Episode 798: China’s Cyber Espionage

Published Jan 12, 2025, 10:00 AM

Newt talks with Dr. Weifeng Zhong, about the significant cybersecurity breach involving the US Treasury Department, where a hacker accessed security keys to override protocols and access unclassified documents. The US Treasury has since placed sanctions on a Beijing-based cybersecurity company for its alleged involvement in multiple hacking incidents targeting critical US infrastructure. Dr. Zhong provides insights into the broader implications of Chinese state-sponsored hacking activities, including the notorious Salt Typhoon group, which has infiltrated major US telecommunications companies. They discuss the historical context of Chinese cyber espionage, the sophisticated methods employed, and the challenges in countering these threats. Additionally, their discussion touches on the controversial role of TikTok in data collection and propaganda, and the strategic considerations for the US in addressing these multifaceted cyber threats.

I'm newt Gingrich. Please watch Journey to America, my new documentary in PBS about nine remarkable individuals who strengthen our country through their pursuit of the American dream. From Albert Einstein to Hetty Lamar to Zelma Calilazade. We explore how individual stories help shape our national identity. Watch Journey to America premier on Tuesday, January fourteenth to ten pm Eastern, nine pm Central on PBS and the PBS app. On this episode of Newts World. On December eighth, twenty twenty four, the US Treasury Department was notified by a third party software provider, Beyond Trust, that a hacker had gained access to a security key which allowed the intruder to override certain security protocols and access some Treasury Department office workstations and unclassified documents stored on them, according to the letter notifying the Senate Banking Committee of the breach. On Friday, January third, the US Treasury place sanctions on Beijing based cybersecurity company for its alleged role in multiple hacking incidents targeting critical US infrastructure. Here to discuss the latest Chinese hacking incidents and what it means in the larger picture. I'm really pleased to welcome back my guest, doctor Waifong Zhong, Senior Advisor for the Office for Fiscal and Regulatory Analysis at the America First Policy Institute. He is a co creator of the Policy Change Index, an open source project that users ai to analyze and predict government's actions based on their words. Waifong, welcome and listen. Thank you so much for joining me once again on Newsworld.

Thank you very much for having me missed a speaker.

Now, before we talk about the Treasury Department hack, I want to go back and start with salt typhoon. What is salt typhoon and what have they been accused of doing.

The Salt Typhoon, which may or may not be directly related to the sanctions that was announced this time, was one of the many state sponsor hacking attacks led by Chinese hackers and fundamentally sponsored and supported by the Chinese regime. And things like this actually have happened repeatedly and much more rampantly in recent years because the Chinese government has been much more aggressive than before in collecting intelligence from overseas, primarily from the American people. In American government, well.

As I understand it. In late twenty twenty four, US officials announced that hackers affiliated with salt Typhoon had access to computer systems of nine US talk communications companies, later acknowledged to include Verizon AT and T T Mobile, Spectrum, Luhmann, Consolidated Communications, and Windstream. I mean virtually the entire American system. This has got to be over ninety percent of the system. And yet we say that salt Typhoon access to computer systems of ALLIHA and if I understand it correctly, we believe they were able to access metadata of user calls, text messages, including data and timestamps, source and destination IP addresses, and phone numbers from over a million users, most of which were located in the Washington, DC metro area. Now I'm an amateur about this, but that strikes me as a pretty amazing achievement. Can you walk us through what we know so far about the whole process of hacked targeting, and in particular what happened at the US Treasure Department.

Absolutely, so for that, I think we should go back to the beginning of the Internet in the early two thousands. Now we are talking about the former Chinese President Hu Jintao before think even took office, was that the CCP had realized from the very beginning of the Internet age that information is really critical. They recognized the importance of controlling information flow not only domestically within China, but also as much as possible elsewhere in the world. And that has a lot to do with what we called in the open source intelligence model. The CCP has prioritized, which means that they believe, compared to espnage, you know, cultivating spies around the world, simply collecting information on the Internet could be very useful. And so that has led to decades of efforts by the CCP to create the industry, the complex between the Chinese government agencies and a lot of tech firms in China to start collecting a lot of information around the world, and the primary target of that operation is the United States. Now, there are different ways to go about, and China has exhausted all of them. There's the hardware side of things, meaning that for example, in the telecom network that we have, we have a lot of Chinese made devices, and those devices primarily made by Huawei. Those devices have many vulnerabilities and some of those vulnerabilities are actually hidden, meaning that there could be backdoor mechanisms that were left there when they were manufactured, and then the CCP mail may not try to access them until years later. And there's also software side of things. Because hacking groups in China they have gotten very good and they work with overseas mercenaries, some based in Russia, some based in other, you know, many other countries, and they took very complex routes eventually to get to information resided in the United States. So it's a very very sophisticated operation.

