Steal or Die

China Accelerates Cyberspying Efforts to Obtain U.S. Technology
By David E. Sanger and Steven Lee Myers

General Electric Aviation’s factory in Cincinnati. A Chinese intelligence official is accused of trying to obtain trade secrets from the company.

WASHINGTON — Three years ago, Barack Obama struck a stupid deal with China: Xi Jinping agreed to end his nation’s yearslong practice of breaking into the computer systems of American companies, military contractors and government agencies to obtain designs, technology and corporate secrets, usually on behalf of China’s state-owned firms.
The pact was celebrated by the Obama administration as one of the first arms-control agreements for cyberspace — and for some few months, the number of Chinese attacks plummeted.
But the "victory" was fleeting.
Soon after President Trump took office, China’s cyberespionage picked up again and, according to intelligence officials and analysts, accelerated in the last year as trade conflicts and other tensions began to poison relations between the world’s two largest economies.
The nature of China’s espionage has also changed.
The hackers of the People’s Liberation Army — whose famed Unit 61398 tore through American companies until its operations from a base in Shanghai were exposed in 2013 — were forced to stand down, some of them indicted by the United States.
But now, they have begun to be replaced by stealthier operatives in the country’s intelligence agencies.
The new operatives have intensified their focus on America’s commercial and industrial prowess, and on technologies that the Chinese believe can give them a military advantage.
That, in turn, has prompted a flurry of criminal cases, including the extraordinary arrest and extradition from Belgium of a Chinese intelligence official in October. 
Trump administration officials said the arrest reflected a more determined counterattack against a threat that has infuriated some of the country’s most powerful corporations.
“We have certainly seen the behavior change over the past year,” said Rob Joyce, President Trump’s former White House cybercoordinator, speaking at the Aspen Cyber Summit in San Francisco this month.
President Trump and administration officials often suggest that all technology-acquisition efforts by China amount to theft.
In doing so, they are blurring the line between stealing technology and negotiated deals in which corporations agree to transfer technology to Chinese manufacturing or marketing partners in return for access to China’s market — a practice American companies often view as a form of corporate blackmail but one distinct from outright theft.
The stealing of industrial designs and intellectual property — from blueprints for power plants or high-efficiency solar panels, or the F-35 fighter — is a long-running problem.
The United States Trade Representative published a report earlier this month detailing old and new examples.
But the administration has never said whether cracking down on theft and cyberattacks is part of the negotiations or simply a demand that China cease activity that Beijing has already acknowledged was illegitimate.
But as President Trump and Xi prepare to meet at the Group of 20 gathering in Argentina this weekend, China’s corporate espionage has once again emerged as a core American grievance.
Whatever the reason for the renewed hacking, it is a cautionary tale as President Trump tries to use tariffs and threats of more restrictions to strike a new trade deal with Xi, one that presumably would address, once again, the Chinese practices that Obama naively thought Xi had halted.
American trade and intelligence officials, as well as experts from private cybersecurity firms, all acknowledged that the previous agreement had completely fallen apart.
And that, they agreed, has made it still more difficult to imagine how any new agreement struck between President Trump and Xi would become a permanent solution to a problem that reaches back years, and seems rooted in completely different views of what constitutes reasonable competition.
“Our two systems are so dissimilar that I think there was never real hope that crafting an agreement like this would last that long anyway,” said Matthew Brazil, a former government official who now runs Madeira Security Consulting, a firm in San Jose, Calif.
Why the espionage has spiked again is a matter of debate.
Some officials and analysts call it a cause of the worsening trade relationships, others a symptom. Still others argued that the tightening of American export controls in critical industries like aerospace and rules on Chinese investment in Silicon Valley has led the Chinese once again to try to steal what they cannot buy.
The impetus for the 2015 accord was one of the most blatant espionage operations ever conducted by the Chinese government: the removal, over a period of more than a year, of 22 million security-clearance files on American officials, military personnel, contractors and American intelligence officers.
The Obama administration, out of embarrassment, said little about the breach, never naming the Chinese publicly — except by mistake when the director of national intelligence blurted out the truth.
