February 17, 2022 Adam Kozy CEO/Founder SinaCyber, Former FBI and CrowdStrike Testimony before the U.S.-China Economic and Security Review Commission Hearing on “China’s Cyber Capabilities: Warfare, Espionage, and Implications for the United States” ----- # Introduction Members of the commission, thank you for inviting me to appear before you today to discuss the threat posed by cyber espionage operations carried out by the People’s Republic of China (PRC). I have been asked specifically to comment on China’s cyber espionage goals and the Ministry of State Security’s (MSS) role in achieving them. My testimony will examine the MSS’s rise in cyber espionage capabilities, timelines of important evolutions in the PRC’s intelligence collection strategy, similarities and separation of roles played by both the MSS and the People’s Liberation Army (PLA), and the threats it poses to the United States and its allies. In particular, I will use two recent US Department of Justice indictments to illustrate the history and breadth of cyber operations carried out by MSS contractors, and why their future ability to continue these operations is of grave concern. Finally, I will submit several recommendations on steps Congress can take to combat this threat. # Rise of the MSS-Contractor Model This testimony will illustrate how the MSS’s model of using a combination of in-house talent and cyber contractors has won the CCP’s favor for engaging in economic-driven cyber espionage. A combination of external factors and internal decisions made throughout the early 2000s made this model preferable to the PLA’s former 3rd Department’s (3PLA) historically noisier operations and past mistakes. These include: - A long-planned PLA reorganization conveniently announced at the end of 2015 at a time when Sino-US tensions over cyber espionage were at their highest - Additional time to combine the capabilities of the 3PLA, responsible for the military’s signals intelligence (SIGINT), and the 4th Department (4PLA), responsible for the PLA’s EW capabilities - Successive public exposures of 3PLA units by US private sector cybersecurity firms - Less corruption and moonlighting activities among the MSS due to an earlier disciplinary investigation period done during Xi Jinping’s first years - Better integration among State-owned Enterprises (SOEs) & private sector - No military commissioning (PT training, dorms, etc.) enabling easier recruitment - MSS 13th Bureau’s (CNITSEC) integration into the vulnerability mining ecosystem, providing better exploits and tooling - Cover & domestic surveillance capabilities provided by Ministry of Public Security (MPS) - Superior provincial recruiting of lead figures in underground hacking groups - Ability to run domestic cyber conferences and leverage recruitment opportunities - Plausible deniability What is uniquely concerning about the threat posed to the US and its allies by the MSS is the blind eye it turns on contract hackers engaging in criminal activity for personal profit in exchange for collection of intelligence priorities, and its ability to leverage China’s excellent vulnerability mining ecosystem to hoard exploits for cyber operations. In addition, MSS-affiliated actors such ----- as TURBINE PANDA/APT26 and WICKED PANDA/APT41 have engaged in increasingly brazen big data collection operations (such as OPM), which has been proven to be used by the MSS in future targeting operations. In total, these make the MSS a unique cyber adversary that in many ways has surpassed the smash-and-grab PLA intrusions of the past and created a much more dangerous environment globally when considering intrusions like the recent Microsoft Exchange Server/HAFNIUM exploitation, which opened attack surfaces to a more public audience. This is not to discount the capabilities of the PLA’s newer Strategic Support Force (SSF), which have likely recently improved by integrating both computer network exploitation (CNE) capabilities for espionage, and computer network attack (CNA) capabilities which can prepare potential targets for follow-on destructive attacks in a wartime scenario. However, there has been a marked increase in cyber espionage activity conducted by the MSS and its contractors over the past several years, suggesting its model is more favorable for conducting cyber espionage. To better understand the nuanced reasons for this change, one must examine the early origins of cyber espionage in China. # The Turning Point for Cyber Espionage in China Though the PRC’s electronic warfare (EW) capabilities date back well before 2000, the early 2000s saw a dramatic shift in the Chinese Communist Party’s (CCP) view of Computer Network Operations (CNO) and its usefulness as a way to bridge key technology gaps and rapidly gain parity with advanced adversaries like the U.S. in a variety of dual-use technologies (military and private sector) outlined in the CCP’s overlapping strategic plans that would otherwise be unattainable without years of research and billions spent on development. The notion that CNO could be used not just as a warfighting capability, but as a modernized extension of its longrunning economic espionage campaigns would fundamentally change the PRC’s intelligence collection methods over the next two decades. This shift toward viewing CNO and “hacking” as a key component of intelligence collection was likely caused by an intersection of three major factors during the same time frame: 1. Throughout the late 1990’s, PLA doctrine began emphasizing information-centric strategies to help the PRC win future “informatized” wars and developing asymmetric capabilities to disrupt more technologically advanced opponents. 2. From 1997-2001, a new subset of young, patriotic, and technologically savvy Chinese citizens began coalescing in underground hacking communities and using international site defacements as an outlet for perceived injustices against China by foreign nations. 