QUICKLOOK: Cyber Vigilance: Unraveling China's Espionage and Surveillance Operations in the Digital Domain

Mechanisms and Global Impacts of China's Cyber Intelligence Tactics

Executive Summary

China's extensive capabilities in cyberspace and its global reach present a sophisticated and complex threat to international cybersecurity and intellectual property. This report examines how China utilizes cyberspace for espionage activities and monitors foreign media through the coordinated efforts of its key agencies: the Cyberspace Administration of China (CAC), the Ministry of Public Security (MPS), and the Ministry of State Security (MSS).

Our investigation reveals a multi-faceted approach that integrates advanced technologies, comprehensive legal frameworks, and strategic intelligence operations. The findings underscore the expansive nature of China's cyber surveillance and espionage, impacting foreign corporations, universities, and government entities.

Introduction

The rapid evolution of social media has redefined global communication, turning it into a critical element of national security and international governance. In this digital age, information is both currency and weapon, and its control is essential to national sovereignty and power. The rise of social media has not only connected individuals across the world but has also become a battleground for state actors vying for influence, control, and intelligence.

Amidst this backdrop is the intensifying technological rivalry between the United States and China, often framed within the historical context of the Thucydides Trap—a term used to describe the inevitable tensions and potential conflicts between a rising power and an established one. This dynamic has significant implications for how nations engage in cyberspace, particularly concerning surveillance, data control, and the pursuit of technological dominance.

In the next sections, we will delve into the surveillance infrastructure within China, the specific roles of the CAC, MPS, and MSS in cyberspace, and the techniques employed by these entities in their cyber operations. The report will then explore the impact of these activities on foreign media and the broader implications for global governance before concluding with a summary of findings and recommendations.

China's Surveillance State

China has built an extensive surveillance state with an intricate network of laws, technologies, and operations designed to monitor and control the flow of information within its borders. The Personal Information Protection Law (PIPL) and the Data Security Law (DSL), both promulgated in 2021, have laid down a rigorous legal framework for data governance, with far-reaching implications for both domestic and international entities operating in China. These laws also provide the Chinese government with a legal basis to access data for national security and public interest purposes, which could extend to surveillance activities.

Role of Chinese Agencies in Cyberspace

Cyberspace Administration of China (CAC) 国家互联网信息办公室

Zhuang Rongwen (Chinese: 庄荣文; Pe̍h-ōe-jī: Chng Êng-bûn; born February 1961) is a Chinese politician, currently serving as director of the Cyberspace Administration of China, director of the Office of the Central Cyber Security and Informatization Commission, deputy director of the State Council Information Office, and deputy head of the Publicity Department of the Chinese Communist Party.

The Cyberspace Administration of China (CAC) plays a pivotal role in China's digital landscape, acting as the primary architect and enforcer of the country's internet policy. Here's a closer examination of its functions and influence:

1. Cybersecurity and Data Governance Legislation:

   • The CAC is instrumental in creating the legislative framework that governs the internet in China. It drafts and implements a wide range of regulations that cover everything from cybersecurity to data protection and content management. These regulations are not only designed to maintain the security of the country's digital infrastructure but also to exert control over the kind of information that is accessible to the Chinese public.

2. System for Cybersecurity and Information Content Management:

   • The CAC is responsible for constructing and maintaining systems that enforce China's cybersecurity and content management policies. This includes the development of technical standards, guidelines for content moderation, and mechanisms for data protection. The agency ensures that these systems are robust enough to prevent unauthorized access to sensitive information and flexible enough to adapt to the rapidly evolving cyberspace environment.

3. Content Restriction and the Great Firewall:

   • Perhaps the most well-known aspect of the CAC's duties is its oversight of the Great Firewall — the set of technologies and legislative actions that regulate the internet within China. The Great Firewall is designed to block access to content that is considered undesirable or threatening to the state, ranging from politically sensitive topics to social media platforms like Facebook and Twitter that are popular outside of China.

4. Coordination of Cybersecurity Operations:

   • The CAC does not work in isolation; it coordinates closely with other government agencies, such as the Ministry of Public Security (MPS) and the Ministry of State Security (MSS), to enforce its policies. This involves sharing information, aligning strategies, and sometimes conducting joint operations to address cybersecurity threats or to enforce content restrictions.

5. International Cyber Policy Representation:

   • On the international stage, the CAC represents China's interests in discussions about global internet governance. It articulates and defends the country's sovereign right to govern its own cyberspace as it sees fit, often clashing with Western notions of internet freedom and information flow.

