MI5 and FBI warn businesses over mass Chinese IP theft
The security services urged organisations to consolidate security practices and approach Chinese business relationships with caution
MI5 and the FBI held an unprecedented joint address to highlight how the interests of the Chinese Communist Party (CCP) represent a growing threat to UK and US businesses.
Addressing an audience of business leaders and academics at Thames House in London, MI5 Director General Ken McCallum and FBI Director Chris Wray laid out serious concerns about the long-term prospects of Chinese mergers and acquisitions (M&As) and intellectual property (IP) theft across all sectors, with copies of their respective speeches available on the MI5 website and FBI website.
The intelligence experts reminded listeners the large Chinese companies that aren't explicitly state-owned are nevertheless required to report to the CCP and maintain internal cells, effectively ensuring that government oversight and control is maintained.
These concerns have previously led to the UK government deciding to remove Huawei devices from UK 5G infrastructure, as well as prompting a group of cross-party MPs to urge for two CCTV companies to be banned from operating in the UK.
Corporate takeover or IP theft was highlighted as a particularly common attack vector against Western firms. Organisations were warned to invest in long-term growth, rather than short-term profitability by selling in the Chinese market. Doing so could result in IP being replicated and sold by a Chinese government-backed firm.
Other methodology that was highlighted includes fake professional networking, in which professionals are encouraged through flattery and business trips to give up key sector information, covert theft of industry secrets by malicious insiders, and the ongoing pressure of cyber attacks by state-backed cyber crime and ransomware groups.
Storage's role in addressing the challenges of ensuring cyber resilience
Understanding the role of data storage in cyber resiliency
Free DownloadIndeed, Chris Wray warned the assembled audience that “when you deal with a Chinese company, know you’re also dealing with the Chinese government – that is, the MSS and the PLA – too, almost like silent partners".
Throughout the statement, it was reiterated that although the UK and US government have been targets of Chinese-backed cyber attacks and espionage, it's the tech sector and advanced research fields such as those developing artificial intelligence (AI) that are of most material interest to the CCP.
They also raised brewing geopolitical crises such as anticipated action against Taiwan, while warning such incidents might exacerbate the economic downturn caused by Russia’s invasion of Ukraine.
Wray predicted in the case of a Chinese invasion of Taiwan, businesses may come to regret being closely entrenched in the Chinese market and experience "one of the most horrific business disruptions the world has ever seen".
“Just as in Russia, Western investments built over years could become hostages, capital stranded, supply chains and relationships disrupted. Companies are caught between sanctions and Chinese law forbidding compliance with them," he said.
The experts avoided trivialising the situation by offering simple advice, but business leaders were asked to consider whether they have a strategic approach to manage and discuss the issues raised, whether their organisation has a security culture at all levels, and whether or not they have carefully assessed the risks of funding sources and partnerships.
Both agency chiefs stressed they're ready and willing to work closely with organisations to offer advice, check submitted evidence and provide solutions to ward off would-be attackers.
Defending against malware attacks starts here
The ultimate guide to building your malware defence strategy
Free Download
The essential guide to preventing ransomware attacks
Vital tips and guidelines to protect your business using ZTNA and SSE
Free Download
