The loss of intellectual property (IP) through cyber espionage and cyber crime constitutes the greatest transfer of wealth in history. U.S. companies alone loose around a quarter to half a trillion dollars annually through intellectual property theft, with over a hundred billion lost due to cyber crime – a number that can be tripled when the costs of downtime are taken into account. There are many challenges in the field of IP protection, however, the chief among them is China and its national program of integrating IP theft into Chinese industry via cyber espionage, as its ambitions are curtailed by export restrictions. Some of the most vulnerable industries to this campaign are those in information technology, advanced manufacturing (especially in semiconductors), aerospace, maritime, rail, high-tech shipping equipment, new-energy vehicles, biotech, and pharmaceutical products.
Intellectual property assets such as inventions, artistic and cultural creation, brands, software, know-how, business processes and data are the fundamental pillars of today’s economy. Over the past two decades, the volume of annual investment in these “IP products” has almost doubled, making it the fastest growing asset class by far in today’s business environment. Intellectual property-intensive industries today already constitute almost half the GDP in Europe alone, and will become the most important part of the world economy in the coming years, especially with the rise of artificial intelligence and its incorporation into business practices.
Protection of these capital-intensive industrial ecosystems is a key challenge, and as such, both governments and supranational organizations will need to do more to introduce and enforce effective regulation. Private businesses will also have to incorporate tools for external threat management to stay ahead of attackers.
While there are a multitude of global factors connected to the issue of intellectual property theft, state-sanctioned IP theft from China has been a significant concern around the world for years in many business areas, the implications of which are stil becoming clear. The scope of this report is to raise awareness of the issue and to address one part of it in detail, namely the cyber espionage component of the state programme to acquire intellectual property.
Chinese corporations frequently disregard IP protection, and as a nation has long-standing policies – both overt and covert – designed to take intellectual property from foreign, mainly Western (but increasingly also Asian) businesses.
Theft of IP, or forced know-how transfer, as part of the cost of doing business in China does not always indicate that the affected company is no longer able to produce goods or services, however, it now faces a competitor that has not invested into R&D of the product and that has a political cover from a trade superpower, that disobeys it’s obligations to the World Trade Organization and restricts global competition in its domestic market.
China has established many obstacles to foreign businesses that safeguard the Chinese market for domestic companies, while it subsidizes exports. Many of the subsidized Chinese businesses that sell to an open global market while operating in a closed home market have a significant and unfair advantage, which ultimately led to a shakeup of the domestic politics in the U.S. 2016 presidential election.
In many cases, however, the situation is aggravated by industrial espionage and theft of intellectual property like blueprints, plans, charts, formulas, and software, which effectively means the receiving business has an unfair advantage as it doesn‘t have to bear the cost of the research and development of the product.
IP theft is part of a much larger industrial strategy that China uses to displace companies from competitor countries. This plan has been dubbed “Made in China 2025“ and has been unveiled as an initiative to comprehensively upgrade Chinese industry by the Chinese Communist Party (CCP) general secretary; Xi Jinping and Chinese Premier Li Keqiang‘s cabinet in 2015.
The plan was drafted by the Ministry of Industry and Information Technology (MIIT) and is designed to emphasize quality over quantity, optimize the structure of Chinese industry and make it more efficient and integrated so that it can capture the larger-margin share of the value chain. The plan calls for a comprehensive industry overhaul but highlights 10 priority sectors:
This in and of itself wouldn’t be concerning, as similar innovation models have been utilized by many other countries before (for example Germany, the U.S., Japan or the EU) also keeping in mind that China itself has become an innovation hub in its own right, with many potent institutions producing a large number of patents and thus domestic intellectual property. However, what makes China stand apart is the demonstrated willingness to use both IP theft and cyber as a tool of statecraft, often combining the two in an effort to go in advantage on the international markets and by extension on the global stage in general, where China demonstratively seeks to dramatically change the balance of power in its favor and to dethrone the U.S. in its unique position of power.
Acquisition of relevant technologies is an important part of the plan, but the purchase of high-tech companies abroad, or forced know-how sharing in industries where China is lagging (like AI, or chip manufacturing) will become more difficult or even impossible due to the U.S. and EU introducing strict legislation, limiting Chinese acquisitions,making cyber espionage an ever more important part of the Chinese plan.
