China is regularly accused by the United States and several other nations of state-organized economic espionage and theft of intellectual property, in violation of international trade agreements.[ vague ] The espionage and theft are not be limited to business, but also include academia [1] and government. [2] [3] The Ministry of State Security (MSS), united front groups, and their affiliates have been reported as frequent perpetrators of such theft. [4] [5]
The Chinese government has repeatedly denied the allegations, stating that Western companies willingly transfer technology to get access to China's market. China, however, also state they are taking steps to address the concerns. [6] In 2019, China banned forced technology transfers [7] via the Foreign Investment Law. [8] : 108
According to Derek Scissors of the American Enterprise Institute, Chinese firms have been able to spend more on production, undercutting the prices of global competitors, by leapfrogging the often costly research and development phase through intellectual property theft. [9] According to James Lewis, senior vice president and director of the Center for Strategic and International Studies’ Technology Policy Program, "Chinese policy is to extract technologies from Western companies; use subsidies and non-tariff barriers to competition to build national champions; and then create a protected domestic market for these champions to give them an advantage as they compete globally." [10] After acquiring intellectual property, Chinese government subsidies and regulations help Chinese companies secure market shares in the global markets at the expense of the U.S. [9]
Japanese and European rail businesses have, for example, stated that Chinese rail companies used technology from shared ventures to become big in high-speed rail. [11] Another example is in wind power, where Spanish wind power producer Gamesa was required to manufacture parts using Chinese domestic producers; within years, the same manufacturers produced parts for domestic producers who soon eclipsed Gamesa through favorable loans and support. [6] Besides recruiting foreign employees to share trade secrets, another method involves cyber espionage and hacking. [10] One of the methods involves massive, broad hacks, such as 2021 Microsoft Exchange Server data breach, before sifting through the acquired data in search of valuable information. According to Microsoft, the large-scale hack was probably sponsored by the Chinese government. [12]
According to William Schneider Jr., "China has institutionalized a system that combines legal and illegal means of technology acquisition from abroad". [3] The issue is not limited to the United States, but is also reported in Europe, [13] and according to William Evanina, director of the National Counterintelligence and Security Center, China directs similar efforts towards other NATO members. [10] According to CNN, some U.S. officials and analysts have pointed to China's Made in China 2025 plan as "a rubric for the types of companies whose data Chinese hackers have targeted". [14]
In 2015, Chinese President Xi Jinping and U.S. President Barack Obama had agreed neither government would "conduct or knowingly support cyber-enabled theft of intellectual property". [14] This led to an 18-month decrease in Chinese hacking, ending with the increased trade conflicts under the Trump administration. [15]
According to Adam Meyers, working for the cyber-security firm CrowdStrike, China's campaign of global cyber-espionage has increasingly targeted big repositories of data, like internet or telecom service providers, making it "more difficult to really pinpoint that they were doing economic espionage". [14] Co-founder of CrowdStrike, Dmitri Alperovitch, stated in 2018 that China appeared to have ramped up its intellectual property espionage, after a decrease during the end of the Obama administration. According to Alperovitch, there has been an increase in hacks by China's Ministry of State Security, which he considers more skilled than the People's Liberation Army, which previously stood for most of the hacking. [16] This shift from the PLA to the Ministry of State Security, as well as an increase in sophistication, has also been noted by U.S. intelligence officials. [15]
A congressional estimate in the U.S. placed the cost of Chinese intellectual property theft at 225–600 billion dollars yearly. [13] According to a CNBC survey, 1 in 5 corporations say China has stolen intellectual property within the previous year, while 1 in 3 said it had happened some times during the previous century. [17] In 2020, FBI director Christopher Wray claimed Chinese economic espionage amounted to one of the largest transfers of wealth in human history. [13] According to CBS, Chinese state-actor APT 41 has conducted a cyber operation spanning years, stealing intellectual property worth trillions of dollars from about 30 multinational companies. [18]
According to the New York Times, China's hacking campaigns first came to prominence in 2010, with attacks on Google and RSA Security, then later with a 2013 hack on the New York Times itself. [15]
A 2018 report by the Australian Strategic Policy Institute, looking at incidents from Germany, Australia and the United States, including the Rio Tinto hack, stated that China was likely to be in breach of its bilateral cyber espionage agreements. [19] According to professor Greg Austin, from UNSW Canberra Cyber, the more concerning problem is not intellectual property espionage, which he believes is also practiced by the United States, but Chinese laws pressuring foreign corporations in China to hand over intellectual property. "That's a practice that Australia needs to pay more attention to, not the almost unstoppable practice of Chinese government theft of commercial secrets through espionage". [19]
