On October 22, the domestic intelligence chiefs of the Five Eyes – the U.S., Australia, Canada, Great Britain, and New Zealand – appeared on CBS’s 60 Minutes to discuss the espionage threat posed by China. The TV appearance was notable in itself: Although the intelligence alliance between the five English-speaking countries goes back to the immediate aftermath of World War II, the heads of the respective agencies had never before appeared publicly together. That they did so on a major broadcast network on a Sunday night tells me that when it comes to Chinese espionage, we are at Defcon 1 – FBI Director Christopher Wray called the PRC “the defining threat of this generation, this era,” and Australia’s spy chief, Mike Burgess, warned that the scale of theft (including intellectual property, personal data, and basically any information China can get its hands on) is happening at a “scale unprecedented in human history.” So why haven’t we put the kibosh on it?
There are a few reasons that combating the threat posed by China is incredibly difficult. The first is the asymmetry in the structure of power and authority between the two countries. In particular, cyberespionage – China’s specialty – doesn’t just target the U.S. government (though it has, as it did when it stole data from 22 million government employee security records from the Office of Personnel Management in 2015), it targets private actors. Unfortunately, while China can marshal all of the resources of its state apparatus to engage in these stealth attacks, the U.S. has to depend on private companies to communicate and coordinate with the government to defend against it. Think of it this way: The U.S. intelligence community faces externally, and can see the threats coming in; but to turn around and peer internally into the impact of these attacks on their targets, they depend on the cooperation of each individual company. It’s a little like herding cats, especially because smaller companies – where much of the best innovation is happening – may not realize that they are vulnerable or take adequate precautions against being hacked. The key, then, is getting these private companies to think of themselves as national security actors, which is partly what the broadcast was trying to do. As one intelligence chief noted, speaking to any CEOs who were listening, “You may not care about geopolitics, but geopolitics cares about you.”
The second big reason that the intelligence leaders are sounding the alarm is that China has simply gotten more aggressive. Wray estimated that the FBI currently has over 2,000 active Chinese counterintelligence cases open in the U.S. To put that into perspective, there are only about 14,000 FBI agents, and only a fraction work counterintelligence (and only a subset of that work at the intersection of cybercrime and counterintelligence). It’s easy to see why our institutional capacity to identify and neutralize China’s efforts is overwhelmed. Further, China’s intelligence M.O. has changed, too. The common understanding of Chinese intelligence tactics used to be the “mosaic theory,” or the “grains of sand” approach – that is, that China played the long game, collecting tiny tidbits of information under the radar (including unclassified information) that it pieced together into a big picture over time. More recently, however, China analysts note that under President Xi Jinping, the country is aggressively targeting individuals with access to coveted information on social media platforms like LinkedIn, and also actively recruiting spies in government agencies, like former CIA officer Kevin Patrick Mallory, State Department employee Candace Marie Claiborne, and DIA officer Ron Rockwell Hansen. (The shift away from recruiting only ethnic-Chinese individuals is also a change in its intelligence tactics.) Combined with some of China’s other, brazen espionage operations, like the spy balloon that was shot down earlier this year, the Five Eyes have reason to issue a broader warning.