3. From 1998-2003 CCP officials from the PRC’s various security apparatuses began experimenting with directed censorship of information on the internet as a way to influence national sentiment in projects that would become the Golden Shield Project and the Great Firewall (GFW). ----- Within several short years, the CCP recognized that the internet posed a massive threat to the CCP’s internal stability, but that if information and the talented youth using the internet for nationalistic purposes could be directed properly it would be a massive boon to establishing control over its populace while advancing China’s strategic economic goals. Dating back to 2003’s Titan Rain (a cover term for a series of Chinese intrusions into US and UK government systems), the PLA’s former 3rd Department (3PLA) appears to be the earliest and most ardent adopter of CNO for espionage purposes. However, over time the MSS’s superior tradecraft, recruiting practices, and important role in China’s thriving vulnerability ecosystem would make it the chief threat to a variety of global victims across multiple sectors. Its ascension post-2015 as the PRC’s lead entity for economic espionage is likely no coincidence as the PLA began undergoing long-planned reforms which would transform its cyber warfare capabilities, which have been discussed in other panels today. # A Brief Timeline of Important Points in China’s Cyber Espionage Evolution - 1996 - Internet is made available to Chinese homes - 1997 - Foundation of The Green Army, China’s first patriotic hacking group - 1998 - Chinese authorities begin experimenting with censorship and timing - Cult of the Dead Cow releases “Back Orifice Program” and Trojan use increases in China - Indonesia Riots and turn toward defacements - 1999 - Taiwan/Belgrade Embassy Bombings and the birth of Red Hackers malicious intent - Green Army goes commercial - Shanghai group becomes NSFOCUS - 2001 - US/China hacker war over Hainan/EP3 Incident - 2003 - Microsoft hands source code to the MSS 13th Bureau (CNITSEC), and known contractors Topsec and Venustech - Extensive hiring of patriotic hacking groups by PLA, MSS, and private firms - 2003-2006 - Titan Rain intrusions against US and UK defense networks. - 2005-2010 - CNE campaigns explode (ShadyRat, GhostNet, HiddenLynx, Aurora, etc.) - 2008 - Beijing Olympics strengthens MSS standing and alliances between private sector contractors - 2008-2010 - Intrusions against Tibetan activists and other “Five Poisons” shows MSS involvement - 2010-2012 - TURBINE PANDA actors (MSS Nanjing contractors) prep C919 campaign - 2012 - Xi Jinping becomes CCP General Secretary and initiates anti-corruption campaigns, deposing several high-ranking MSS officials - 2013 - Mandiant releases APT1 report exposing 3PLA 2nd Bureau’s Unit 61398 operations since 2006 - 2014 - CrowdStrike exposes PUTTER PANDA, 3PLA 12th Bureau Unit 61486 ----- - 2015 - Xi announces PLA reorganization and creation of PLASSF - Intrusions into US Office of Personnel Management (OPM) deemed a massive intelligence boon to MSS (later tied to TURBINE PANDA actors) - 2016 - Wooyun.org, China’s main vulnerability reporting site since 2010, goes dark - 2017 - FBI arrest of Sakula developer and MSS Officer Xu Yanjun in relation to TURBINE PANDA operations. MSS quietly restricts CN vulnerability researchers from attending overseas conferences - 2017-Present - An anonymous group called IntrusionTruth begins doxxing MSS-affiliated contractors including GOTHIC PANDA/APT3, STONE PANDA/APT10, AURORA PANDA/APT17, KRYPTONITE PANDA/APT40, and more - 2018 - Tianfu Cup and several other domestic cybersecurity conferences show significant government backing and controlled vulnerability mining ecosystem - 2020 - WICKED PANDA/APT41 indictment exposes contractors criminal activity and shows individual involvement in cyber operations can date back to 2001 - 2021 - HAFNIUM intrusions showed exploit was shared rapidly among PLA and MSSaffiliated cyber operators and reckless disregard for criminal distribution # Background on the MSS ## Creation and Authority The MSS was created in 1983 by combining the remnants of the CCP’s Investigation Department with the Ministry of Public Security (MPS) components of intelligence and counterintelligence to form a ministry that more wholly focused on gathering foreign intelligence. The fact that it was partially formed from the MPS and its first minister was a former vice minister of the MPS meant that the MSS initially had a hard time finding its identity, often having to compete with the MPS for both separate operational and policy space within the higher echelons of CCP decision-making bodies. However, the MSS’s close ties to the MPS would become increasingly beneficial in the early 2000s, affording both convenient cover for MSS offices, which were often co-located with MPS offices (see Figure 1), as well as providing key insight into both the PRC’s censorship apparatuses (GFW) and software review processes. The latter would later allow the MSS’s Chinese National Vulnerability Database (CNNVD) to have early access to key vulnerabilities that now make up the exploits used in cyber operations today. The MSS was believed to have strengthened its position regarding foreign policy decision making and intelligence under former MSS Minister Geng Huichang (耿惠昌) during the run-up to the 2008 Beijing Olympics and after handling riots in Tibet and Xinjiang, which followed shortly after the games.[1] The Ministry saw a budget increase and an expansion of capabilities, 1 “New Foreign Policy Actors in China”, Stockholm International Peace Research Institute, September 2010, http://books.sipri.org/files/PP/SIPRIPP26.pdf ----- which likely included cyber divisions as beneficiaries, as evidenced by a sharp increase of cyber campaigns directed against dissidents and other “Five Poisons”.[2] However, a series of defections, perceived intelligence failures, and several high level officials removed over graft during Xi Jinping’s anti-corruption campaigns in 2012 provided institutional setbacks to its ambitions. Geng (now the Deputy Director of the Subcommittee for Hong Kong, Macao, Taiwan and Overseas Chinese) was believed to have been spared by Xi due to his role in uncovering deposed Politburo member Zhou Yongkang’s planned military coup to oppose Xi’s appointment as General Secretary. Geng’s replacement in 2015, Chen Wenqing (陈文清), served in both the MPS and MSS before becoming the deputy director of the Central Commission for Discipline Inspection (CCDI), the watchdog responsible for many of the inspections and arrests that took down previous MSS officials. Chen’s prior career and subsequent appointment as MSS Minister likely represented renewed trust in the MSS by Xi who had already stacked loyalists into key positions among the CCP’s highest echelons. Chen is also believed to have taken the helm