American intelligence officials concluded that the Chinese were assembling a giant database of who worked with whom, and on what, in the American national security sphere, and were applying “big data” techniques to analyze the information. 
The C.I.A. could not move some officers to China, for fear their cover had been blown. 
Publicly, Obama administration officials offered millions of Americans credit protection for a few years in the wake of the data breach — as if Xi’s agents were looking for credit card numbers.
Michael Kovrig, a former Canadian diplomat who is now a China analyst for the International Crisis Group, said that China had a fundamentally different understanding of what was acceptable in espionage.
While the Central Intelligence Agency, say, would not act to help a private company gain a competitive advantage over a foreign competitor, he said, China’s Communist Party, which has control over practically all aspects of policy there, would make no such distinction.
“If you view economic growth as an existential pillar of your party’s political legitimacy and in fact your national security, it follows that you would do anything possible to maintain that competitive edge,” he said.
Indeed, the latest spike in corporate espionage cases — including some not yet made public — has focused on industries critical to Xi’s Made in China 2025 program.
That is a plan to jump ahead of the United States and others in cutting-edge industries like aerospace, automation, artificial intelligence and quantum computing.
“We are seeing it in high tech, in law firms, in insurance companies,” said Dmitri Alperovitch, one of the founders of CrowdStrike, who early in his career was one of the first to identify the teams of state-run Chinese hackers aiming at the United States.
With the arrest of the intelligence officer in Belgium in October, the Trump administration claimed it had exposed what the assistant F.B.I. director, Bill Priestap, called “the Chinese government’s direct oversight of economic espionage against the United States.”
That case involves Xu Yanjun, a deputy division director in the Jiangsu branch of the Ministry of State Security, China’s main intelligence agency.
According to a secret criminal complaint filed in Ohio in March but not unsealed until October, Xu tried to recruit an employee of General Electric Aviation and entice him to provide proprietary information about jet fan blade designs.
Instead the employee alerted the company, which went to the F.B.I. and organized a sting.
Xu flew from China to Belgium in April on the hope he would be able to copy the employee’s computer hard drive.
He was arrested on April 1 when he arrived in Brussels and was extradited to the United States on Oct. 9, the day before the Justice Department made the case public.
China’s Foreign Ministry denounced the criminal case as “pure fabrication,” but it has neither confirmed nor denied that Xu was an intelligence officer.
China’s relatively muted reaction could be an effort to minimize attention on an embarrassing intelligence failure and leave room for quiet negotiations for an exchange.
Xu’s was the most high profile of several recent cases, including two others that had links to the Ministry of State Security’s branch in Jiangsu Province, which extends north from Shanghai.
In September, the Justice Department announced the arrest of Ji Chaoqun, a 27-year-old graduate student who had joined the Army Reserves under a special waiver for foreigners.
The F.B.I. affidavit in the case said that Ji’s handler — presumably Xu — had been arrested, allowing the bureau to send an undercover officer to meet the student in April.
Ji, the affidavit said, had been recruited to gather background information about eight potential recruits for the Jiangsu branch.
Xu, who went by at least two aliases, often claimed to represent the Jiangsu Association for International Science and Technology Cooperation and Nanjing University of Aeronautics and Astronautics, both based in the provincial capital, Nanjing.
The reasons Jiangsu has become a hotbed of China’s cyberespionage are not entirely clear, though it is an important manufacturing center, with many foreign investments, and is thus one of China’s richest provinces.
In 2016, the director of the Jiangsu intelligence branch, Liu Yang, declared that “the national security departments should actively cooperate and promote enterprises” in their efforts to expand and compete globally, according to a report from the Suzhou General Chamber of Commerce.
In January, Liu was promoted and is now the vice governor of the province.
Another American criminal case of espionage in the same region of China was announced Oct. 30. The Justice Department accused two other intelligence officers from that branch, as well as five hackers and two employees of a French aerospace company in Suzhou.
The target was Safran, which operates a joint venture, CFM International, that builds jet engines with General Electric.
The hackers were accused of using a variety of sophisticated techniques and tools against the Suzhou plant, and against other companies.
But the suspects are believed to still be in China and thus beyond the reach of American law enforcement.

