Friday, November 15, 2024

U.S, UK warn local governments, businesses of China’s influence operations

China uses personal, business and political relationships to gather information and influence actions. U.S. and UK government agencies urge caution.

In an apparent, concerted effort to spread the word on the threat posed by China to governments at the state and local level as well as businesses of all sizes, the U.S. National Counterintelligence and Security Centre (NSCS), issued a “Safeguarding Our Future” bulletin. “Protecting Government and Business Leaders at the U.S. State and Local Level from People’s Republic of China (PRC) Influence Operations” differs from previous warnings on China’s use of social networks, pseudo-state-sponsored hackers, etc. The NSCS highlights how the Chinese intelligence apparatus uses the whole-of-government approach as they work to acquire information in support of the Communist Party of China (CCP) directives.

The key takeaway within the bulletin: “In partnering with any foreign entity, U.S. state and local leaders should exercise vigilance, conduct due diligence, and ensure transparency, integrity, and accountability are built into the partnership to guard against potential foreign government exploitation.”

Contemporaneously with the release of the NCSC bulletin, across the water in London at MI5 Headquarters, both FBI director Christopher Wray and MI5 head Ken McCallum spoke of the threat posed by China. Wray was quoted by the BBC as saying China is the “biggest long-term threat to our economic and national security,” while McCallum noted that China was “an even more serious threat to Western businesses than even many sophisticated businesspeople realized.”

Indeed, a member of UK parliament found themselves being targeted in an influence operation that became public in January 2022 when MI5 issued a warning to Parliament on the efforts of Christine Ching Kui Lee became publicly known and her connection to the CCP revealed.  

China’s influence operations focus on the local

It is no surprise the PRC and CCP use their diplomatic presence to influence foreign policy of the United States via their official diplomatic presence, visiting delegations, and engagement across the many international organizations in which the United States and China are joint members. What may not be as recognizable, and which this bulletin calls out, is how China leverages the “subnational” relationships. Subnational relationships may include but are not limited to sister city initiatives, people-to-people exchanges, and China’s creation of incentives for U.S. businesses to engage with China as a market for goods, a partner for product production or joint research.

Recommended:  Microsoft closes two avenues of attack: Office macros, RDP brute-forcing

This strategy is not unique to the Sino-U.S. relationship. NCSC duly notes how China calls this strategy of state and local influence on the targeted federal government, the U.S. in this instance, as “using the local to surround the central.”

China targets government staffers, seeks PII

Numerous organizations have been identified as carrying the banner for China in the country’s effort to monitor the activities of the Chinese diaspora in the United States. Indeed, China’s “Operation Fox Hunt” (a.k.a. Operation Skynet), which they brought to the U.S. shores, was revealed to all by the Department of Justice. President Xi made it clear he wished the CCP and the intelligence apparatus of China to target those Chinese nationals who were perceived as a threat. Such was their desire to influence activities in the United States they recruited U.S. citizens to assist in their efforts, one of which was a New York City police officer who provided information on individuals of interest to China.

Then there are those instances where individuals, operating under the purview of the CCP and China intelligence, become involved at the local and state level. These individuals target both candidates for elected office and those in career positions of importance. In 2013 for example, the FBI approached Senator Diane Feinstein’s (D-CA) office and advised that China was attempting to “recruit” a member of her California staff. She explained in a 2018 Tweet how she had taken the FBI’s concerns seriously and “made sure the employee left my office immediately.” I opined at the time that I did not think the staffer was a spy. Rather, he was more likely a person who was duped. I made this assessment based on more than a few years of offensive intelligence operations under my belt, as the Chinese had no need for his services as a “spy” when the information could be obtained through more casual interaction.

Recommended:  GDPR Fines Surged Sevenfold to $1.25 Billion in 2021: Study

In a more expansive expose of the targeting of local and state politics, Axios wrote in 2020 how the Chinese had ingratiated themselves into the Bay Area and beyond. Their asset worked diligently to become part of the landscape and influence both individuals as well as policy. Again, the FBI warned a member of Congress, this time Representative Eric Swalwell (D-CA) that China was targeting his California office (2015) and he did what you’d have expected, distancing himself from the asset, who was sent his way leaving the Chinese empty handed. The Chinese operator found more fertile hunting ground in Ohio, where a local politician ended up in a sexual liaison with the individual, in a car that was under FBI surveillance. Once the Chinese national was identified, she scurried from the U.S., presumably back to China.

Lastly, China’s desire to acquire personally identifiable information (PII): Volumes have been written on China’s targeting of the Office of Personnel Management (OMB), the credit reporting industry, the U.S. health sector and more. There is no doubt China is compiling the target and assessment motherlode for their use at the time and place of their choosing.

Mitigating the risk of Chinese influence operations

To their credit, NCSC provides several salient points that highlight the basic steps entities may take to reduce the likelihood of finding themselves being manipulated.

  • No free lunch.
  • Know your partner.
  • Transparency is your friend.
  • Don’t go it alone, share your experience with others.
  • Maintain visibility and connectivity with U.S. authorities.

It is important to understand the key component of the Chinese end goal is to create dependencies upon which the CCP may lean upon to exert influence. Sister city arrangements in the United States are conducted at the city level. In China sister city relationship are handled by the central government and the local city government is acting at the direction of the central government. Every relationship fits into the mosaic which China is creating of point of leverage.

Recommended:  Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware

Sadly, no one can stop themselves from being targeted. China has the exclusive on who gets targeted and why; we can only prepare ourselves on how we may react when we learn of this targeting.

Suggest an edit to this article

Go to Cybersecurity Knowledge Base

Got to the Latest Cybersecurity News

Go to Cybersecurity Academy

Go to Homepage

Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Bookmark
Please login to bookmarkClose
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

RiSec.Mitch
Just your average information security researcher from Delaware US.

more infosec reads

Subscribe for weekly updates

explore

more

security