff Department, Second Department.

And this is not to even speak of the individuals lured or coerced to spy for Chinese state-run companies. This often Chinese researchers, students, professors, and individuals already working in key U.S. companies.

Read the full article here

Original Article click here