In response to this most recent hack, the US government post sanctions on a Beijing based cybersecurity firm, Integrity Technology Group. Can you explain who this company is and what is connection to the Chinese Communist is.

I think the general public knows very little about individual tech company cyber especially firms associated with cyber attacks in China, for a very good reason, which is that the CCP deliberate try to make all these companies very secretive, and they oftentimes create different entities to conduct different operations. Even if any single entity is sanctioned by the US, they can create another one. They're just shelles for their operations, and so it's very hard to actually find out. And it's very interesting you mentioned that, mister speaker, that the US government is sanctioned in one one such entity this time, but there's so many of them, and the reason we are getting more and more rampant attacks from China. I mean, we have to think about it from our enemies perspective, Right, So what's the costs and benefits the hackers or the ccpeople consider. You know, if they initiate a hacking campaign against the US, if they succeed, they got a lot of information.

Right.

If they fail, at least by how things are standing now, they lose one firm, particularly one shell they can easily replace. We are really taking insufficient countermeasures to deal with this huge problem.

It seems to the idea of sanctions against individual companies when in fact it's a collective effort sponsored by and supported by the Chinese government. When it's almost silly. That's not a strategy, that's a public relations event.

That's like doing something as a gesture to say that at least, you know, the administration is not sitting around, even though they are pretty much sitting around there and doing nothing. It's a very difficult problem to actually tackle at the piecemeal mannor so, meaning that if find out one firm you sanctioned them, when the tomorrow they will be in a different firm, right, and so, which I think justifies a more systematic approach to deal with the Chinese hacking problems. For example, President Trump came out with a very strong position eight years ago to ban Huawei, which is a great policy because once we ban the hardware, right it solves a lot of problem. It doesn't solve all the problems, but it solves many problems, and so we have to take broader measures. Another one I think is very important we don't pay enough attention to is that the US government itself is collecting a vast amount of information of the American people. We need to make the government smaller, even in the information sense, because right now, all the government agencies they have a lot of information about the American people. Their information security is very low, and so once the Chinese hackers got the hang of even just one agency, it could potentially get a lot of information about the entire country, and I think that's not a very good position to be in.

So in a very real sense, you could almost argue that the Chinese are happy, did the American government gather up the information so they can then hack the American government and get all the stuff the American government's picked up a taxpayer expense precisely.

That's the wholesales approach, right, And that's actually very easy because if you look at holders of information on the US market, private companies, they are more secure because they have more resources to have a good defense. But government agencies, because of many reasons, they don't have very good security measures. But they are actually the biggest collector of information in the country. For example, it just used a taxation as an illustration. You know, if you have a very simple tax system, then the American taxpayers would only need to submit very little information to the RS, right. But when you have a very compact system, many deductions, many loopholes, then oftentimes people will have to submit information to justify those loopholes. That information is than with the RS. So all the CCP would need you to is to hack the RS.

In terms of the inability of the US government to defend itself. Fifteen, the Office of Personnel Management at a data breach that exposed the personal information of over twenty million government employees and contractors think about that scale. We really don't understand the scale of the intensity of the Chinese.

Effort absolutely, and a very important thing we need to focus on is how much our adversaries can make inferences by different pieces of information. The OPM hacked, mister speaker you mentioned, it's actually a huge deal. Why because there are so many contractors in the Washington, DC area who worked with the government, right, and sometimes they don't disclose at work on the website for obvious security reasons. But if the OPM system is hacked, the CCP could find out which federal contractors are working for the federal government on which projects. Because when the federal government is off, they're off too, right, So you can easily find out likely how we're exactly they're associated. And a lot of times this kind of piecemeal information, it's hard to make a lot of influence when you have a little bit of them. But if you have a lot of them, which the Chinese government does, the actual intelligence would scale up very quickly.