right as the PLA began its reforms and its cyber espionage portfolio was likely handed over to the MSS, giving him tremendous control over the rise in cyber intrusions into western systems carried out by the MSS and its contractors. The MSS derives its authority from the CCP’s State Council (see Figure 2) and compounding legislation in 2014, 2015, and 2017, including China’s National Intelligence Law (国家情报法) made clear requirements that all Chinese citizens and companies (operating in China or Chinese companies abroad) must collaborate with the MSS in gathering intelligence. In addition, all Chinese government departments are required to support its intelligence operations when asked. This provides the MSS with the ability to leverage universities, think tanks, foreign affairs departments, government sponsored overseas educational programs, military liaison programs, friendship and student associations, etc. for operational cover as well as to use them as recruitment platforms. This policy also provides the MSS access to many foreign government officials, scientists, academics, and students.[3,4 ] For further reading on the MSS’s history and key personalities I highly recommend “Chinese Communist Espionage: An Intelligence Primer” by Peter Mattis and Matt Brazil. For further reading on China’s whole-of-society approach to espionage and examples of specific espionage cases I recommend “Chinese Espionage: Operations and Tactics” by Nicholas Eftimiades. ## How the MSS Sources Technical Capabilities Like the PLA, which sourced much of its early intrusion capabilities from its burgeoning, techsavvy patriotic hacker cadres, the MSS is not thought to have had well-developed in-house 2 The Five Poisons are typically categorized as perceived threats to the CCP’s rule of China and include: Uyghur dissidents, Tibetan dissidents, Falun Gong members, Chinese democracy movements, and advocates for Taiwanese independence 3 “Chinese Espionage: Operations and Tactics”, Nicholas Eftimiades, Virtruvian Press, 2020 4 National Intelligence Law of the People’s Republic of China (Adopted at the 28th Standing Committee of the 12th National People’s Congress on June 27, 2017. ----- cyber capabilities in the early 2000s, and sought to recruit from outside sources. The PLA coordinated with SOEs like the China Electronics Technology Group (CETC) and its multitude of subsidiaries (Westone, for example[5]) to throw capture-the-flag competitions at top Chinese universities to recruit hacking talent early on, and by all accounts was relatively successful in this approach (see Tan Dailin in the sections below). An exact timeline on the MSS recruitment of its cyber talent is much harder to pinpoint, but likely began around the same time as the PLA’s due to a growing interest in developing its own technical capabilities. The MSS’s true secret weapon turned out to be it’s Technical Bureau/13th Bureau, which formed the China Information Technical Security Evaluation Center (CNITSEC/中国信息安全测评 中心) in 1998. While ostensibly acting as the government arm entrusted with software and code review, the intelligence agency was able to capitalize and use its access to interface with nearly every single domestic cybersecurity company pursuing government contracts and know firsthand which Chinese technical researchers were discovering top-tier vulnerabilities that could be used in cyber intrusion operations (see Figure 3). If not already familiar with them via CNITSEC, the MSS would come to work closely with many of the Chinese cybersecurity companies that had begun to snap up the early generations of patriotic hackers during the 2008 Beijing Olympics. This included: - NSFOCUS - the commercial branch of The Green Army, the original Chinese hacking collective - Topsec - recruited Honker Union of China founder Lin Yong (林勇/Lion) - Venustech - hired a significant amount of former Xfocus and 0x557 members - Qihoo 360 - employed legacy figures Yuan Renguang (袁仁广/yuange) and Pan Jianfeng (潘剑锋/pjf) In addition to having access to a pipeline of China’s early hacking talent, CNITSEC’s true value would come from providing the MSS with an easy way to cherry-pick high value vulnerabilities directly from the source, which could be turned into exploits for cyber espionage campaigns. CNITSEC was likely doing this as early as 2003 when it was given Microsoft’s source code as part of a security agreement between Microsoft and the Chinese government for usage on its networks.[6] This was then renewed again in 2010 with Wu Shizhong (吴世忠) as CNITSEC’s director, who was also dual-hatted as the MSS 13[th] Bureau Director according to state documents from 2009-2013.[7,8] CNITSEC is also in charge of reviewing software for government 5 https://www.intelligenceonline.com/corporate-intelligence/2020/06/24/westone-top-pla-cybersecurity-andencryption-supplier 6 https://news.microsoft.com/2003/09/26/china-information-technology-security-certification-center-source-codereview-lab-opened/a 7 https://web.archive.org/web/20220208054411/https://www.cert.org.cn:8443/publish/main/49/2012/201203301838062 95838762/20120330183806295838762_.html 8 https://www.crowdstrike.com/blog/two-birds-one-stone-panda/ ----- use, in compliance with the national Cybersecurity Law. In June 2017, Wang Jun, chief engineer of CNITSEC discussed the Microsoft-CETC joint venture and the need for suspension of Chinese government use of Windows 10 Chinese Government Edition until it is “secure and controllable”.[9] Open source analysis in 2017 revealed that CNITSEC and the subordinate CNNVD were likely purposely delaying reporting on specific vulnerabilities allowing operational windows for their usage in cyber operations.[10] Just a short time later, in confirmation, KRYPTONITE PANDA/APT40, a known contractor for MSS Hainan[11] was found to have used high-value vulnerability CVE-2018-0802 as a 0day exploit, a month before it was publicly reported as being discovered by Chinese firm Qihoo 360.