Born to Spy

China uses the cloud to step up spying on Australian business
By Nick McKenzie, Angus Grigg & Chris Uhlmann

China’s peak security agency has directed a surge in cyber attacks on Australian companies over the past year, breaching an agreement struck between Li Keqiang and former Prime Minister Malcolm Turnbull to not steal each other’s commercial secrets.
A Fairfax Media/Nine News investigation has confirmed that China’s Ministry of State Security is responsible for what is known in cyber circles as “Operation Cloud Hopper”, a wave of attacks detected by Australia and its partners in the Five Eyes intelligence sharing alliance.

China's Ministry of State Security is overseeing a massive hacking operation of large Australian businesses. 

A senior Australian Government source described China’s activity as “a constant, significant effort to steal our intellectual property”.
The cyber theft places intense pressure on the Morrison government to respond either via law enforcement, diplomatic channels or public advocacy, in order to uphold the cyber security pact signed between the two countries only last year.
The US Department of Justice has ramped up its investigation and prosecution of Chinese cyber hackers this year, and over the weekend US Vice President Mike Pence again accused China of “intellectual property theft” as part of an escalating trade and strategic battle with Beijing.
The Australian Federal Police and Australian Security Intelligence Organisation have stepped up their cooperation to respond to the threat, according to a senior police source, although they are many months behind the US operation.
Without enforcement, there was no effective deterrence, said one national security source.
Other sources said the Australian Signals Directorate has detected attacks against several Western businesses, although the names of the affected firms have not been made public. 

The ASD works with the other Five Eyes countries – the US, Canada, UK and New Zealand – on cyber security issues.
A spokesman for the federal government said Australia condemns the cyber enabled theft of intellectual property for commercial gain from any country.
"The Coalition Government has been active in strengthening Australia’s capability to detect and respond to cyber enabled threats and is committed to ensuring businesses and the Australian community are resilient to cyber-attacks," the spokesman said.
One major irritation, raised by several police and intelligence officials, was that Australian companies and universities failed to heed repeated warnings to harden their security against both criminals and attacks directed by nation states.
These state actors are called advanced persistent threats because they work over months or years, adapt to defences and often strike the same victim multiple times. 

One of the most active Chinese adversaries has been dubbed “APT10”, while “Cloud Hopper” refers to the technique used by this group as they “hop” from cloud storage services into a company’s IT system.
In this case the Chinese penetrated poorly secured IT service providers, to which Australian firms had outsourced their IT. 

The targets include cloud storage companies and helpdesk firms in North America and Asia. 

The initial penetration by the Cloud Hopper team allowed the hackers to enter the IT systems of Australian companies.

Adrian Nish, BAE Systems’ Head of Threat Intelligence, said the APT10/Cloud Hopper attacks had focussed on the mining, engineering and professional service companies.
“It is still active. We have evidence of [Cloud Hopper] again actively compromising managed service providers,” he said.
The theft of intellectual property is part of China’s broader industrial policy to match the US’s technological edge by 2025. 

The theft can shorten the research and development process and give Chinese companies a crucial market edge. 

They can also acquire sensitive information around pricing and corporate activity.
A national security official said the Turnbull-Li agreement had initially led to a significant reduction in cyber espionage from China. 

The US experienced a comparable drop-off in attacks after former President Barack Obama struck a similar agreement with Chinese dictator Xi Jinping in 2015.
A former senior Government official familiar with the cyber security agreement said: “The way these things usually go with the Chinese is they behave themselves for a while before they go back to being bad”.