In 2022, the security firm Cybereason announced it had discovered Chinese government-linked hackers targeting sensitive data from over thirty technology and manufacturing firms in Asia, Europe and the United States since 2019. [18] The Chinese embassy in Washington denied the allegations. [14] The attacks were linked to the Winnti group, and is alleged by Cybereason to have seized hundreds of gigabytes of "sensitive documents, blueprints, diagrams, formulas, and manufacturing-related proprietary data". [20]
The number of IP cases prosecuted criminally in Chinese courts has been on a significant upward trend from 2005 to 2015, [21] suggesting tougher enforcement of IP laws. [7]
According to academic Scott M. Moore, foreign firms have been increasingly successful in litigating patent infringement suits in China, winning approximately 70% of the time in the period 2006 to 2011, and rising to approximately 80% in the late 2010s. [7]
A joint China-United States customs action in 2017 uncovered 1600 instances of intellectual property theft in goods exported to the United States. China's customs office issued a statement saying it would "actively promote increased cooperation with customs administrations of all countries and regions to jointly fight and comprehensively manage" intellectual property rights. [22]
In 2019, China adopted new Foreign Investment Law banning forced technology transfers. [7]
According to Bloomberg Law, foreign-related cases accounted for 10% of the total caseload of China's Intellectual Property Court of the Supreme People's Court in 2020, 2021, and 2022, with an annual increase of 45.6%. [23] About 57.4% of these cases involved patent infringement disputes. [23]
Despite making efforts in intellectual property protection in China, a major obstacle in prosecution is corruption in courts; local protectionism and political influence prohibits effective enforcement of intellectual property laws. [24] To help overcome local corruption, China established specialized IP courts and sharply increased financial penalties. [7]
Intellectual property theft was one of the reasons behind the China–United States trade war. [25] [13] [26]
In 2018 Micron Technology, a U.S. memory chip maker, accused Chinese competitor Fujian Jinhua and Taiwanese manufacturer UMC of stealing chip designs. [27] The U.S. Department of Justice (DOJ) announced an indictment against Fujian Jinhua and UMC. [28] In October 2020, UMC pleaded guilty and agreed to pay a fine in exchange for cooperating with the DOJ. [29] In February 2024, US District Judge Maxine M. Chesney in San Francisco acquitted Fujian Jinhua of the charge in a non-jury verdict, judging that the prosecutor failed to provide sufficient evidence. [30] [31] [32]
In 2019, University of California, Santa Barbara sued Walmart, Amazon, IKEA, Bed Bath & Beyond and Target for selling Chinese-made light-bulbs using illegally acquired patented U.S. technology. [33]
In 2020, Huawei was indicted on charges of a decade-long operation to steal U.S. trade secrets, with the U.S. Justice Department stating Huawei has a "long-running practice of using fraud and deception to misappropriate sophisticated technology from US counterparts". [34]
After the Equifax breach, U.S. Attorney General William Barr stated "Unfortunately, the Equifax hack fits a disturbing and unacceptable pattern of state-sponsored computer intrusions and thefts by China and its citizens that have targeted personally identifiable information, trade secrets, and other confidential information". [10] Deputy director of the FBI, Paul Abbate, alleged in 2022 that China runs "a massive, sophisticated cyber theft program", and that it "conducts more cyber intrusions than all other nations in the world combined." [14]
The FBI had more than 1,000 cases of intellectual property theft involving individuals associated with the People's Republic of China open in 2020. [10] According to Christopher Wray, the FBI opens a new Chinese counterintelligence investigation every 12 hours. [18] According to the U.S. Department of Justice, 80 percent of its economic espionage cases involve the People's Republic of China. [35]
In 2015, in the immediate aftermath of a Sino-American agreement, China reached a similar diplomatic agreement with the UK to stop IP "cybertheft" in a "lengthy joint statement". [36] The legal enforceability of the agreement, which amounted to a statement of intent, has been disputed, in addition to its prospective effectiveness. F-Secure security adviser, Tom Gaffney, suggested that the UK-China deal would "just like its US counterpart" not lead to any meaningful change in approach by Beijing because "the government has too much invested in its cyber-attack capability". [37]
Industrial espionage, also known as economic espionage, corporate spying, or corporate espionage, is a form of espionage conducted for commercial purposes instead of purely national security.
Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.
Micron Technology, Inc. is an American producer of computer memory and computer data storage including dynamic random-access memory, flash memory, and solid-state drives (SSDs). It is headquartered in Boise, Idaho. Micron's consumer products, including the Ballistix line of consumer & gaming memory modules, are marketed under the Crucial brand. Micron and Intel together created IM Flash Technologies, which produced NAND flash memory. It owned Lexar between 2006 and 2017. Micron is the only U.S.-based manufacturer of memory.
Intellectual property rights (IPRs) have been acknowledged and protected in China since 1980. China has acceded to the major international conventions on protection of rights to intellectual property. Domestically, protection of intellectual property law has also been established by government legislation, administrative regulations, and decrees in the areas of trademark, copyright, and patent.