[12] Legitimate security companies are known to receive advance notice of vulnerabilities from Western firms such as Microsoft’s Active Protection Partners (MAPP) program, whereby the firms are notified up to a week in advance of upcoming security updates. Several Chinese firms privy to these agreements are believed to have actively abused them in the past, knowing that the initial update merely patches the simple proof-of-concept exploit, leaving a window of opportunity often lasting several weeks for alternative exploitation methods while the vendor continues to roll out security updates to address all vectors. It is suspected that abuse of this system may have led to a rapid proliferation of proof-ofconcept code first turned into an exploit by the HAFNIUM group in January 2021 during the widespread Microsoft Exchange Server intrusions. The original HAFNIUM group was quickly joined by multiple APTs that had access to the exploit, with some likely having access prior to Microsoft’s patch release. This hints at an internal domestic vulnerability sharing network as the groups with access included both those with suspected ties to the MSS as well as PLA: - Tick/STALKER PANDA, a group with suspected ties to the former 3PLA’s 4th Bureau (Unit 61419) - LuckyMouse/EMISSARY PANDA, a group with suspected MSS Shanghai ties - WICKED PANDA/APT41, a group with known ties to MSS Sichuan contractors - Tonto Team/KARMA PANDA, a group with suspected ties to the former 3PLA’s Shenyang TRB (Unit 65016) MSS operators are also known to source tools and datasets from underground marketplaces. This has previously included purchasing both datasets that could be used for further intrusion operations or potential human intelligence (HUMINT) operations, as well as malware sales from known cyber criminal vendors. This may account for the variety of tools seen in use by MSS 9 https://www.uscc.gov/sites/default/files/USCC-Webster-Written-FINALSUBMIT.pdf 10 https://www.recordedfuture.com/chinese-mss-vulnerability-influence/ 11 https://intrusiontruth.wordpress.com/2020/01/16/apt40-is-run-by-the-hainan-department-of-the-chinese-ministry-ofstate-security/ 12 https://www.crowdstrike.com/blog/two-birds-one-stone-panda/ ----- operators and explain why many of them are more advanced than tools typically seen in the domestic Chinese underground marketplaces. In an example of typical MSS operations, an intrusion into a European target saw MSS officers pay contractors to conduct network exploitation on victim systems. Though the origin of the contractors was unknown, they used tools associated with the Russian underground, conducting lateral movement across the victim systems before turning direct intrusion access over to MSS officers. The objectives of the MSS were unclear in this case, however, the access would allow for easy exfiltration or potential future strategic web compromise activity. ## MSS & PLA: Competition vs. Collaboration Prior evidence suggested that MSS and PLA operations were somewhat in competition for resources as well as for valuable collection on identified targets. Previously, it was believed there was a lack of coordination between APT operations groups and there are plenty of examples in private sector reporting of multiple China-backed adversaries concurrently collecting the same information on the same network with different operators and tooling. However, it is likely this coordination is improving with time and greater control of the PLASSF’s cyber actions due to the reorganization. There have also been observed instances of the MSS stealing potential recruits from the former 3PLA. A candidate who had already been approached by PLA recruiters was enticed to the MSS due to an easier recruitment process, better pay/benefits, and more freedom as non enlisted, which typically meant physical training (PT) for cyber operators unused to it and living in military dorms. MSS recruitment strategies will be discussed further in the next section. It appears unlikely in the current environment that MSS cyber operations would be used to prep the battlefield for PLA network attacks in a wartime footing. This is largely due to the MSS’s role as primary foreign intelligence collector, a role it would likely default to during wartime scenarios, and its use of criminal contractors, which are relatively uneven in their capabilities and methods for conducting CNE. A more likely scenario is that the MSS’s various network access via their contractors would be handed over to the PLASSF’s CNA units for follow on actions based on MSS recommendations about target value. This would essentially be handing its malware controllers over to the military to centralize its possible attack surfaces. As the PLASSF combines the former 3PLA’s SIGINT capabilities and the 4PLA’s EW methods, it is likely already conducting intelligence vs. attack value analysis internally to inform its cyber units on whether a target should be collected on or maintain a foothold on its network for future CNA use. The PLASSF’s 311 Base has inherited multiple separate units' prior roles in conducting psychological warfare operations, making it unlikely the MSS would conduct cyber operations for this purpose. However, another likely scenario is that the MSS instructs its various contractors to engage in patriotic hacking of lower tier targets to avoid conflicting with military ----- operations and to cause chaos and confusion. This would be likely a fairly simple task given the history of many of its contractors and their patriotic roots. ## Recruitment Contractors act as both a force multiplier and alternative tradecraft for the MSS. Although open source tools provide the bare essentials needed to meet their collection requirements, contractors greatly augment their technical capabilities and plausible deniability. The MSS appears to extensively favor the use of contractors because it allows for operations to be easily terminated, adds an extra layer of operational security (OPSEC) between the victim and intelligence officers, offers a variety of technical responses to fulfill collection requirements, creates plausible deniability in the event attacks are reversed, and can provide additional technical expertise that may not exist in-house. Contractors are approached in a variety of ways, sometimes maintaining distance and providing only direction and requirements. Other times partnerships may be formalized via CNITSEC and government contracts. It is assessed that during the Beijing 2008 Olympics, the MSS hired several contractors under the pretext of conducting security evaluations and pentesting. These hackers-for-hire were based regionally and were told to use any means necessary to compromise targets. It is unclear whether any of these contractors were then kept on retainer for future operations after the relationship was established. However, the