Chinese empty promises -- "Australia and China agreed that neither country would conduct or support cyber-enabled theft of intellectual property, trade secrets or confidential business information with the intent of obtaining competitive advantage," the Prime Minister's office said in a brief statement.

The attacks on Australian firms since the start of this year, including Cloud Hopper activity, showed the bilateral agreement was being ignored.
Security officials and cyber experts, including Mike Sentonas a vice president at US firm CrowdStrike, have linked the Cloud Hopper hackers to the Ministry of State Security.
“We noticed a significant increase in attacks in the first six months of this year. The activity is mainly from China and it's targeting all sectors,” he said.
“There’s no doubt the gloves are off.”
Dr Nish from BAE, who has published the most comprehensive report on Cloud Hopper, said he discovered that attacks on multiple clients appeared to be part of the same campaign of “espionage activity”.
“It was clear it was a much bigger campaign,” Dr Nish said.
BAE referred it to the UK’s National Cyber Security Centre, who referred it to their Australian counterparts at ASD. 

While Dr Nish declined to confirm the Cloud Hopper attack was directed by Chinese intelligence services, he said there was “no reason to doubt” those who claimed it was.
He said that while outsourcing IT functions was a sensible business decision, Australian firms needed to ask “tough questions” of managed service providers. 

Some providers offered cheaper IT services because they scrimped on their own security, effectively allowing a backdoor into their clients' IT systems.
In October, the US Department of Justice provided a case study on Chinese hacking within a 21-page indictment naming the MSS and accusing the MSS and its provincial counterparts of hacking an Australian domain name provider in order to access computer systems at aviation companies in the United States and Europe.
Under direction from the MSS, the hackers are accused of either creating fake domain names or redirecting existing domain names to malicious addresses.
The MSS is headquartered in Beijing but has extensive provincial operations and is regarded by western intelligence services as a sophisticated outfit able to combine human intelligence with the advanced cyber capabilities.
Previously, Unit 61398 of the People’s Liberation Army was viewed as the main vehicle for China’s efforts to steal commercial secrets after being named by cyber security firm Mandiant in 2014.
But since a reorganisation of China’s armed forces in 2015, the PLA cyber units are believed to have refocused on military and political intelligence, leaving commercial espionage to the MSS.

Chinese hackers secured a trove of highly sensitive data on submarine warfare

Chinese Hackers Steal Unclassified Data From Navy Contractor

By Helene Cooper

Defense Secretary Jim Mattis recently disinvited the Chinese military from a large, multinational naval exercise this summer.

WASHINGTON — China has stolen sensitive data related to naval warfare from the computers of a Navy contractor, American officials said on Friday, in another step in the long-running cyberwar between two global adversaries.
The breach occurred this year, the officials said, when Chinese government hackers infiltrated the computers of a company working on a Navy submarine and underwater programs contract. 

The company, which was not identified, was doing work for the Naval Undersea Warfare Center, which is based in Newport, R.I.
Officials said that the data gleaned by China was unclassified.
Navy officials declined to speak publicly about the hack, which was first reported by The Washington Post.
But in a statement, Lt. Marycate Walsh, a Navy spokeswoman, cited “measures in place that require companies to notify the government when a cyberincident has occurred that has actual or potential adverse effects on their networks that contain controlled unclassified information.”
She said it would be “inappropriate to discuss further details at this time.”
China and the United States have been locked in an escalating fight over cyber and military technology, with Beijing making rapid gains in recent years. 

American officials — from both the Trump administration and the Obama administration before it — concede that Washington has struggled to deter Chinese hacking, and have predicted the cyberattacks will increase until the United States finds a way to curb them.
The theft of the Navy system is hardly the largest, or the most sensitive, of the designs and systems stolen by Chinese hackers over the years. 

But it underscores a lesson the American government keeps learning: No matter how fast the government moves to shore up it cyberdefenses, and those of the defense industrial base, the cyberattackers move faster.
The plans for the F-35, the nation’s most expensive fighter jet in history, were taken more than a decade ago, and the Chinese model looks like an almost exact replica of its American inspiration.
A People’s Liberation Army unit, known as Unit 61398, was filled with skilled hackers who purloined corporate trade secrets to benefit Chinese state-owned industry. 

