As trade tensions between the US and the People’s Republic of China (PRC) escalate, PRC-sponsored hacking and spying on US businesses is also on the rise. Research shows that attacks on the telecom, pharma and hospitality industries as well as other sectors have spiked, and there’s no end in sight. How worried should you be about state-sponsored hackers targeting your organization?
Those on the front lines say there’s plenty of cause for concern, warning of new tactics being used in an old struggle. Companies that supply military technology know they are targets, but the threat extends far beyond the defense sector. In an April 2019 address at the Council on Foreign Relations, FBI Director Christopher Wray described the threat of PRC espionage in stark terms:
“On the cyber front, we’re seeing hack after hack and breach after breach, and we’re seeing more and more of what we call a blended threat where cybercrime and espionage merge together in all kinds of new ways. We still confront traditional espionage threats—you know, dead drops, covers, things like that—but economic espionage dominates our counterintelligence program today. More than ever, the adversaries’ targets are our nation’s assets—our information and ideas, our innovation, our research and development, our technology. And no country poses a broader, more severe intelligence collection threat than China.”
Wray’s remarks underscore the scale of the threat and how it has evolved beyond old-style spying activities like stealing military secrets to permeate the economic realm. The US and the PRC are currently engaged in a trade war that was sparked in part by an American desire to check the theft of intellectual property. As the stakes rise, so does the rhetoric — and the cyberwarfare.
AppGuard and Carahsoft recently sponsored a webinar addressing the topic of PRC espionage and how it affects the cybersecurity sector: The Chinese Espionage Storm. One PRC-based company the panel discussed has been in the news frequently this year: HUAWEI, a Chinese multinational telecom, whose 5G technology the US and its allies are attempting to block from national security sectors.
The US government is fighting back against PRC espionage and intellectual property theft in a number of other ways, including leveraging trade negotiations and sanctions to punish Chinese companies suspected of theft and spying. One major sticking point in current trade negotiations is the PRC demand that US firms seeking access to the Chinese market make their technology available to Chinese partners.
The webinar panel noted that as of 2015, more than half of technology was obtained by the PRC through mandatory sharing agreements. That loophole may be closing, but efforts to secure the technology through theft and espionage have increased in the ensuing years. With more than 13,000 companies in the defense industrial base, hackers and spies have a target-rich environment.
Defense sector companies are an obvious target, but since US strength resides primarily in the industrial base, companies are at risk across all sectors, according to the panel. So, what can companies that are at risk do about it? Insider threat programs can help harden targets, countering the danger posed by espionage programs that recruit assets inside the US.
Organizations like the Intelligence and National Security Alliance and the Financial Systemic Analysis & Resilience Center can be great resources too. These and other organizations bring government and private sector experts together to develop and apply creative solutions to issues like espionage and hacking by sharing information and identifying best practices.
Another best practice is to shut down attacks at the kernel level by using AppGuard. Our groundbreaking preventive approach stops malware and zero-day attacks in their tracks before they can cause harm, providing better security without the need for detection and response to incidents. In that way, AppGuard’s zero-trust controls can help you avoid getting caught in the crossfire of the cyberwar.