How does China keep stealing our stuff, wonders DoD group responsible for keeping foreign agents out
- Reference: 1756406407
- News link: https://www.theregister.co.uk/2025/08/28/how_does_china_keep_stealing/
- Source link:
Defense Counterintelligence and Security Agency (DCSA) Assistant Director of Industrial Security Matthew Redding [1]told attendees at a National Defense Industrial Association event yesterday that China's government and military industrial complex (and the country's allies) keep getting their hands on academic and technology research related to the DoD.
"The homeland is no longer secure," Redding remarked before noting that the DCSA's mission is to prevent those kinds of incidents. The assistant director brought some numbers with him to support his reasoning that the DCSA is essential for national security, disclosing that his group reviews 30,000 suspicious incidents per year, with four to five thousand of those ending up being credible.
[2]
"Today's adversaries do not separate economic competition from national security," DCSA director David Cattler said in a [3]speech last week calling for increased cooperation between government and industry. "They see our intellectual property, supply chains, and workforce as strategic terrain, as valuable as any battlefield."
[4]
[5]
For those unfamiliar with the DCSA, it's the Pentagon subsidiary and investigatory body responsible for vetting the security credentials of federal employees, contractors, academics, and private companies involved in work for the Defense Department. Although undoubtedly a critical mission, DCSA's work alone still hasn't stopped some high-profile leaks to China.
Cattler even mentioned several incidents in his own speech, calling attention to the [6]Volt Typhoon , [7]Salt Typhoon , and suspected Chinese hacks of the [8]US Treasury as instances in which US enemies have managed to infiltrate defense systems. Attacks like those have also targeted major government contractors [9]like Microsoft , and it's not as if the threat is new, either. The international intelligence community has been [10]warning that China [11]targets intellectual property in western nations for years.
[12]Microsoft reportedly cuts China's early access to bug disclosures, PoC exploit code
[13]China's Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets
[14]US-funded breakthrough battery tech just simply handed over to China
[15]Putin on the code: DoD reportedly relies on utility written by Russia-based Yandex dev
Along with successfully stealing state secrets directly from the US government, Chinese spies have also been accused of pilfering data from big tech companies [16]like Google . The DCSA is aware that China is going after defense contractors. According to Cattler, one government defense contractor reported to the DoD that it had been dealing with 65,000 phishing attempts every month. And those are just the ones the company identified.
Both Reddig and Cattler called particular attention to insider threats. Cattler noted that, despite DCSA's efforts, these are a growing risk because of increasing interaction between private industry and the defense department.
[17]
"We expect to issue more facility clearances, engage in more personnel vetting and conduct more training," Cattler said.
The director added that he wanted more security services centralized under the DCSA to accomplish its mission.
"Our adversaries are adapting faster than policy," Cattler said. "Cyber-enabled espionage, AI driven targeting and foreign capital exploitation are expanding that threat landscape … we need coherency and alignment between government and industry."
[18]
We asked how DCSA plans to adapt its strategies to increase its chances of success, but didn't immediately hear back. ®
Get our [19]Tech Resources
[1] https://www.defense.gov/News/News-Stories/Article/Article/4288124/agency-protects-dod-classified-work-from-adversaries/
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aLDRdVKwEP6FaQtMSQSRwwAAAIQ&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://www.dcsa.mil/About-Us/News/Article/Article/4283245/dcsa-director-dod-government-industry-and-academia-partnership-with-americas-ga/
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aLDRdVKwEP6FaQtMSQSRwwAAAIQ&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aLDRdVKwEP6FaQtMSQSRwwAAAIQ&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[6] https://www.theregister.com/2025/03/12/volt_tyhoon_experience_interview_with_gm/
[7] https://www.theregister.com/2025/08/28/china_salt_typhoon_alert/
[8] https://www.theregister.com/2024/12/31/us_treasury_department_hacked/
[9] https://www.theregister.com/2023/07/31/infosec_in_brief/
[10] https://www.theregister.com/2022/07/07/fbi_and_mi5_china_warning/
[11] https://www.theregister.com/2023/10/18/five_eyes_china_espionage/
[12] https://www.theregister.com/2025/08/21/microsoft_cuts_chinas_early_access/
[13] https://www.theregister.com/2025/03/05/china_silk_typhoon_update/
[14] https://www.theregister.com/2022/08/04/doe_battery_tech_china/
[15] https://www.theregister.com/2025/08/27/popular_nodejs_utility_used_by/
[16] https://www.theregister.com/2024/03/07/doj_google_ai_theft_indictment/
[17] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aLDRdVKwEP6FaQtMSQSRwwAAAIQ&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[18] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aLDRdVKwEP6FaQtMSQSRwwAAAIQ&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[19] https://whitepapers.theregister.com/
Re: How does China keep stealing our stuff ?