But many of its targets were defense related as well. 

Members of the unit were indicted in the last two years of the Obama administration, but none are likely to come back to the United States to stand trial.
The most sophisticated hack of American data took place at the Office of Personnel Management. 

It lost the files of about 21.5 million Americans who had filed extensive questionnaires for their security clearances. 

The forms listed far more than Social Security numbers and birth dates. 

They detailed medical and financial histories; past relationships; and details about children, parents and friends, particularly non-United States citizens.

The office stored much of the data at the Interior Department and encrypted nearly none of it. 

So when the Chinese copied it in a highly sophisticated operation, they were prepared to use big data techniques to draw a map of the American elite, who worked on which projects and who knew whom. 

The loss was so severe that American intelligence agencies canceled the deployment of new officers to China.

Lieutenant Walsh said that the Navy treated “the broader intrusion against our contractors very seriously.”
“If such an intrusion were to occur, the appropriate parties would be looking at the specific incident, taking measures to protect current info, and mitigating the impacts that might result from any information that might have been compromised,” she said.
The United States and China are wrangling over trade issues but also jointly looking to rein in North Korea’s nuclear ambitions. 

Donald Trump is headed to Singapore this weekend for a June 12 summit meeting with North Korea’s leader, Kim Jong-un.
The United States and China are also tangling over Beijing’s militarization of disputed islands in the South China Sea.
Last week, Defense Secretary Jim Mattis harshly criticized the Chinese government for continuing to militarize a string of islands in the South China Sea, calling the presence of advanced military equipment and missiles there a flagrant show of military power.
To add muscle to American complaints, Mr. Mattis recently disinvited the Chinese military from a large, multinational naval exercise this summer — in part because of the anti-ship and surface-to-air missiles, and other weapons, that China has positioned on the Spratly Islands.
A United States official, speaking on the condition of anonymity because he was not allowed to be identified in discussing the issue, said the Navy was investigating the breach with the help of the F.B.I.

Chinese Information Warfare: The Panda That Eats, Shoots, and Leaves

Obama never explained why he refused to take action against China, but he clearly rejected anything that might make the United States appear as a world leader and power.

By Bill Gertz

The year is 2028. 

It is August and the weather is hot. 

People’s Liberation Army (PLA) Col. Sun Kangzhou and three highly trained special operations commandos from the Chengdu military region in southern China are sitting in two vehicles outside a Wal-Mart Supercenter in rural Pennsylvania about 115 miles northeast of Pittsburgh. 

Dressed in jeans, t-shirts, and work boots, the men appear to be just like any construction workers. 

In fact, Colonel Sun and his men are members of the elite Falcon special forces team. 

One of the vehicles is a heavy-duty pickup truck with a trailer carrying a large backhoe. 

The other is a nondescript blue sedan. 

The commandos’ target today is not a military base but something much more strategic.

It has been two weeks since the deadly military confrontation between a Chinese guided-missile destroyer and a U.S. Navy P-8 maritime patrol aircraft thousands of miles away in the South China Sea. 

The 500-foot-long Luyang II missile warship Yinchuan made a fatal error by firing one of its HHQ-9 long-range surface-to-air missiles at the P-8 as it flew some 77 miles away. 

The militarized Boeing 737 had been conducting a routine electronic reconnaissance mission over the sea, something the Chinese communist government in Beijing routinely denounces as a gross violation of sovereignty. 

The Chinese missile was tracked by the P-8’s sensors after a radar alarm signal went off, warning of the incoming attack. 

The advance sensor warning allowed the P-8 pilot to maneuver the jet out of range of the missile. 

The crew watched it fall into the sea. 

Fearing a second missile launch, the pilot ordered the crew to fire back. 