When you get data on twenty three million people, most of whom aren't all that important and aren't involved in national security. What did the Chinese do with all of them?

Well, there are two levels of intelligence. One is, if you have the Trump campaign, you learn a lot, right, that's obvious, But if you had millions of people, it's helpful to think back at intelligence failure episodes of intelligence failure in the past. In the US, the CI did not see, for example, the Iranian revolution, right, And the reason the GAY for that was, well, we didn't understand the groundswell of puppy opinions. And that's something you can learn about by having a vast amount of information on a vast amount of people. The same is true for Afghanistan too, right. So the US foolish they did not see that the Taliban can come back so fast.

Right.

That's again the piece of information that requires a lot of pieces of information, So it's not really hacking a key individual, but it's hacking an entire nation or entire group of people.

With the rise of artificial intelligence, my guess is that they can now scan and analyze and look for parallels or connections on a scale we can't imagine. So twenty three million files wouldn't be a big deal. Just let's a computer keep grinding away at.

Them exactly with today's computation power. That's a no brainer. I think it comes down to really the combination of vast amount of data and then the advancing AI and computation. So that allows us to extract patterns, right, because patterns is what would tell us about trends, and trends are more persistent the rise of the Taliban, Right, that's the trend that's way more persistent than hacking any single Taliban leaders.

For example, I'm newt Gingrich.

Please watch Journey to America, my new documentary in PBS about nine remarkable individuals who strengthen our country through their pursuit of the American dream. From Albert Einstein to Hetty Lamar to Zelmai Kalilazad. We explore how individual stories help shape our national identity. Watch Journey to America premier on Tuesday, January fourteenth to ten pm Eastern, nine pm Central on PBS and the PBS app. So, in a sense, in the cyber world, correct me if I've got this wrong, But there's sort of a gray zone where you have private sector hackers who may be Romanian or Russian or Chinese, all collaborating off and on for different reasons, and some of it's come My sense is that the amount of money stolen or blackmailed is dramatically greater than we have any understanding of and that in fact, banks don't want to be open about it because they don't want people to understand how limited their ability is to protect information. You have an economic side, and then you have sort of a national security political side. And yet with all that stuff, the Chinese communist government's reaction is consistently, oh, we don't do that. It isn't us now. Is it conceivable to you that you could have this skill of hacking coming from China without the toutlitarian state knowing it.

I think we should take it as just a joke. On the CCP, they say many things, right, we didn't do this, we didn't do that. But that might have some truth at the beginning of the economic reforms, for example, in the nineties, perhaps when China was trying to be more open and there was some space between the state sector and the private sector. But in the last twenty years that no longer is the case. Even private companies think about Huawei, where Huawei is a perfectly private company. It's not perfect, but it's perfectly private company, but it's under the full control by the state. So it's laughable to think that all these activities are happening without the CCP supporting even proactively.

Christopher Ray, the FBI director center a security conference in Germany, quote, the cyber threat posed by the Chinese government is massive. China's hacking program is larger than that of every other major nation combined. Now should we respond to that?

I think we should go back to the cause and benefit, to think in our adversaries perspective, to put us in their shoes, because when they contemplate about hacking the United States, the benefit now is much larger than it used to be before because every additional piece of information they can gather from the US that could be put together with the information they had already gotten in their past and make a lot more influences. So that's the network effect of different pieces of information. When you have more pieces of a puzzle, you see the picture very clearly. When you only have a few pieces, it doesn't really mean much, right. So the marginal return of hacking for the Chinese is increasing, but the cause of hacking is decreasing, especially under the Biden administration. Sometimes they would sanction one or two Chinese firms. That's a huge problem. Now we can talk about what kind of countermeasures are the best. We might hack back. You know, we might impose punitive sanctions across the board on Chinese goods or Chinese investments, for example. We could think more about how to liberate the private sector in coming up with better defense for the information in the United States. But what we cannot do is to just sanction one or two because we need to increase the punishment the Chinese hackers will face because their reward is increasing every single day.