Two ongoing global events that were initiated last year are still having a seismic impact on this issue is the invasion of Ukraine in February, and the initiation of US export control regulations targeting China’s artificial intelligence (AI) and semiconductor industries. While it might seem like a minor technocratic ruling, the nature of this regulation ushered in a new era in Sino-American relations, and by extension, international politics. In this post-Cold War era, the nature of the dynamic has changed, with their competition-cooperation balance tipping into the territory of competition, with both sides seeking dominance in technology.
The regulation restricted exports of advanced computer chips (mostly for AI applications) and technologies pertaining to this, and has acted to inflame attitudes towards China. For the first time, exports were restricted not just in military or dual use technologies, and came accompanied by comments from many U.S. officials who stated that the strategy should seek to contain the rise of China as a near-peer technology-enabled adversary with the capability to compete with the U.S. militarily in terms of volume, power projection and cutting edge technology.This new policy was matched by an ongoing U.S. campaign to persuade key American allies to join them in creating a transformed landscape for the Chinese semiconductor industry, which is now intended to be held back indefinitely, unless it would be to achieve a breakthrough domestically(which it consistently fails to do).
The Chinese government has been accused of supporting or endorsing IP theft through various means, including providing financial incentives, intelligence support, and legal protection for entities involved in such activities. This government support is the biggest concern because it enables the achievement of a very large scale and sophistication of IP theft, while it prevents solution by legal means in most cases.
Cyber espionage mostly amounts to hacking into computer networks, infiltrating systems, and covertly extracting sensitive information. While this can be done by a variety of actors, the Chinese state nurtures sophisticated hacking groups directly inside the state’s structures which it often directs to steal sensitive and advanced technologies. But the problem doesn’t end there, the problem is the complicated intelligence-state-commerce web of relations that enable the unprecedented scale of IP theft. Chinese intelligence and Chinese commerce are integrated in ways that cannot be compared to Western countries or their Asian allies. Western governments do not conduct industrial espionage to the benefit of U.S. businesses, but in China, thanks to successive national security legislation passed under President Xi Jinping, Chinese businesses are required to work with its intelligence services, whenever requested to do so, effectively making them silent partners in Chinese commerce with the outside world. China’s unprecedented economic boom this century has been fueled by an equally unprecedented theft of Western science and technology, which is why the director of the U.S. National Security Agency warned that cyber-espionage constituted the greatest transfer of wealth in history – in which China is the largest perpetrator.
Chinese firms have been enlisted to process stolen data for their country’s spy agencies. By co-opting Chinese companies’ data-processing capabilities, Chinese intelligence agencies can rapidly sift through massive amounts of information to find key data points. State hackers can therefore focus on gaining access to targeted networks and exfiltrate data, while the private sector is obligated to help process the data. Previously, Chinese hackers were mainly focusing on defense industrial base, successfully compromising the networks of contractors to the Pentagon’s U.S. Transportation Command 20 times in a single year, while many other incursions have likely gone undetected.
Data has been passing from China’s spies to Beijing’s own industrial base for years, however, recent technological and political developments indicate that the cyber espionage /IP theft nexus is likely to expand exponentially. In 2022, a single multifaceted malicious cyber operation has exfiltrated an estimated trillions in intellectual property theft from approximately 30 multinational companies within the manufacturing, energy and pharmaceutical sectors. The hack was orchestrated by the notorious Chinese state actor; APT 41, and has effectively demonstrated Chinese willingness to steal it’s way towards it’s demonstrated development goals in an unashamed state-business cooperation.
While trade war is not a desirable result, it’s becoming increasingly clear that major industrialized countries like the U.S., Japan, South Korea, or the EU will be putting an increasing pressure on China in demanding fairer trade terms and respect for intellectual property. Steady diplomatic pressure accompanied by skillful use of existing trade organizations may lead China to change its behavior, and to fully respect international market practices (to which Beijing already mostly formally subscribes). Under such circumstances, Chinese industrial policies and subsidies of domestic businesses would be hard to object to.
That said, any potential move to a more balanced trade relationship with diminishing overt IP transfer would likely push China to double down on covert efforts to illegally gain competitor intellectual property, the main tool of which would be cyber espionage. China is a global champion in using cyber attacks as a tool of statecraft, and the hands-on role of the government in the economy only reinforces the drive to use cyber attacks for IP theft, even in matters that are of no military or dual use. China has a bigger hacking program than that of every other major nation combined, and any large company in industries outlined in Chinese development plans will need to invest into external threat landscape management solutions to stay ahead of relentless and repeated assaults by Chinese hackers.