MSS has since been observed continuing the use of contractors in multiple operations, making it more likely that established agreeable working relationships with specific contractors were formed and those contractors were solicited multiple times. Recruitment also appears heavily sourced from long-standing patriotic hackers and in many cases blackhat cyber criminals hacking domestically for profit. New laws during the late 2000s gave new powers to the MPS and MSS to pursue cyber criminals domestically, and it is believed that many of these same individuals came under legal scrutiny or were arrested. It is suspected several were released in exchange for rendering their skills to the state for cyber espionage purposes, and subsequently allowed to continue their criminal activities as long as they targeted victims outside China. See the “Evolution” section below for an example of this. Various domestic Chinese hacking conferences from 2008 onward demonstrated that there seemed to be an almost revolving door between China’s early patriotic hacker groups, the PLA, MSS affiliated entities like CNITSEC, and various private sector companies later proven to have worked for China’s intelligence services. Security conferences like XPwn2017, a Beijing conference sponsored by Baidu and legacy patriotic hacking team Xfocus, partnered with CNNVD, Venustech, Alibaba, Pangu Team (China’s top iOS jailbreaking team), and Knownsec (another security company founded by legacy Chinese hackers).[13] Its main consultants featured (see Figure 4): 13 http://xpwn.xfocus.net/ ----- - HUANG Xin (黄鑫) aka Glacier of Xfocus, —the author of China’s first domestic remote access tool (RAT) and listed as the Chief Technology Officer (CTO) of Big World (大成天下) - ZHOU Jingping (周景平) aka Superhei of Ph4nt0m Security Team—Chief Security Officer (CSO) of Knownsec - LIU Hongyun (刘鸿运)—Deputy Chief Engineer of CNITSEC - ZHU Qianghang (朱钱杭) aka Pineapple of Venustech Active Defense Lab - WEI Qiang (魏强), aka Funnywei of Xfocus who has taught cyber operations for the PLA Information Engineering University - HAO Yongle (郝永乐) of the CNNVD Operations Management Center Conferences like XPwn and Tianfu Cup are known fertile recruitment grounds for the MSS and even the PLA as it provides ample opportunity to meet with established hacking teams, skilled individual operators, and university students. There will be a separate panel following this one that discusses some of the universities the MSS and PLA use as recruiting grounds. Contractors are likely provided ample financial compensation for their efforts, though China likely struggles from the same private sector “brain drain” effect given China’s top tech firms have significantly higher salaries and freedom. However, the MSS has an advantage of being able to co-opt talent if they wish, especially if an individual’s cyber activities conducted during their youth fall under criminal activity. Prior to 2017, skilled vulnerability researchers at BAT and Qihoo 360 were able to double up on prize money by reporting it domestically and then winning competitions like Pwn2Own abroad to receive prize money from western security vendors. While Chinese dominance in these competitions was notable to western researchers, it still provided top security vendors with access into the kinds of vulnerabilities China was producing. The post-2017 arrangement damages this process and gives even more vulnerability hoarding power to the MSS. As a result, the MSS and specifically CNITSEC likely needed to increase their prices as part of the 2017 restriction on Chinese vulnerability researchers reporting to foreign vendors before reporting to the MSS. In addition, it is believed that many of these security researchers or MSS contractors were barred from leaving China after 2017 and the arrest of the Sakula developer following his attendance at a US security conference. It is unclear the exact type of “immunity” contractors that also hack for profit are given if they conduct operations on behalf of the MSS. Immunity is a loaded term in China, where senior t retired CCP officials once thought immune to purges were made low again under Xi Jinping’s rule to prevent outsized influence over current politics. Immunity in this case is much more likely to represent the MSS and MPS turning a blind eye to these criminal activities rather than providing lifelong immunity. This makes the relationship between blackhat contractors and the MSS a tenuous one, based mostly on those criminals conducting their activities outside of China to prevent a conflict of interest where the MSS and MPS need to protect Chinese citizens from their own operators. This is likely why there is a rise of tactics like ransomware and cryptojacking against foreign targets from several Chinese actors. ----- # Collection Priorities for PRC Intelligence & Subsequent Tasking There are numerous fantastic resources that are publicly available and show how China’s multitude of concurrent plans including the 863 & 973 Plans, Five Year Plans, Made in China 2025 (MIC2025), Space Science & Technology in China: A Roadmap to 2050, and more, which all create an overlapping tapestry of key technology gaps. Some of the highlights of China’s priorities from recent plans include: - **Alternative Energy - Solar, Wind Turbines, Hybrid/electric cars** - **Biotechnology - Biomanufacturing, Biopharmaceuticals, Genetically modified** organisms, Infectious disease treatment, Cutting-edge vaccines and drugs - **Defense - Aerospace & Aeronautical Systems, Armaments, Marine Systems, Radar,** Optics, Space infrastructure and exploration technology - **High-end Manufacturing - Chemical Manufacturing, Advanced robotics, Aircraft** engines, High-performance composite materials, Integrated circuit manufacturing equipment and assembly technology - **Technology - Artificial intelligence, Big data analysis, High-end computer chips,** Network equipment, Quantum computing and communications, Rare-earth materials These technology gaps ultimately get broken down into more specific intelligence requirements that the PRC’s intelligence agencies are then tasked with collecting. For collection, the MSS and PLA likely share common parent in the form of the State Administration of Science, Technology and Industry for National Defense (SASTIND/国家国防科技工业局). See Figure 2 for an organizational chart. Within SASTIND there are likely two departments responsible for developing and tasking technology related intelligence requirements, and for collecting intelligence against those requirements.