For a very very long time, we were the dominant player with the National Security Agency, and we had capabilities of accessing and understanding information that was dramatically greater than anybody else. How do you distinguish the efforts that we've made over the years to maximize our intelligence capabilities with the kind of things that the Chinese are doing.

I think the main difference is that sometimes US actors, they do have the capabilities, but sometimes they are misdirected. When we think about law enforcement in the United States, oftentimes in recent years, they are more and more politicized, Right, so you have all these ammunitions that are not really pointed at the enemies, but our own people, and that's not right. And the other thing is that for the CCP is not a problem. They just enhance capabilities to spy on anybody, including their own people, which is given already. So they spile the China these people, but then increasingly have their eyes overseas. They have their eyes on targets like the United States and Europe, the UK. You know, Europe and UK no longer quite method that much to this CZ people. The US matters even more.

Somebody pointed out to me that a lot of places around the world are buying Chinese equipment, for example, for facial recognition, and that somebody who might be a covert agent in one country could be picked up traveling another country.

By the cameras.

Absolutely absolutely, and.

Then they could analyze it and figure out who that person is. And so they're really acquiring a worldwide ability to gather information and spy on people on a scale that's totally outside the nation state. I mean, it's genuinely global. Does that fit with what you're saying.

Absolutely, And I think the Chinese always had that plan, you know, long ago. It's the same plant they're just carrying through over the years. Mister speaker, you talked about the facial condition from footage. Right, Let's say you penetrate one country in whatever footage it have. That doesn't really mean a lot, but when you panish it enough, then you can figure out other agents. Right, So it really needs the scale of the operation.

Let me ask you about a couple of things beyond cyber How did you interpret the school bus size spy balloon in twenty twenty three.

I think that what was most striking to me was the incapabilities of our administration to respond. It took forever to shout have done in the first place. But they also came out initially to say the balloons were not collecting information in the US, and then they later admitted, okay, sorry, they are collecting information in the United States. This is just incapabilities. I think we should not shy away from recognizing that. A lot of responsibilities on our end. But the Chinese they always try to do that, right, and then the weather balloons, and then they tried to use it for other information collection purposes. I have to say that's the same for any Chinese equipment, right, Chinese hardware, they would sell smart devices around the world, and then they would record those conversations by the customers, and then they would send them back to China. It's the same thing.

Are you at all concerned about the degree to which the Chinese are buying up US farmland, particularly near military basis.

I am very concerned about this. I'm not against, for example, Chinese nationals purchasing property like a very broad rule in the United States. Right we have a lot of Chinese immigrants buying houses in the United States. That does not necessarily become a national security issue. But when you buy farm lands near military bases, that would be a huge problem. In the past, some people think of that as like fear, just have an anti Chinese sentiment or anti Asian sentiment. Let's look at the track records of the CCP, like what kind of information have they been collecting? And it is true that they exhaust all sorts of means possible to spy on American people. So I think it's much more well justified fear than it was before.

One other topics that is sort of unavoidable when you're talking about the Internet in China and that's TikTok. Do you think that an American could buy TikTok liberated from Chinese control and actually keep it going without the Chinese having such dense penetration of the system that it's inevitably enabling them to in various ways to store what's going on.

That's a really tricky issue. So there are two levels I think to look at this. One is should TikTok exist in its current form in the United States, And the second is whether it's even possible to ban it right or change its form. I'm less certain about the second one, but I'm very certain about the first one, meaning that TikTok in its current form should not exist in the United States because of the level of information collection on the app. There are many, many studies about this and the way that they penetrates information not only just on users' behavior scoring the app on the phone, but also other information the users has on their phone could potentially come through the app and be obtained by the CCP. Even passwords you use on your bank could potentially be sent over to the CCP. So that's a huge problem. Now, how is it even possible to ban TikTok? I think that's harder to address because there's the First Amendment issues there. I think the best outcome might be to force a sale to an American entity such that we can have better protection without having to eliminate the app in the US market.