The CAC's influence extends deep into the fabric of China's internet, affecting not just what content is available but also how data is managed and protected. Its role in shaping the digital environment reflects the broader priorities of the Chinese government, emphasizing control, stability, and the promotion of state-approved narratives.

Ministry of Public Security (MPS) 中华人民共和国公安部

Wang Xiaohong (Chinese: 王小洪; pinyin: Wáng Xiǎohóng; born 11 July 1957) is a Chinese politician who has been serving as Minister of Public Security of China since June 2022 and State Councilor of China since March 2023

The Ministry of Public Security (MPS) in China plays a critical role in the country's cybersecurity infrastructure. Functioning similarly to a national police force, the MPS's responsibilities extend into the digital realm, where it enforces China's extensive cybersecurity laws and regulations. Here are key functions of the MPS in cyberspace:

1. Cybercrime and Cyber-Terrorism Countermeasures:

   • The MPS is at the forefront of combating cybercrime within China. It is responsible for detecting, investigating, and prosecuting cybercrimes, which include hacking, digital fraud, and the dissemination of online content deemed illegal by Chinese regulations.

   • The agency is also tasked with countering cyber-terrorism. It identifies and neutralizes threats posed by cyber-terrorists, who may attempt to disrupt China’s digital infrastructure or incite unrest through online channels.

2. Administration of the Golden Shield Project:

   • The Golden Shield Project, colloquially known as the Great Firewall of China, is a cornerstone of the MPS's operations. This initiative involves the deployment of a massive surveillance and censoring system that filters and blocks foreign websites and monitors internet traffic to prevent access to information that the government considers threatening to its authority or social stability.

   • The MPS oversees the technological development and implementation of this project, ensuring it effectively controls the digital information landscape within China.

3. Data Collection and Surveillance:

   • The MPS manages a vast network that collects online data and personal information. This surveillance apparatus is integral to maintaining public order and national security, as defined by the Chinese government.

   • The collected data ranges from public posts on social media platforms to private communications, which can be used for various purposes, including monitoring public sentiment, identifying dissidents, or preventing criminal activities.

The operations of the MPS in cyberspace are emblematic of China's approach to internet sovereignty, where state control and monitoring are prioritized to maintain regime stability and security. This expansive surveillance capability allows the Chinese government to exert significant control over the digital lives of its citizens and to enforce its cybersecurity laws rigorously.

Ministry of State Security (MSS) 国家安全部

Chen Yixin (Chinese: 陈一新; born 1 September 1959) is a Chinese politician who is the current Minister of State Security and the former secretary-general of the Central Political and Legal Affairs Commission of the Chinese Communist Party from 2018 to 2023. He has led the Ministry of State Security (MSS) since 2022.

The Ministry of State Security (MSS) operates as China's primary intelligence agency, equivalent to the CIA in the United States or MI6 in the United Kingdom. The MSS has a broad mandate that encompasses both domestic security and foreign intelligence gathering. Here are the key areas of its operations in cyberspace:

1. Cyber Espionage for Foreign Intelligence:

   • The MSS is actively engaged in cyber espionage to collect intelligence from abroad. It targets a variety of entities, including foreign governments, defense contractors, technology firms, and academic institutions. The goal is to gather valuable information that could give China a strategic, economic, or political advantage.

   • Such operations can involve hacking into computer networks, phishing campaigns, and the deployment of malware to exfiltrate data. These actions are often sophisticated and stealthy, aiming to remain undetected for as long as possible to maximize intelligence gathering.

2. Surveillance of Chinese Nationals Abroad and Foreign Individuals:

   • The MSS also monitors Chinese citizens living or traveling overseas, as well as foreign nationals who might have access to information of interest to China. This could include Chinese students and researchers in foreign universities, businesspeople, and expatriates.

   • The agency may use various cyber tools and methods to keep track of these individuals, including monitoring their communications and online activities. The purpose is to prevent the sharing of sensitive information that could harm China's national interests and to assert control over the Chinese diaspora.

3. Economic Espionage:

   • Economic espionage is a key part of the MSS's activities, supporting China's ambitious economic development plans, such as the "Made in China 2025" initiative. This initiative aims to transform China into a high-tech manufacturing powerhouse, leading in areas such as electric cars, next-generation IT, telecommunications, robotics, artificial intelligence, green energy and transportation, new materials, and medical devices.

   • To bolster these sectors, the MSS is reported to steal trade secrets, intellectual property, and cutting-edge research from foreign companies and institutions. This not only helps Chinese companies leapfrog in technological advancements but also diminishes the competitive edge of foreign firms.