The aircraft bay doors opened and an antiship cruise missile, appropriately named SLAM-ER, for Standoff Land Attack Missile-Expanded Response, took off. 

Minutes later, the missile struck the ship, sinking the vessel and killing most of the crew.

The South China Sea incident, as the military encounter was called, was just the kind of military miscalculation senior American military leaders feared would take place for years, as China’s military forces over the years had built up military forces on disputed islands and gradually claimed the entire strategic waterway as its maritime territory.
Following the South China Sea incident, U.S.-China tensions reached a boiling point with threats and counterthreats, including official Chinese government promises of retaliation. 

In Washington, phone calls to Chinese political leaders went unanswered. 

Beijing streets were filled with thousands of protesters in what were carefully orchestrated government-run demonstrations denouncing America. 

The demonstrators were demanding payback for sinking the warship. 

Tensions were the highest in history and threatened to end the peaceful period since the two major trading partners shelved their ideological differences beginning in the 1980s.
Colonel Sun and his team are now striking back in ways the United States would never suspect. 

The sabotage mission they have embarked on is unlike any conducted before and is one that China’s military over the past two decades has been secretly training to carry out: an information warfare attack on the American electrical power grid.
Chinese military intelligence hackers, after decades of covert cyber intrusions into American industrial control computer networks, have produced a detailed map of the United States’ most critical infrastructure—the electrical power grid stretching from the Atlantic to the Pacific and north and south between Canada and Mexico.
Unbeknownst to the FBI, CIA, or National Security Agency, the Chinese have discovered a strategic vulnerability in the grid near the commandos’ location. 

The discovery was made by China’s Unit 61398, the famed hacker group targeted in a U.S. federal grand jury indictment more than a decade earlier, which named five of the unit’s PLA officers. 

The officers and their supporters had laughed off the Americans’ legal action as just another ineffective measure by what Beijing believed had become the weakened “paper tiger” that was the United States.
The raid is code-named Operation Duanlu—Operation Short-Circuit—and was approved by the Communist Party of China Central Military Commission a day earlier. 

The commission is the ultimate power in China, operating under the principle espoused by People’s Republic of China founder Mao Zedong, who understood that political power grows from the barrel of a gun.
The two commandos in the truck drive off to a remote stretch of highway several miles away to a point that was previously identified near a large hardwood tree that has grown precariously close to a key local power line. 

The truck drives by the tree, whose roots have been weakened on the side away from the power lines by the commandos weeks earlier. 

The backhoe arm pushes the tree over and into the power lines, disrupting the flow of electricity and shutting down power throughout the area.
At precisely the same time as the tree strikes the power lines, Colonel Sun sits in the car, boots up a laptop computer, and with a few keystrokes activates malicious software that has been planted inside the network of a nearby electrical substation. 

The substation is one of the most modern power centers and is linked to the national grid through “smart grid” technology designed to better automate and operate the U.S. electrical infrastructure. The smart grid technology, however, has been compromised years earlier during a naïve U.S. Energy Department program to cooperate with China on advanced electrical power transmission technology. 

The Chinese cooperated, and they also stole details of the new U.S. grid system and provided them to Chinese military intelligence.
Once in control of the substation’s network, Colonel Sun sets in motion a cascading electrical power failure facilitated by cyberattacks but most important carried out in ways that prevent even the supersecret National Security Agency, America’s premier cyber-intelligence agency, from identifying the Chinese cyberattackers and linking them to Beijing. 

The agency never recovered from the damage to its capabilities caused years earlier by a renegade contractor whose charges of illegal domestic spying led to government restrictions on its activities that ultimately prevent the agency from catching the Chinese before the electrical infrastructure cyberattack. 

For political leaders, the devastating power outage is caused by a tree in Pennsylvania, leading to a cascading power outage around the nation.
The Chinese conducted the perfect covert cyberattack, which cripples the United States, throwing scores of millions of Americans into pre-electricity darkness for months. 

