The heads of the security services of the UK, US, Canada, Australia and New Zealand have urged businesses and universities to take steps to protect western technology from the “unprecedented threat” posed by Chinese spying.
The heads of the Five Eyes intelligence services warned this week that China is “engaged in wholesale intellectual property theft” of key technologies, including artificial intelligence (AI), quantum computing, biotechnology, and robotics and automation.
The five intelligence chiefs told a conference in Silicon Valley that there was an urgent need for the intelligence services to raise awareness and to work closely with the private sector to protect innovative technology from the People’s Republic of China.
FBI director Christopher Wray told the FBI-convened Emerging Technology and Securing Innovation Security Summit at Stanford University that China had a bigger hacking programme than every other major nation combined, and was using it to steal high-tech secrets.
The Chinese Communist Party has passed legislation to force any person of Chinese origin to support their intelligence service, allowing them to coerce Chinese nationals in the west to disclose information about technologies they are working on.
The country went beyond using “traditional spies”, by recruiting insiders in businesses and research organisations to steal trade secrets from private businesses and research institutions, he said.
AI poses new hacking risks
The intelligence chiefs, speaking together publicly for the first time, said they were concerned about China gaining access to artificial intelligence technology, which could raise hacking threats to a “whole other level of dangerousness”.
They said China had stolen more personal and corporate data than any other nation “by orders of magnitude” and there was a danger that China could use AI to leverage data it had collected.
For example, the Chinese and others are actively using AI to conduct sophisticated spear-phishing attacks and could use the technology to automate hacking.
“You could use AI now to find vulnerabilities [in software] that can be exploited and use AI to write code to exploit those vulnerabilities,” said Wray.
The FBI chief said AI could also assist terrorists. In some cases, people have been able to circumvent safeguards built into AI infrastructure to search for ways to build a bomb, or to assist in distributing terrorism propaganda.
“We’ve seen AI used to essentially amplify the distribution or dissemination of terrorist propaganda … for example, putting it into other languages in a way that is more coherent and more credible to potential supporters,” said Wray.
MI5 uses AI to monitor bugs
MI5 director general Ken McCallum said the flip side was that, used ethically, lawfully, intelligently, AI could help intelligence agencies to protect society.
He disclosed that MI5 was using AI technology to analyse thousands of hours of audio data collected by lawfully planted “tiny microphones” or bugs to identify activities of concern.
“We collect thousands and thousands of hours of audio data from interesting places, every week and every month,” he said. “That means we end up with a lot of audio product we need to translate into knowledge that is searchable, and the best way to do that is to have AI scan the material.”
How to protect sensitive tech
Ken McCallum, director general of MI5, said there was a need to protect universities and startup companies that spin out of university research from risks posed by Chinese spying.
“It is about innovative spinouts doing interesting things off the back of research taking place in our universities,” he said.
That means engaging with people who, perfectly understandably, may not previously have thought that national security had anything to do with them, he added.
David Vigneault, director general of the Canadian Security Intelligence Service (CSIS), said the intelligence service had found that the most effective way of working with businesses on the risks posed by China was to engage in a “personal way”.
This was more challenging five or six years ago, when every financial analyst was advising companies to invest in China, he said.
But China’s boldness about stealing intellectual property and its attempts to interfere with democratic processes, and to engage on university campuses, had made companies and universities more receptive.
Canadian tech used in Russian drones
In one case, CSIS held “a very difficult discussion” with a Canadian business leader after Ukrainian intelligence discovered that Canadian parts were being used in the guidance systems of Russian drones used to kill Ukrainians, without the knowledge of the Canadian supplier.
The Five Eyes intelligence agencies have been building relationships with businesses and universities by sharing information with them on security threats from China and elsewhere.
The New Zealand Intelligence Service has partnerships with managed service providers and network operators, supplying them with a real-time feed of cyber security threats, which they pass on to their customers.
The FBI has an office dedicated to liaising with the private sector, private sector officers in each of its 56 field offices, and an academic coordinator.
“Our cyber squads are constantly engaging, sharing information with companies to help them not only harden their infrastructure, but some of the more sophisticated companies are now working with us to conduct joint operations,” said Wray.
Chinese threat to universities
Some universities have set aside offices for the FBI, which would have been unthinkable a decade ago, he said.
In some cases, Chinese-American students have faced retaliation for criticising Xi Jinping’s regime, said Wray. There have been cases where a Chinese-American student has criticised China’s actions in Tiananmen Square.
“Within less than 24 hours, the Chinese security services pay a visit to his family back in China and his parents are calling frantically saying ‘what are you doing?’,” he said. “It’s one thing to repress their population in China, but [another] to bring it here to the United States, to our campuses.”
In Canada, said CSIS’s Vigneault, the intelligence services have worked with universities to develop guidelines for awarding grants.
He said that although CSIS did not tell universities who to hire, it was probably not a good idea for universities working on cutting-edge technology to work with one of the seven universities in the People’s Republic of China associated with the People’s Liberation Army.
Ken McCallum, said that in the UK, the National Protective Security Authority, part of MI5, has developed a campaign called trusted research, which had “help to shift the conversation” in the way that universities consider threats to intellectual property.
“It would be crazy for any of us to close down the fundamental openness of our universities, but you probably don’t want a PhD student in advanced robotics to be sponsored by the People’s Liberation Army in your university,” he said.
The Five Eyes chiefs’ comments came after the intelligence agencies published guidelines – Five principles to secure innovation – which aim to help businesses and universities protect against economic espionage.
The principles, which were developed by UK intelligence services, explain how spies can illicitly obtain technology and give advice on security measures to protect intellectual property.
Wray said there was a strong match between the Chinese government’s Five-Year Plan priorities and the theft of intellectual property in the US.
“There is an eerie correlation, often, between information that was stolen or attempted to be stolen and things that they have publicly articulated as priority sectors,” he said.