[14] - The Comprehensive Planning Department, which tasks collection to the MSS and most likely, the PLA, Joint Intelligence Bureau. - The International Cooperation Department, which has its own independent collection capability. Members of this department travel with PRC scientists to collect information against specific requirements. After tasking from SASTIND, it is unclear how the MSS or PLA divvy up requirements or whether they compete on objectives (competition between the two has thus far only been observed publicly on an operational basis). One key factor sets PRC intelligence gathering apart, which is that it takes a whole-of-society approach to collection. Prior anecdotes about “grains of sand” aside, the MSS is able to 14 Chinese Espionage: Operations and Tactics”, Nicholas Eftimiades, Virtruvian Press, 2020 ----- influence Chinese companies, overseas students, professors, scientists, and the overseas Chinese diaspora to assist in intelligence gathering efforts, and has been shown to leverage all of them as both cover and collection agent. The PRC’s National Security Law compels assistance when required, and the MSS, like its domestic partner the MPS, has been known to pressure family members residing in China to force actions of those abroad. This is a force multiplier when combining the MSS’s ability to conduct human intelligence (HUMINT) and cyber operations in concert. That ability will be discussed in the “HUMINT + Cyber” section. # Evolution: Chinese Patriotic Hacker → PLA → MSS → Private This early evolution of how the PRC leveraged its early patriotic hacking groups to supplement its lack of in-house talent is best viewed through the lens of one individual who has been present throughout this entire process: Tan Dailin (谭戴林) aka WickedRose. A September 2020 US DoJ indictment against several members of the WICKED PANDA/APT41 featured Tan and several co-conspirators who had conducted over 100 documented intrusions into global companies over the course of a decade.[15] My own research around this indictment and actor led me to discover the untold story of how Tan evolved from an angsty patriotic hacker at university, to the leader of a group of contract hackers for hire for the PLA, an MSS contractor, and eventually a savvy cybersecurity entrepreneur (see Figure 5). Tan was a central figure in the early 2000s Chengdu patriotic hacking scene and a notable member of the Evil Octal Security Team. While attending Sichuan-area universities, he formed ties with Zhou Jibing (赵纪斌) aka WHG, the developer of PlugX[16], a remote access tool (RAT) that would later be favored by a majority of Chinese APT groups from 2012-2016[17]. Tan’s skills as a developer and intrusion operator led to him founding the Network Crack Program Hacker (NCPH) group out of his dorm room while at the Sichuan Institute of Science and Engineering/Sichuan University of Science and Technology (SCIT/四川理工学院). Tan and Zhao worked to develop the NCPH rootkit, which was also known as GinWui. The variant GinWui.A is believed to have been an early precursor to PlugX, which was later licensed out to multiple APT groups for use in offensive campaigns against western systems. This suggests both a common supply chain entity providing these tools across PLA and MSS lines, and that Zhao was likely paid to continue to develop and refine his malicious code into first PlugX and later the evolved Clambling RAT over several years and cycles of development. 15 https://www.justice.gov/opa/pr/seven-international-cyber-defendants-including-apt41-actors-charged-connectioncomputer 16 https://cybersecurity.att.com/blogs/labs-research/the-connection-between-the-plugx-chinese-gang-and-the-latestinternet-explo 17 https://www.blackhat.com/docs/asia-14/materials/Haruyama/Asia-14-Haruyama-I-Know-You-Want-Me-UnpluggingPlugX.pdf ----- Tan applied to graduate school at Sichuan University in 2005. It was during his time there that Tan is believed to have been approached by the PLA, which found him via his blog and his attempted intrusions into Japanese systems. In September 2005, he was encouraged to participate in a Network Attack/Defense Competition where he and his team won first place.[18] Tan was found by the Chengdu Military Militia Information Sub-Unit—a unit that likely served as recruitment spotters for the former 3PLA Chengdu Military Region (MR) 1st Technical Reconnaissance Bureau (TRB) Unit 78006, which was later implicated in the Titan Rain attacks against the U.S. government.[19] Following the competition in October 2005, Tan and his team of former NCPH colleagues participated in an intensive 16-hour-a-day, month-long training period with the PLA designed to simulate attacks, design hacking tools, and develop training courses for network infiltration strategies. It is assessed that these efforts greatly improved PLA cyber operations at the time. In the spring of 2006, Tan continued to refine the Ginwui rootkit before dropping out of school on 30 April 2006 to pursue state-directed intrusion operations full time. From May through September 2006, Tan and the NCPH crew likely conducted CNE operations directed against the U.S. DOD on behalf of the PLA. The intrusions at the time were unprecedented and are some of the first examples of the PLA (and by extension the CCP) paying the salaries of hackers for hire to conduct CNE against the U.S.[20] From the timing of Tan’s blog posts during these intrusions, it is clear the PLA provided lodging and salaries to several young Chinese hackers as part of this campaign. Included among those mentioned as “colleagues” on Tan’s posts was Blackfox, the alias of fellow indicted WICKED PANDA member Jiang Lizhi (see Figure 6).