The activities of the MSS in cyberspace are multifaceted and global in scope. They reflect the state's prioritization of intelligence and economic development as key components of national security. The MSS's cyber operations are a significant aspect of China's broader strategy to assert its influence on the world stage and secure its status as a leading global power.

Governing Policies and Laws

These agencies operate under a framework of policies and laws that grant them broad powers within cyberspace:

• Cybersecurity Law (2017): This law formalizes the requirement for network operators in China to provide technical support and assistance to public security organs and national security organs in safeguarding national security and investigating criminal activities.

• National Intelligence Law (2017): This law obliges all organizations and citizens to support, assist, and cooperate with state intelligence work. It has been interpreted as providing legal backing for intelligence agencies like the MSS to conduct espionage activities both domestically and internationally.

• Data Security Law (2021) and Personal Information Protection Law (PIPL) (2021): These laws establish a comprehensive set of rules for data security and personal information protection in China, which include requirements that can facilitate state access to data for national security purposes.

Techniques of Surveillance and Espionage

China employs a variety of methods to monitor social media and conduct espionage. These include the deployment of AI and machine learning technologies to filter, analyze, and track online activities. The MSS, in particular, has been known to leverage social media platforms to gather data and conduct influence operations.

Economic espionage is another area where China has shown significant activity, often using fake social media profiles to initiate contact with potential targets. This method allows for the discreet collection of intellectual property and trade secrets from unsuspecting individuals in key industries and sectors.

China's Surveillance State

Legal Framework for Surveillance

China's Personal Information Protection Law (PIPL) and Data Security Law (DSL) provide a comprehensive legal framework for data governance within the country. The PIPL, in particular, outlines principles for data processing and establishes rights for data subjects, akin to the GDPR in the European Union. However, the scope of these laws extends beyond data protection, offering a legal basis for the state to conduct surveillance for national security purposes.

Data Control and National Security

These laws contribute to a tightly controlled cyberspace, with the Chinese state maintaining stringent oversight over data flows. The National Intelligence Law of 2017 further mandates all organizations and citizens to support, assist, and cooperate with state intelligence efforts. This legal architecture, while designed for data protection and cybersecurity, also facilitates broad state surveillance capabilities, allowing for extensive monitoring of both domestic and international communications.

Impact on Foreign Media and Implications for Global Governance

The pervasive surveillance and espionage capabilities of China extend beyond its borders, significantly impacting foreign media and the broader landscape of global governance. These activities raise concerns about the integrity of information, the protection of intellectual property, and the safeguarding of human rights.

Foreign media outlets operating in China face stringent regulations and the risk of surveillance, which can lead to self-censorship and a compromise in journalistic integrity. Additionally, the use of social media for surveillance and influence operations by Chinese agencies has global implications, potentially affecting public opinion and international relations.

The implications for global governance are profound, as state-led surveillance and espionage activities challenge the norms of international law, privacy, and diplomacy. The international community must grapple with these issues to ensure a balanced approach to cybersecurity and the free flow of information.

Conclusion

This report highlights the extensive nature of China's use of cyberspace for espionage and the monitoring of foreign media, orchestrated by key state agencies such as the CAC, MPS, and MSS. The techniques employed by these agencies leverage the latest technologies and operate within a comprehensive legal framework, presenting a sophisticated threat to international security and intellectual property.

It is essential for international entities, whether they are corporations, universities, or government bodies, to recognize the risks and implement robust security measures to protect sensitive information and maintain operational integrity.

As the geopolitical landscape continues to evolve, it is imperative that global governance mechanisms adapt to address the challenges posed by state-led surveillance and espionage activities. Maintaining a resilient and secure cyberspace requires international cooperation and a commitment to the principles of transparency, respect for privacy, and the protection of human rights.

References

The findings and analyses in this report are based on the review of the following documents:

• "China’s emerging data protection framework" by Rogier Creemers

• "The Threat of China’s MSS: American Universities, Corporations, and Overseas Intelligence Operations" by William Hubbell

• "Cyberspace Governance in China" by John Lee

• "Analysis Of The Social Media Censorship Of The Technological Rivalry Between The US And China Using The Thucydides Trap" by Sandunika Sandamali

• "Economic Espionage via Fake Social Media Profiles in the UK: Professional Workers Awareness and Resilience" by Mark Button et al.

Comments

[A. Launder]

This is great!!! Really cool to see behind the curtain