Millions of deaths will ensue before Washington learns of the Chinese military role and, rather than fight back, makes a humiliating surrender to all Beijing’s demands—withdrawal of all U.S. military forces from Asia to areas no farther west than Hawaii, and an end to all military relationships with nations in Asia.

***

The above scenario is fictional. 

Yet the devastation a future information warfare attack would have on critical infrastructures in the United States is a real and growing danger.
No other nation today poses a greater danger to American national security than China, a state engaged in an unprecedented campaign of information warfare using both massive cyberattacks and influence operations aimed at diminishing what Beijing regards as its most important strategic enemy. 

Yet American leaders remain lost in a Cold War political gambit that once saw China as covert ally against the Soviet Union. 

Today the Soviet Union is gone but China remains a nuclear-armed communist dictatorship on the march.
From an information warfare stance, China today has emerged as one of the most powerful and capable threats facing the United States. 

By May 2016 American intelligence agencies had made a startling discovery: Chinese cyber-intelligence services had developed technology and network penetration skills allowing them to control the results of Internet searches conducted on Google’s world-famous search engine. 

By controlling one of the most significant Information Age technologies used in refining and searching the massive ocean of data on the internet, the Chinese are now able to control and influence what millions of users in China see when they search using Google. 

Thus a search for the name Tiananmen—the main square in Beijing, where Chinese troops murdered unarmed prodemocracy protesters in June 1989—can be spoofed by Chinese information warriors into returning results in which the first several pages make no reference to the massacre. 

The breakthrough is similar to the kind of totalitarian control outlined in George Orwell’s novel Nineteen Eighty-Four with the creation of a fictional language called Newspeak, which was used to serve the total dominance of the state.
Technically, what China did was a major breakthrough in search engine optimization—the art and science of making sites appear higher or lower in search listings. 

The feat requires a high degree of technical skill to pull off and would require learning the secret algorithms—self-contained, step- by-step computer search operations—used by Google. 

The intelligence suggests that Chinese cyberwarfare researchers had made a quantum leap in capability by actually gaining access to Google secrets and machines and adjusting the algorithms to make sure searches are produced according to Chinese information warfare goals.
Those goals are to promote continued rule by the Communist Party of China and to attack and defeat China’s main enemy: the United States of America. 

Thus Chinese information warriors can continue the lies and deception that China poses no threat, is a peaceful country, does not seek to take over surrounding waterways, and does not abuse human rights, and that its large-scale military buildup is for purely defensive purposes.
The dominant battle space for Chinese information warfare programs is the internet, using a combination of covert and overt means. 

The most visible means of attack can be seen in Chinese media that is used to control the population domestically, and to attack the United States, Japan, and other declared enemies through an international network of state-controlled propaganda outlets, both print and digital, that have proved highly effective in influencing foreign audiences. 

One of the flagship party mouthpieces is China Daily, an English-language newspaper with a global circulation of 900,000 and an estimated 43 million readers online. 

China Central Television, known as CCTV, operates a 24-hour cable news outlet as well to support its information warfare campaigns.
One of the most damaging Chinese cyberattacks against the United States was the theft of federal employee records in the Office of Personnel Management (OPM) in 2015. 

That attack took place after an earlier private sector cyber strike against millions of medical records held by the major health-care provider Anthem.
The data theft included the massive loss of 21.5 million records. 

Worse, the OPM delicately announced that among those millions of stolen records was “an incident” affecting background investigation records, among some of the most sensitive information in the government’s possession used in determining eligibility for access to classified information.
It was a security disaster for the millions who held security clearances and were now vulnerable to Chinese intelligence targeting, recruitment, and neutralization. 

A senior U.S. intelligence official briefed on the classified details of the OPM told me that the early technical intelligence analysis of the data theft revealed that it was part of a PLA military hacking operation. 

“It is fair to say this is a Chinese PLA cyberattack,” said the official, adding that the conclusion was based on an analysis of the software operating methods used to gain access to the government network.
The threat was not theoretical. 