[21] In 2007, Jiang would go on to work for offensive cyber PLA contractor Yanlong Tech, a technology firm regularly targeting the gaming industry— which is assessed to be activity roughly analogous to early Winnti Group operations against multiple Asian and western gaming firms. It is unclear whether Tan and Jiang had met prior to this hacking “internship” with the PLA, but it is likely this served as a common thread for their future endeavors together as well as the reason Yanlong did early work for the Chengdu MR TRB. Tan would join Yanlong reportedly only in 2011, but Jiang stayed until 2014 when he left to start Chengdu 404, the other contracting entity outlined in the 2020 DoJ indictment. Details from Tan’s personal blog show that he also disliked his time at Sichuan University and was merely there to get his degree, much preferring his “internship” colleagues and time spent hacking. Tan’s own former university in Zigong listed him among accomplished students for winning first place in the first national computer network offensive/defensive competition and earning the “first-class merit award” from the PLA Chengdu MR. Other records show he competed in the Chengdu Westone Cup and took second place in 2006. Westone is a 18 https://www.hsgac.senate.gov//imo/media/doc/042809Paller.pdf?attempt=2 19 https://web.archive.org/web/20120822123730/http://www.time.com/time/magazine/article/0,9171,16920632,00.html 20 Dunham, Ken, and Jim Melnick. "Wicked Rose" and the NCPH Hacking Group. fserror.com/pdf/WickedRose_andNCPH.doc 21 https://web.archive.org/web/20060712163357/http://www.mghacker.com:80/default.asp?cateID=1 ----- subsidiary of the China Electronics Technology Group Corporation’s (CETC) Network Information Security Company and of the CETC 30th Research Institute in Sichuan. CETC is a known state-owned enterprise (SOE) and benefactor and potential driver of Chinese CNE and intellectual property theft; the organization has conducted classified work on behalf of the PLA and MSS. In April 2009, several Chinese forums reported that Tan was arrested by the Ministry of Public Security (MPS) after he reportedly conducted Distributed Denial of Service (DDoS) attacks and blackmailed users of other popular hacking forums such as Hackbase, the magazine HackerXFiles, and 3800hk. Members of these groups are believed to have turned him into the authorities. He faced 7.5 years in jail, however it is unclear whether he actually served any of the time.[22] Given the DoJ indictment information that he contracted for the MSS more recently, one potential theory is that due to his prior military contracting service, the MSS made him a plea deal to continue hack-for-hire intrusion activity in exchange for commuting his sentence. Tan is suspected to have reappeared in 2011 when he worked for Yanlong Tech using the alias _Blackwolf, reuniting with his former associates Blackfox and EvilC0de. The firm appeared to_ have strong ties to the gaming community and due to prior five year plans outlining the CCP’s desire to become a major global force, it is believed many of the team members used their experience working with kernel-level vulnerabilities modding games to conduct intrusion operations and target Asian and western gaming firms to steal technology and monetize ingame currency. It is unclear why Tan left after barely a year at Yanlong, but he wasted no time getting back to his criminal roots by setting up a fake antivirus firm named Anvisoft.[23] Although the firm purported to offer a security product, given Tan’s concurrent activities, it is likely this was a front company for other activities and that Tan began contracting for the MSS around this time. Tan’s activities after 2012 are less readily accessible despite his fame. This is potentially due to his online presence being scrubbed by the MSS. Registrant data for emails tied to Tan suggest he was still active as a MSS contractor and consistently registering domains from 2012 to 2019—though none that were immediately traceable to WICKED PANDA/APT41 activity. This is potentially indicative of him using third parties for domain registration given his own notoriety by that point. Legal records show that from a period from June 2010 to at least April 2020, Tan was busy registering several private technology firms with various focuses, serving as a legal representative, technology director, investor, and CEO at several firms. Tan was still in Chengdu during this period as evidenced by both the firms he registered and also the technology patents filed under his name. 22 https://web.archive.org/web/20160506182604/http://www.thedarkvisitor.com/2009/04/withered-roselaw-donecomeand-got-him/ 23 https://krebsonsecurity.com/2012/11/infamous-hacker-heading-chinese-antivirus-firm/#comments ----- Tan’s path follows many famous legacy Chinese hackers who served as contractors or educators for various state-backed entities in the late 2000s before becoming entrepreneurs in China’s burgeoning cybersecurity scene throughout the 2010s. As demonstrated in countless other companies claiming to do only whitehat security work on behalf of the Chinese state, many of the upper echelon of China’s cybersecurity companies have close ties to the CCP and conduct offensive operations as well as providing defense. Some of these firms, such as Threatbook and Qihoo 360, have established themselves as defensive cybersecurity organizations, but they likely also engage in offensive intrusion activities and/or vulnerability research on behalf of the CCP. Former Qihoo 360 executive Tan Xiaosheng (谭晓生) served as a director at one of Tan’s own firms and has been previously implicated along with Qihoo for his ties to the MSS 13th Bureau/CNITSEC. Also of note in these indictments against WICKED PANDA/APT41 was their collection of data during their intrusion campaigns which fed into a big data repository tool Tan’s co-conspirators called SonarX. These actors were particularly skilled at extracting personally identifiable information (PII) during their intrusions and finding a way to monetize it via this platform. Furthermore, the case showed that not only are breaches like these collecting the data, but that the data sets are being organized and used for follow-on targeting of dissidents, journalists, and religious figures. This proves the MSS is likely capable of using data gleaned from other breaches such as 2015’s OPM breach to create targeting packages for both future cyber and HUMINT operations. # MSS Use of HUMINT and Cyber Operations in Tandem Another recent DoJ/FBI case that brilliantly shows how the MSS operates is a series of indictments tied to a set of cyber operators named TURBINE PANDA/APT26. This actor and its campaigns stand out for several reasons: - The case resulted in the first US arrest and extradition (in partnership with EU-based authorities and allies) of a high-ranking MSS intelligence officer. - It demonstrated the MSS’s ability to use HUMINT operations and insider threats