"There are two kinds of big companies in the United States: those who have been hacked by the Chinese and those who do not yet know they've been hacked by the Chinese." -James Comey, Former Director, United States Federal Bureau of Investigation
In 2014, James Comey told CBS news show 60 Minutes that pretty much every major company in the United States had been a victim of state-sponsored cyber espionage. But even at that point, China's coordinated hacking efforts were already more than four years old.
Since then, it is estimated that billions of dollars of American intellectual property—trade secrets, military schematics, even the paint recipe for the White House exterior—has been reportedly stolen by the Chinese government. How did this happen?
Check out the first episode of To Catch a Thief: China’s Rise to Cyber Supremacy and find out.
The Five Poisons and the Rise of Cyber China
The evolution of China’s strategic and coordinated cyber espionage efforts (an "advanced persistent threat" in US government vernacular) ran parallel with increasing surveillance of what the Chinese Communist Party (CCP) perceived as its biggest internal threats. Increasing paranoia about these “five poisons”—the Taiwanese independence movement, the Tibetan independence movement, the Xinjiang separatist movement, the Falun Gong, and the Chinese democracy movement—lead to the rapid expansion of the surveillance state inside the Chinese borders.
But as dissidents fled China, China’s state-sponsored hackers followed closely behind, expanding their tactics to the world stage. This paved the way for Operation Aurora, a series of cyberattacks that targeted some of the biggest names in international business. “If it works at home, why not do it overseas,” says Jim Lewis of China’s Senior Vice President and the Director of the Technology and Public Policy Program at the Center for Strategic and International Studies. “They are doing their best to wire the world for Chinese surveillance.”.
Starting in 2009 companies like Google, Symantec, Dow Chemical, Akamai, and dozens more were penetrated by Chinese hackers who used the networks of smaller, less secure business partners to gain access to the biggest players in the technology, defense, finance, logistics, aeronautics, and manufacturing industries. And so began one of the largest transfers of intellectual capital in the history of the world, as Chinese hackers exfiltrated some of the most valuable and closely-held data in international business.
To Catch A Thief
Over the next month Nicole Perlroth, bestselling author of This Is How They Tell Me the World Ends and former lead cybersecurity and digital espionage reporter for The New York Times, will take us on a tour of China’s sprawling hacking operations. This first of its kind, deeply reported audio documentary will unfold weekly through dozens of chilling conversations with industry and government cyber espionage experts.
To Catch a Thief charts the rise of China’s state-sponsored hackers, from their beginnings as “the most polite, mediocre hackers in cyberspace” to the “apex predator” that now haunts America’s most critical infrastructure.
The series features the experience and expertise of some of cybersecurity’s heaviest hitters: Jim Lewis, Mandiant’s Kevin Mandia, Crowdstrike founder Dmitri Alperovitch, Google’s Heather Adkins and many more.
Check out this nine-episode series (produced by Rubrik) on your favorite podcast platform.