So let's tell you did so, TikTok. Would that mean that the hardware would have to be inside the unitiztation? Isn't part of the problem right now that the ultimate center of information flows in China?

Exactly? I think it all comes down to hardware.

So someonew I have to literally transfer the American TikTok And does that that mean you're transferring the world wide TikTok or would the non American parts still be Chinese.

As it is now? TikTok claim that they have under gone a measure to enhance data security. That's what they claim, And what that meant is there is I think a US entity hardware that it ultimately stored the information, But ironically the information first comes through China and goes to the US hardware and then stay there. That doesn't really help a lot or a single bit because the CCP has the more. It's really a joke to say that that's a security measure. So eventually I think the real secure way would require information to not flow through mainland China. At all, and then to prevent any Chinese entity from ever accessing the US portion of the information. Now, the CCP might want to have access to the Chinese version of TikTok and to the extended overseas TikTok and the Chinese allies, and that's a problem beyond the United States. But at least we should make sure that the US portion of it is secure.

As you know it.

Study published last Thursday asserts TikTok's algorithms promote Chinese Communist Party narratives and suppressed content critical of those narratives. Claim that TikTok forcefully denies entitled the CCP's digital charm offensive. The study by the Rutgers University based Network Contgent Research Institute argues that much of the pro China content originates from state link entities. Byte Dance, a Chinese technology company, owns TikTok. What should we be doing about that?

There's suddenly validity to the findings. I see that as just a small function of TikTok, meaning that yes, it's a popular app, it has a wide reached in the American audience, and so any censorship or propaganda on this network, it's going to affect a lot of American people. But I think that's an obvious trivial way. The Charum reference in this example is that they're trying to put out content that would put the cc in a more positive light and put US politics in the negative lighte the CCP always does anyway with any other outlets they have. But a harder problem is actually that because TikTok app is so addictive, it's addicted to many people so that they keep scrolling on the app for more and more videos, right, And the process of that is the reason TikTok is so popular. The algorithm actually tries to learn your preferences, They learn what you like and not like, and they try to recommend more content for you to keep looking. And the fact that they're so successful means that they have already figured out the preferences of the American people, which means that they understand again going back to the grounds well issue here, right, So they understanding the US population at the deeper and deeper level every single day, and that would help them make a lot of valuable judgment about where this country is going, what people might do in various different locations, including in actions and that's very concerning.

So in a sense where we rely on say, national polling of two or three thousand sample, they actually have tens of millions of pieces of data that give them dramatically richer and deeper insights into who we are.

And that's oftentimes the future generation of the American people.

Given everything we've talked about, if the United States wanted to undertake a grand strategy to raise the cost to the Chinese counties government to such a point that they would actually cut off this behavior and police against it, what would that kind of a strategy look like.

Well, that's hard to contemplate, and the problem is that once you're contemplated, it might lose some of the effect because in the end and at some point it becomes the same thing as talking about military deterrence. Chinese has a lot of military power too, and it's not using against the US yet, right and so we want china cyber attack to be like its military power to not be used upon the US and its allies. But right now it is being used by US and its airlines. It comes down to deterrence, and there are so many ways of deterrence. I think it may not necessarily mean cyber deterrence, you could deter Chinese in other ways, right. For example, threatening certain severing of incongabborations with the Chinese in some areas like punitive terrorists might be a way. I'm sure the incoming president has a lot of ideas too. I think, thinking too openly about it, it may not even be a good idea. But I don't know. But if you ask me, I would think that keeping the enemies guessing and outlining some maximum response, we might go there. We don't necessarily go there, but we might go there someday.

You know.

Having this kind of range of actions to be known by our adversaries will be the best.