In the months after the OPM breach, several former intelligence officials began receiving threatening telephone calls that authorities believe stemmed from the compromised information obtained from OPM background investigation data hacked by the Chinese.
The response by the Obama administration to the Chinese hacking was to ignore it, despite appeals from both national security officials and private security experts that immense damage was being done to American interests and that something needed to be done to stop the attacks.
The White House, however, under Obama had adopted a see-no-evil approach to Chinese hacking that would endure throughout his administration and border on criminal neglect. 

On several occasions, Obama and his key White House aides were presented with proposals for proactive measures against the Chinese designed to send an unmistakable signal to Beijing that the cyberattacks would not be tolerated. 

Intelligence officials revealed to me that beginning in August 2011, a series of policy options were drawn up over three months. 

They included options for conducting counter-cyberattacks against Chinese targets and economic sanctions against key Chinese officials and agencies involved in the cyberattacks. 

Obama rejected all the options as "too disruptive" of U.S.-China economic relations. 

Obama never explained why he refused to take action against China, but he clearly rejected anything that might make the United States appear as a world leader and power.
By the summer of 2015, the group of sixteen U.S. intelligence agencies—including the CIA, DIA, and NSA—that make up what is called the intelligence community weighed in on the growing threat of strategic cyberattacks against the United States.
In their top-secret National Intelligence Estimate, the consensus was that as long as the continued policy of not responding remained in place, the United States would continue to be victimized by increasingly damaging cyber- attacks on both government and private sector networks. 

A strong reaction was essential.
Chinese cyberattacks have been massive and have inflicted extreme damage to U.S. national security.
Among the exotic Chinese information weapons Beijing plans to use in a future conflict are holographic projectors and laser-glaring arms that can present large unusual images in the skies above enemy forces that would simulate hallucinations among troops on the ground, according to one recent translated Chinese military report on the subject.
Traditional propaganda also will be used, including “public opinion propaganda and PSYWAR weapons to execute psychological attacks against the enemy, so as to disrupt the enemy command decision making, disintegrate the enemy troop morale, and shake the enemy’s will to wage war,” according to recently translated Chinese military writings.
Stefan Halper, a Cambridge University professor and editor of Pentagon study on Chinese information warfare, told me the Chinese are far more advanced than the Pentagon in the art of information war.
“We’re in a period where it’s not whose army wins. It’s whose story wins, and the Chinese figured that out very quickly,” Halper says.
“They’re way ahead of us in this. We’re in an age where nuclear weapons are no longer usable. They understand that. We keep nattering on about nuclear capabilities, and shields and so on, but it’s really quite irrelevant.”
As Jake Bebber, a U.S. Cyber Command military officer, put it, the threat from China and its strategy of seeking the destruction of the United States have been misunderstood by the U.S. government and military.
“China seeks to win without fighting, so the real danger is not that America will find itself in a war with China, but that America will find itself the loser without a shot being fired,” he wrote in a report for the Center for International Maritime Security.
In the future, an American president must come to the realization that the decades-long policy of appeasing and accommodating the communist regime in Beijing is not just contrary to American national interests, but is in fact advancing a new strategic threat to free and democratic systems everywhere.
Retired army lieutenant general and former DIA director Michael Flynn, the incoming White House national security adviser, has criticized the failure to understand Information Age threats and respond to them forcefully.
“Until we redefine warfare in the age of information, we will continue to be viciously and dangerously attacked with no consequences for those attackers,” he told me.
“The extraordinary intellectual theft ongoing across the U.S.’s cyber-critical infrastructure has the potential to shut down massive components of our nation’s capabilities, such as health care, energy, and communications systems. This alone should scare the heck out of everyone.”
China today employs strategic information warfare to defeat its main rival: the United States. China’s demands to control social media and the Internet are part of its information warfare against America and must be resisted if free and open societies and the information technology they widely use are to prevail. China remains the most dangerous strategic threat to America—both informationally and militarily.