Wednesday, 3 August 2022

China: the new security risk?

The heads of MI5 and FBI issued a joint warning to businesses in the UK, USA and Europe about the risks presented to business by Chinese state. We take a look at the scope of those warnings.

Last month, the joint heads of MI5 and FBI came together to issue a joint warning to businesses in the UK, the USA and Europe about the risks presented to business by Chinese state.

Grant McGregor takes a look at the scope of those warnings and discusses what it means for businesses like yours and what you can do to protect yourself.

On July 7, 2022, at Thames House in London the FBI Director Chris Wray and the Director of MI5 Ken McCallum addressed a meeting of business leaders and academics. In that meeting, the pair warned about the growing threat of Chinese state activity to the business community.

What are the risks?

The risk set out by Wray and McCallum were multi-faceted. Perhaps the most well-reported espionage undertaken by Chinese state-sponsored hackers has involved the theft of intellectual property (IP). Wray and McCallum warned that this continues to be a concern, but also took the opportunity to highlight the risks of Chinese mergers and acquisitions, supply chain problems, and cybercrime, especially social phishing, and ransomware.

Threat: IP theft

We’ve long understood that theft of IP is a risk from both Russian and, especially, Chinese state-sponsored actors. It is incumbent on all organisations which hold IP to ensure that they have appropriate cyber-security controls in place. If you’re not sure about how to ensure that you do, then the UK Government’s Cyber Essentials scheme is a great place to start.

Getting basic controls in place is important, especially for those businesses which are most at risk of being a target. Wray and McCallum identified technology IP as some of the most targeted, especially IP relating to machine learning and artificial intelligence. If you operate in these fields or use these tools in your business, it is worth doubling down on your cyber security around these systems.

Threat: social spear-phishing

One emerging threat vector that you will probably be less familiar with is that of social spear phishing. If you read our blog regularly, you’re probably familiar with the term phishing; that is the use of bulk emails to try to target individuals so that they either click on a malicious link and/or unwittingly provide personal information. Spear phishing is similar in that the attackers use email to target victims, but it is focused on specific individuals that attackers have identified within target organisations. Attackers can often spend a great deal of time researching their intended victims and carefully planning the attack before launching it.

Now, Wray and McCalllum are warning that Chinese state-sponsored malicious actors are targeting academics and business leaders in fields that are of high interest to the Chinese state (including technology, finance, security and artificial intelligence) using social media as one line of attack. Through the use of flattery and the offer of business trips, individuals are encouraged to give up important information of value to the attackers.

You can read our recent blog about how attackers are targeting individuals on LinkedIn for more information on how this type of attack works. As a general rule, be cautious about people who you don’t know seeking to connect with you via social networks.

Threat: political instability Taiwan

China is being increasingly aggressive in what it sees as its sphere of influence, around the South China Sea, Hong Kong, Macau and Taiwan. This has led to significant and growing political tensions(1), not least around US Speaker of the House of Congress Nancy Pelosi’s visit to Taiwan as part of her South East Asia tour.

Taiwan is a key strategic player, not least because it manufactures most of the world’s computer chips and semiconductors(2), including the microchips used in US weapons technology(3). The US Government’s fear about disruption to such supplies led to the US Senate approving US Innovation and Competition Act(4) (USICA), a massive science and technology bill designed to boost US competitiveness with China. The bill will allow the federal government to invest billions into emerging technology industries like artificial intelligence, semiconductors, and quantum computing in the US.

If your business is dependent on such things, it might be time to start thinking about sourcing strategies and how to mitigate any potential supply chain disruption.

Threat: cost of doing business in China

Disruption to prized goods out of Taiwan would not be the only consequence of escalating tensions. Wray and McCallum warned that should tensions escalate into outright conflict, the sanctions regime imposed on China would be at least as harsh as that levied against Russia following its invasion of Ukraine. The two intelligence directors warned that sanctions levied against China (if it were to invade Taiwan) could be even more disruptive – not least because of the West’s exposure to doing business in the country.

Wray warned that businesses might come to regret becoming entrenched in doing in business in China. “Just as in Russia, western investments built over years could become hostages, capital stranded, supply chains and relationships disrupted,” he said. “When you deal with a Chinese company, know you’re also dealing with the Chinese government – that is the MSS and the PLA – too, almost like silent partners.” He suggested firms carefully assess the risk of funding and partnerships.

Threat: state-backed ransomware

Wray and McCallum also detailed the ongoing pressure of cyber-attacks by state-backed cybercrime and ransomware groups. If tensions rise or sanctions are imposed it is sensible to think that this type of activity would increase, just as the activity of Russian hackers stepped up in the run up to Russia’s invasion of Ukraine and through the ensuing war thus far.

Overview: how to meet the developing threat

Information is key.

To that end, you can read the joint statements in full below(5).

Consider how your business or supply chain might be threatened. If you are concerned how some of the identified here threats might impact your business and you’d like advice or support in implementing the appropriate cyber-security controls, please reach out to our team. We are always happy to offer some straight-talking advice.

You can reach us on: 0808 164 4142

Further reading?

For information and advice about how to respond to the increased threat arising from the war in Ukraine, read our blog here.

This “actions to take now” section at the end of this article includes relevant advice about how to protect your organisation from the growing threats identified in this article.

Plus, read the latest advice about passwords and how to implement multi-factor authentication to quickly boost your cyber security.

Or understand the most recent types of phishing threat so you can take the right actions against phishing activity.