This may be a minor thing, but we ought to seriously consider re establishing sort of a radio free China and the kind of traditional propaganda we used against the Soviet Union and the various satellite states, because somehow we have to communicate that hostility can't be one sided, that we can't be permanently on defense and they get to come and play. We have to communicate that if they actually want to engage in a genuine cold war, and in a sense, this cyber offensive is part of a cold war, then we have tools we can use too, and they're in fact much more vulnerable to domestic discontent, and I think probably more frightened of it than we have any current notion. And I think back to the Typing rebellion, which costs about seventy five million lives in the eighteen sixties and seventies. This is why Tenement Square was so violent. They have a very clear sense that their population can get out of control much faster, much more decisively than any free society. That may be the wrong idea of the wrong approach, but it does seem to me we can't continue to pretend that we are totally at peace. Doesn't mean we have to do award militarily, but we have to recognize we have a genuine adversary, and every morning they have lots of people trying to figure out how to cause us harm. And the harm may be electronic, it may not be military, but it's still harm absolutely.

And we often think about rightfully so, that the Chinese regime is our adversary, right, but the Chinese people are not right. You reference the TM and Square protests and the violent crackdown, but even if you look at the protests in many cities in China right before China lifted the COVID restriction, the zero COVID restrictions a few years ago. Right that basically came right after the wave of protests happening in mainland China. It means that the Chinese feeple actually they know, at least those more educated fraction of the Chinese people who are able to get over the Internet censorships, they know what's going on in the world, and they see America as a better example of how to govern right. And so the implication of that is, first, you know, we need to change the direction our country is currently going. We need to correct all these wrongs that have happened, particularly in the last four years. We need to move to the right direction because it sets an example even for audiences in China. And the other lesson I think is those people who know in China, they're not getting the information from Radio Free China, not necessarily, not exclusively, they're not getting it from the Voice of America Mandarin channel necessarily because once they have the capabilities to jump the Great Internet Firewall, they can see everything in the world. Right, I'm not so much convinced about having to penetrate information flow into China because websites like the Voa China would be banned anyway by the CCP. Right, it really comes down to some people in China they can come outside, and once they come outside, they see everything. They can see the New York Times, they can see the wats. In general, I think what we need to do the most is to set a great example to the Chinese people in the sense of being a good influence right what a democracy should be and what open society should be, and then hopefully more and more of them will be increasingly gravitating toward it.

Is there a rule for us for a place to try to help communicate how you can break through the various barriers or do they just naturally evolve on their own Internally?

Well, so far has been evolving internally. There are what's called VPN virtual Private network services in China that helps people to get over the firewall. The CCP keeps cracking down on those tools, so people will have to keep looking for new tools every other month. Some pro democracy movement could take the form of providing the Chinese people better access to internet.

That's a fascinating point. It's our generation's version of putting out small radios in the nineteen fifties and sixties to try to penetrate the barriers is utterly fascinating. Boy fun look, I want to thank you for joining me and for helping us better understand the context of China's recent cyber espionage efforts. Our listeners can follow your work by visiting the America First Policy Institute's website at America Firstpolicy dot com. And I really appreciate you being our guests again, and I'm confident as the world evolves, we're going to come back to you for wisdom again in the future. But thank you very much for sharing with us today.

Thank you very much for having me again, missed the speaker.

Thank you to my guest Waifong Zong. You can learn more about the China cyber espionage efforts on our show page at newtworld dot com. New Chorld is produced by gangwid three sixty and iHeartMedia. Our executive producer is Guarnsey Sloan. Our researcher is Rachel Peterson. The artwork for the show which created by Steve Penley. Special thanks to the team at Ginglish three sixty. If you've been enjoying Newtsworld. I hope you'll go to Apple Podcasts and both rate us with five stars and give us a review so others can learn what it's all about. Right now, listeners of Newtsworld consign up from my three freeweekly columns at ginglishree sixty dot com slash newsletter. I'm new Gingrich. This is Newtsworld. I'm new Gingrich. Please watch Journey to America, my new documentary on PBS about nine remarkable individuals who strengthen our country through their pursuit of the American dream. From Albert Einstein to Hetty Lamar to Zelmai Kalilazad, we explore how individual stories help shape our national identity. Watch Journey to America premiere on Tuesday, January fourteenth pm Eastern, nine pm Central on PBS and the PBS app

In 1 playlist(s)

  1. Newt's World

    824 clip(s)

Newt's World

Join former House Speaker, professor, historian, and futurist Newt Gingrich as he shares his lifetim 
Social links
Follow podcast
Recent clips
Browse 817 clip(s)