Support The Bulwark and subscribe today.
  Join Now

The Chinese Threat That’s Hiding in Plain Sight

You might call it a military-scientific-commercial industrial complex.
September 12, 2019
The Chinese Threat That’s Hiding in Plain Sight
(Photo by AFP/Getty Images)

Early in my Army career, I served as a foreign area officer in Asia focused on China and have spent the succeeding years in intelligence. Right away in my journey as a career military intelligence officer, I came to have great respect for Chinese discipline. They work hard; they sacrifice. What a large number of Chinese leaders, engineers and academics also do quite well is identify and adopt others’ good ideas. They reverse engineer what they have stolen including copying weapon designs for C-17, F-22, and F-35 planes and the Predator drone. They are masters of “hiding in plain sight.”

In 1999, two Chinese colonels published “Unrestricted Warfare,” a seminal piece that described in precise detail how China could assert dominance in competition with Western powers by using all means of warfare without limitations. America’s problem then was it did not see these other means of warfare for what they could become or how they could be employed. 

Chinas intentionally blurs the lines between public and private enterprises, to ensure that the nation’s military, espionage, and commercial interests are intertwined. This takes shape with massive investments in state-owned enterprises, state-sanctioned hacking, and cyberwarfare. Everything in China, from diplomacy, economics, military development, and information, is used in concert to achieve Communist Party objectives.  For example, China’s 2017 National Intelligence law mandates information sharing between “private” businesses and intelligence agencies, even for Chinese businesses operating in other countries.  Additionally, numerous individuals working for or with state-owned enterprises have been indicted for espionage by the U.S. Justice Department, highlighting the close link between Chinese businesses and the government.  There are ongoing concerns about certain Chinese graduate students and academics in U.S. schools, who can act as “non-traditional collectors (of intelligence), especially in the academic setting,” according to FBI director Christopher Wray. 

 The Chinese Academy of Sciences (CAS) serves as a case study for how a state-controlled institution uses its resources to meet the objectives of the Communist government. Established in 1949, the academy operates as a national think tank and consists of dozens of campuses and more than 50,000 researchers. It employs word-class scientists and partners with many American and Western universities on research projects.  However, it is more than a disinterested research organization or academic institution. According to the congressional U.S.-China Economic and Security Review Commission, it also has “connections to Chinese military, nuclear, and cyberespionage programs.” 

There is no American counterpart to CAS; our National Academy of Sciences does not serve the U.S. military or our intelligence services, instead operating as a non-governmental organization on a smaller scale, with a more specific mission and much smaller budget. 

CAS and CAS-owned companies develop AI initiatives, hypersonic spaceplanes, robotic submarines, underwater platforms and missile technology for the Chinese military, enabling it to expand its presence in the Pacific, specifically in the South China Sea.  Chinese companies who partner with CAS are viewed by the Security Review Commission as potential threats to supply chains of American companies, such as Hengdian Group and Goertek, who supply magnetic and acoustic materials to American companies.  The commission notes that the threats extend beyond standard cybersecurity risks, and also include the potential theft of design and product specifications of American companies.

 The Justice Department has provided additional evidence in multiple indictments that individuals affiliated with CAS were responsible for facilitating the transfer of trade secrets and military technology from U.S firms. CAS serves a clearinghouse for technology and information appropriated or stolen from American universities and companies.

Of all of CAS’s ventures, Lenovo remains its greatest success.  CAS founded and is still a parent of Lenovo; CAS owns 35 percent of Legend Holdings (an asset management arm of CAS), which has a 31 percent ownership stake in Lenovo. The Chinese government remains the largest shareholder of Lenovo.  It has successfully pursued a low-cost, high volume model. Today, Lenovo is the worldwide market leader in personal computer sales, with 65 million sold throughout the world over the past year.  In the United States, no manufacturer’s sales have grown more quickly than Lenovo’s.  The company boasts of serving over 900 U.S. state and local government agencies. Lenovo would not have expanded to its current size without support from CAS and the Chinese government. 