The sent people over to the US in the 1970s, 1980s, 1990s, 2000s, 2010s, and 2020s. Those federal employees now have access to lots of information. CTRL-C, CTRL-V, wait 30 minutes, and then go on vacation with 10TB of brand spanking new U.S. government data. So, it took up to 40 years to get anything valuable from those agents, but if you're playing the long game, and they are, 40 years no time at all tp wait.
"Our adversaries are adapting faster than policy,"
Well, there's your problem right there - American politics.
Re: "Our adversaries are adapting faster than policy,"
Nailed it.
Re: "Our adversaries are adapting faster than policy,"
Welcome to today's team meeting on how to keep adversaries out of our network. Our cybersecurity experts, Alice and Bob will be our presenters today... I see someone already has a question, go ahead, ummm... Eve?
Eve: Should we take notes or will there be a transcript available?
One does truly hope
that Mr. Redding has another job offer pending as he won't be in this one much longer.
Mine's the one the Emperor is not wearing.
While that is concerning, there's a much bigger problem, namely the Putin puppet in the White House, in fact the entire trump admin. is nearly completely compromised.
How does China keep stealing our stuff ?
> How does China keep stealing our stuff ?
Well, perhaps because of failures like [1]this that allowed China to identify pretty much every ethnic Chinese person working for the US government? (Even without knowing their names, it's pretty easy for China to surreptitiously film a location they are interested in and simply look for people of Chinese ethnicity entering and leaving.)
Those with relatives remaining in China can easily be pressured. And for those without relatives back on the mainland there are the traditional methods of appeals to patriotism, befriending, loans, blackmail, you name it.
Without agents (double agents?) working for the DoD in the Chinese community the DoD haven't a chance.
[1] https://en.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach
Re: How does China keep stealing our stuff ?
Without agents (double agents?) working for the DoD in the Chinese community the DoD haven't a chance.
Really, with Cisco having 9+ rated CVEs every few months, and with Microsoft's forever shit-show of lax security and not caring, and CEOs demanding important shit is internet connected to save manpower costs, and all you can think of is Chinese-ethnic nationals spying?
Open societies
Do very poorly against determined autocratic aggression.
1) As mentioned here, China is a substantial source of funding for our universities. That funding IS conditional.
2) As mentioned here, China's police have been operating semi-openly in the US to keep their expats in line.
3) As mentioned here, China is prepositioning assets in major cloud providers.
So, yeah. I wonder what we're going to do about Chinese spying...
Re: Open societies
This hasn't really been true historically, China has become an interesting exception. Historically it's autocratic societies that perform more poorly against liberal societies at secret keeping(*), for a range of reasons but perhaps the most powerful is the ability to offer a sort of luxury witness protection programme to highly placed assets living in fear of the whims of their autocrats.
Because of that, point 2 you mention, along with Russia's growing success at fatally hospitalising it's own undesirable expats, are arguably the most worrying trends.
(*) Not to say either have really excelled at it in recent centuries. Either you disconnect yourself from the globe in the extreme like North Korea does, or you leak like a sieve.
How?
Because you are effing stupid. That's how.
Here's a hint as to why
[1]America's cyber defenses are being dismantled from the inside
[1] https://www.theregister.com/2025/04/23/trump_us_security/
How does China keep stealing our stuff ?
Because we keep connecting stuff to the internet that doesn't really need to be connected to it...
Also because people are being forced to put their shiat on the internet wheter they want to or not.
Probably out of a combination of greed and/or sheer lazyness...