The Economic Espionage Act of 1996 was a 6 title Act of Congress dealing with a wide range of issues, including not only industrial espionage, but the insanity defense, matters regarding the Boys & Girls Clubs of America, requirements for presentence investigation reports, and the United States Sentencing Commission reports regarding encryption or scrambling technology, and other technical and minor amendments.
The Government of China is engaged in espionage overseas, directed through diverse methods via the Ministry of State Security (MSS), the Ministry of Public Security (MPS), the United Front Work Department (UFWD), People's Liberation Army (PLA) via its Intelligence Bureau of the Joint Staff Department, and numerous front organizations and state-owned enterprises. It employs a variety of tactics including cyber espionage to gain access to sensitive information remotely, signals intelligence, human intelligence as well as influence operations through united front activity targeting overseas Chinese communities and associations. The Chinese government is also engaged in industrial espionage aimed at gathering information and technology to bolster its economy, as well as transnational repression of dissidents abroad such as supporters of the Tibetan independence movement and Uyghurs as well as the Taiwan independence movement, the Hong Kong independence movement, Falun Gong, pro-democracy activists, and other critics of the Chinese Communist Party (CCP). The United States alleges that the degree of intelligence activity is unprecedented in its assertiveness and engagement in multiple host countries, particularly the United States, with economic damages estimated to run into the hundreds of billions according to the Center for Strategic and International Studies.
United Microelectronics Corporation is a Taiwanese company based in Hsinchu, Taiwan. It was founded as Taiwan's first semiconductor company in 1980 as a spin-off of the government-sponsored Industrial Technology Research Institute (ITRI).
Operation Aurora was a series of cyber attacks performed by advanced persistent threats such as the Elderwood Group based in Beijing, China, with associations with the People's Liberation Army. First disclosed publicly by Google on January 12, 2010, by a weblog post, the attacks began in mid-2009 and continued through December 2009.
An advanced persistent threat (APT) is a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals.
The United States has often accused the People's Republic of China of attempting to unlawfully acquire U.S. military technology and classified information as well as trade secrets of U.S. companies in order to support China's long-term military and commercial development. Chinese government agencies and affiliated personnel have been accused of using a number of methods to obtain U.S. technology, including espionage, exploitation of commercial entities, and a network of scientific, academic and business contacts. Prominent espionage cases include Larry Wu-tai Chin, Katrina Leung, Gwo-Bao Min, Chi Mak, Peter Lee, and Shujun Wang. The Ministry of State Security (MSS) maintains a bureau dedicated to espionage against the United States, the United States Bureau.
Cyberwarfare by China is the aggregate of cyberattacks attributed to the organs of the People's Republic of China and various related advanced persistent threat (APT) groups.
PLA Unit 61398 is the military unit cover designator (MUCD) of a People's Liberation Army advanced persistent threat unit that has been alleged to be a source of Chinese computer hacking attacks. The unit is stationed in Pudong, Shanghai, and has been cited by US intelligence agencies since 2002.
PLA Unit 61486 is a People's Liberation Army unit dedicated to cyberattacks on American, Japanese, and European corporations focused on satellite and communications technology. It is a unit that takes part in China's campaign to steal trade and military secrets from foreign targets.
Cyber spying on universities is the practice of obtaining secrets and information without the permission and knowledge of the university through its information technology system. Universities in the United Kingdom, including Oxford and Cambridge, have been targets, as have institutions in the United States and Australia.
ChangXin Memory Technologies is a Chinese semiconductor integrated device manufacturer headquartered in Hefei, Anhui, specializing in the production of DRAM memory.
Red Apollo is a Chinese state-sponsored cyberespionage group which has operated since 2006. In a 2018 indictment, the United States Department of Justice attributed the group to the Tianjin State Security Bureau of the Ministry of State Security.
Double Dragon is a hacker group with alleged ties to the Chinese Ministry of State Security (MSS). Classified as an advanced persistent threat, the organization was named by the United States Department of Justice in September 2020 in relation to charges brought against five Chinese and two Malaysian nationals for allegedly compromising more than 100 companies around the world.
Fujian Jinhua Integrated Circuit Co. Ltd., or JHICC, is a Chinese state-owned DRAM manufacturer based in Fujian, China. It is part of the Made in China 2025 program, a component of China's strategy to gain self-sufficiency in the semiconductor industry, and is a national leader in China's technology industry.
Salt Typhoon is an advanced persistent threat actor operated by the Chinese government which has conducted high profile cyberespionage campaigns with an emphasis on counterintelligence targets in the United States. The group has also infiltrated targets in dozens of other countries on nearly every continent.
{{citation}}
: CS1 maint: location (link)