CAS, and by extension Lenovo, benefited from China’s National High Technology Research and Development Program, also known as the “863” Program, which for more than 30 years has subsidized technology development in IT, aeronautics and automation. Government agencies, research labs, and SOEs receive funding under the program.  According to the Security Review Commission, CAS is the largest recipient of 863 money, making it an engine for initiatives that build up China’s information and communications technology sector and military. For example, CAS is the largest shareholder of Sugon, a developer of AI for the Chinese military.

While not the specific target of any recent Trump administration actions, because of its ties to the Chinese, Lenovo currently has unmitigated access to millions of Americans’ personal information.  This should raise red flags, given the company’s history of security and privacy abuses. Lenovo’s Watch X sent user locations to a server in China without their knowledge; its Superfish adware installed in hundreds of thousands of computers allowed third-parties to spy on browser traffic, resulting in a settlement with the Federal Trade Commission; security researchers found that Adups data mining software on Lenovo phones could collect personal data without consent.  There are many other examples that should give potential buyers pause, not just for the chance that sensitive information falls into the hands of third parties, but that the Chinese government obtains it and freely exploits it.

Because of its ties to the Chinese government, and backdoors prevalent in their products, Lenovo has been banned by intelligence agencies in the “Five Eyes” countries – the U.S., Canada, the U.K., Australia, and New Zealand.   Last decade, the State Department banned Lenovo from classified networks and the U.S. Navy later banned the company’s servers from its ships. Just last month, the Department of Defense inspector general flagged the “cybersecurity risks” of using Lenovo products. Despite these warnings, consumers, businesses and government agencies purchase Lenovo computers at an alarming rate.  They are often seen as an inexpensive and user-friendly alternative to other products. The facts above are unknown to or ignored by too many consumers and procurement officials across the nation.  So is the reality that the largest PC maker is owned by a Chinese, state-controlled institute connected to espionage activity. 

China will likely continue to expand its strategy of combining military, scientific and commercial interests through state-owned enterprises and state-directed action. According to former Rep. Robert Pittenger, “Chinese investment in the United States increased more than 900 percent between 2010 and 2016.  While some were legitimate business investments, many others were part of a strategic, coordinated, Chinese government effort to target critical American national security infrastructure and technology.”  The Pentagon issued a private report two years ago expressing that Chinese “investment into American start-ups was a new cause for concern.” These concerns are well-founded. The bipartisan IP Commission estimated in a 2017 report that Chinese theft of American intellectual property totaled between $225 billion and $600 billion per year.

In recent months, the Trump administration took a number of steps to block certain Chinese companies from entering American markets.  The Federal Communications Commission voted to prevent China Mobile from operating in the United States; President Donald Trump issued an executive order to protect technology supply chains from unwanted foreign intrusions; and the Commerce Department placed Huawei on its “Entity List.” All transactions with an organization, government or commercial, or an individual on the  “Entity List” are flagged by the U.S. government for monitoring for possible national security risks. The executive order and Huawei’s inclusion on the “Entity List” effectively ban Huawei from all telecommunication networks in America. In August, the U.S. government added 46 more Huawei affiliates to the Entity List.

While these steps are welcome, the debate over U.S-China policy should not primarily focus on a cost-benefit analysis of specific companies operating in the U.S. This approach is the diplomatic equivalent of “whack-a-mole,” which only narrowly defines bad actors.  Actions taken by hostile Chinese actors are less about individual Chinese companies closing the gap with their American competitors than they are conforming with the communist party’s “Made in China” 2025 initiative, which aims to make China a technology manufacturing superpower by any means necessary.  Policymakers must communicate the broad scope of threats and intrusions (beyond one company’s actions) so government agencies, private businesses, and consumers remain aware, vigilant and protected. 

We will not change China’s cultural behavior of persistence, or its desire to become the single global super power. America must acknowledge China’s aspirations and find very narrowly defined opportunities to collaborate while preventing hostile actions from compromising our networks, platforms, and national security.  The US and the Soviet Union figured that out when they both had more than 6,000 nuclear weapons each 40 years ago. China’s cyber adventurism advanced by governmental fiat and money is no less existential. They are not trying to mask their intentions. America owns the response. 

James Marks

James “Spider” Marks is a retired Major General in the U.S. Army and a CNN military and national security contributor.