‘A Wolf in Sheep’s Clothing’: Cybersecurity Expert Raises the Alarm About China’s Cyber Actors
Samantha Aschieris /
FBI Director Christopher Wray is re-upping concerns over how “non-Chinese companies operating in China” are treated, specifically noting that “the Chinese government takes advantage of its laws and regulations to enable its stealing.” A Heritage Foundation expert highlighted these concerns, warning of China’s cyber actors as “a wolf in sheep’s clothing.”
Wray zeroed in on an alarming trend among American companies in the Middle Kingdom.
“For example, in 2022, we learned that a number of U.S. companies operating in China had malware delivered into their networks through tax software the Chinese government required them to use,” Wray said on Thursday at the 2023 Homeland Security Symposium and Expo. “To put it plainly: By complying with Chinese laws, these companies unwittingly installed backdoors for Chinese state hackers.”
“The overall result of [the People’s Republic of China] efforts like these is deep, job-destroying damage across a wide range of industries—and it’s damage that hits across the country, too, which is why we’re running 2,000 or so PRC-related counterintelligence investigations, out of every one of our 56 field offices,” he said.
In July 2020, the FBI warned American companies conducting business in China about the “government-mandated tax software,” ZDNET reported.
Specifically, as ZDNET reported, “the backdoors allow threat actors to execute unauthorized code, infiltrate networks, and steal proprietary data from branches operating in China.”
Jeff Smith, director of the Asian Studies Center at The Heritage Foundation, weighed in on Wray’s remarks. (The Daily Signal is Heritage’s multimedia news organization.)
“This further confirms what we have long known: the Chinese Communist Party will use every insidious tool at its disposal to leverage technology to steal information and intellectual property from American companies and American citizens,” Smith told The Daily Signal in an emailed statement.
“This should serve as a wake-up call to U.S. companies operating in China and complying with Chinese laws that think they are safe from the predatory practices of the CCP,” Smith said.
Wray, who delivered the remarks at Christopher Newport University in Virginia, described the size of the Chinese Communist Party’s “hacking program” as being “bigger than that of every other major nation combined.”
“Chinese government hackers have stolen more of our personal and corporate data than all other countries—big and small—combined,” Wray said.
Dustin Carmack, a research fellow in the Border Security and Immigration Center at The Heritage Foundation, described China’s cyber actors as “a wolf in sheep’s clothing.”
“The Biden Admin’s upcoming cyber strategy must account for this reality and plot a pathway for the United States and our partners to not only defend but impose consequences on the China cyber threat,” Carmack told The Daily Signal in an emailed statement.
“If the recent China spy balloon allowed to transit over the entire continental U.S. was a physical wake-up call of the threat, we cannot ignore the sharks swimming under the cyber surface,” Carmack said.
The Chinese government’s threat “is particularly dangerous,” Wray said, “because they use that massive cyber effort in concert with every other tool in their government’s toolbox.”
He continued:
What makes the Chinese government’s strategy so insidious is the way it exploits multiple avenues at once, and often in seemingly innocuous ways.
They identify key technologies to target. Their “Made in China 2025” plan, for example, lists ten broad areas—spanning industries like robotics, green energy production and vehicles, aerospace, and biopharma.
The “Made in China 2025” initiative seeks to make China the leader in ten strategic industries by 2025, and it represents one of many causes of conflict between Washington and Beijing.
Wray, who has led the FBI as its director since August 2017, detailed some of the “misconceptions about what it’s like to be targeted by Chinese intelligence.”
“First of all, most Chinese spies aren’t just targeting people with government secrets. They’re after people with accesses to innovation, trade secrets, and intellectual property they feel would give them an advantage—economically or militarily,” Wray said.
“Second, many U.S. citizens who are compromised don’t realize they are working for the Chinese government. Chinese intelligence officers often use co-opted staff from Chinese universities or national businesses—effectively contract intelligence officers—to contact targets and develop what seems like a ‘collaborative’ relationship, and the Chinese intelligence officer actually running the operation might never personally be in contact with the target,” he said.
Wray added:
Third, and finally: With Chinese intelligence, the spy may not ever ask for information, but may, instead, just be looking for access to people and to networks, and that access may, in turn, be just enough to create a vulnerability for a cyber intrusion. So, their intelligence and cyber efforts are working hand-in-hand.
The bureau is currently investigating a recent “malicious cyber incident on part of its computer network,” which is said to have involved the bureau’s New York Field Office, CNN exclusively reported Friday.
“The FBI is aware of the incident and is working to gain additional information,” the FBI told CNN in a statement. “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”
The cyber incident happened in recent days, CNN also reported.
Dean Cheng and Riley Walters contributed to this report.
Have an opinion about this article? To sound off, please email [email protected] and we’ll consider publishing your edited remarks in our regular “We Hear You” feature. Remember to include the url or headline of the article plus your name and town and/or state.