in tandem with cyber espionage campaigns to great effect (See Figure 7) - MSS’s HUMINT and cyber operators frequently communicated and even attempted to cover one another’s tracks, demonstrating a high degree of coordination. - MSS cyber operators were likely made up of a mixture of in-house talent and outside contractors, many of which have traceable backgrounds to various Chinese patriotic hacking groups. - TURBINE PANDA’s multi-year cyber campaign systematically targeted various aerospace firms that made up the supply chain for foreign-sourced parts for China’s C919 airliner. ----- - TURBINE PANDA operators also played a role in conducting the OPM intrusion, likely as part of the MSS’s big data collection efforts to map US cleared government employees. - The timescale for these operations happened in quick succession; Chinese aerospace firms had barely inked joint ventures with western firms before operational prep began. - The totality of identifying key technology gaps, cyber campaigns, HUMINT operations, malware development/usage, and eventual arrests offered a rare glimpse into the full Chinese intelligence cycle from tasking to collection, analysis, and eventually a statebacked beneficiary. - The aftermath showed an immediate reaction from the MSS from 2017 onward, which banned many security researchers from traveling to overseas conferences and codified CNITSEC’s ability to harvest domestic vulnerability research for use in exploits. If anything this likely increased the potency of MSS cyber capabilities. A major focus of the CCP in the late 2000s was a Chinese-built commercial aircraft designed to compete with the duopoly of western aerospace and keep pace with China’s exponentially growing middle class and their travel needs. That aircraft would become the C919—an aircraft roughly half the cost of its competitors, and which completed its first maiden flight in 2017 after years of delays due to design flaws. But the C919 can hardly be seen as a complete domestic triumph as it is reliant on a plethora of foreign-manufactured components (see Figure 8 for an incomplete list). Likely in an effort to bridge those gaps, TURBINE PANDA conducted cyber intrusions from a period of roughly 2010 to 2015 against a variety of companies that make up the C919’s supply chain. Specifically, in December 2009, the state-owned enterprise (SOE) Commercial Aircraft Corporation of China (COMAC/中国商用飞机有限责任公司) announced it had chosen CFM International’s (a joint venture between U.S.-based GE Aviation and French aerospace firm Safran, formerly Snecma) LEAP-X engine to provide a custom variant engine, the LEAP-1C, for the then-newly announced C919. The deal was reportedly signed in Beijing during a visit by then-French Prime Minister François Fillon. Despite the early deal with CFM, both COMAC and fellow SOE the Aviation Industry Corporation of China (AVIC/中国 航空工业集团公司) were believed to be tasked by China’s State-owned Assets Supervision and Administration Commission of the State Council (SASAC) with building an “indigenously created” turbofan engine that was comparable to the LEAP-X. In August 2016, both COMAC and AVIC became the main shareholders of the Aero Engine Corporation of China (AECC/中国航空发动机集团), which produced the CJ-1000AX engine. The CJ-1000AX bears multiple similarities to the LEAP-1C, including its dimensions and turbofan blades. The AECC conducted its first test in May 2018, having overcome significant difficulties in their first mockups. Though it is difficult to assess that the CJ-1000AX is a direct copy of the LEAP-X without direct access to technical engineering specifications, it is highly likely that its makers ----- benefited significantly from the cyber espionage efforts of the MSS, knocking several years (and potentially billions of dollars) off of its development time. From August 2017 until October 2018, the DoJ released several separate, but related indictments against Sakula developer Yu Pingan[24], JSSD Intelligence Officer Xu Yanjun[25], GE Employee and insider Zheng Xiaoqing[26], U.S. Army Reservist and assessor Ji Chaoqun[27], and 10 JSSD-affiliated cyber operators in the Zhang et. al. indictment[28]. What makes these DoJ cases so fascinating is that, when looked at as a whole, they illustrate the broad, but coordinated efforts the Jiangsu State Security Department (JSSD) in Nanjing took to collect information from its aerospace targets. In particular, the operations connected to a TURBINE PANDA showed both traditional human-intelligence (HUMINT) operators and its cyber operators working in parallel to pilfer the secrets of several international aerospace firms and even the data from OPM. It is believed that cyber targeting of aerospace firms by TURBINE PANDA cyber operators began in January 2010, almost immediately after the LEAP-X engine was chosen for the C919. The Zhang indictment describes initial preparatory action using doppelganger sites to conduct strategic web compromises (SWC) in combination with DNS hijacking to compromise various aerospace firms using two China-based APT favorite pieces of malware, PlugX and Winnti, and malware assessed to be unique to the group dubbed Sakula. The same ZHANG indictment indicates that these operations were overseen by CHAI Meng (柴 萌), who likely managed the JSSD’s cyber operators as a pseudo Cyber Section Chief. Reporting to CHAI was the cyber operator team lead, LIU Chunliang (刘春亮 /sxpdlc1r/Fangshou), who appeared to establish and maintain much of the infrastructure used in the attacks on various aerospace targets as well as organize the intrusions conducted by the operators Zhang Zhanggui (张长贵/Ieanovr/Ieaonr), Gao Hongkun (高洪 坤/Mer4en7y), Zhuang Xiaowei (庄枭伟/jpxxav), Ma Zhiqi (马志琪/Le Ma), and Li Xiao (李潇/zhuan86). Many of these individuals are assessed to have storied histories in legacy underground hacking circles within China dating back to at least 2004. Notably, Liu also appeared to broker the use of Sakula from its developer Yu, as well as the malware IsSpace (associated with SAMURAI PANDA) from its developer Zhuang. Liu and Yu’s conversations about Sakula would be a critical factor in tying all of this disparate activity together as Sakula was believed to be unique to the JSSD operators and could be used to tie several aerospace intrusion operations into a single, long-running campaign as well as the OPM intrusions. 24 https://regmedia.co.uk/2017/08/24/yu.pdf 25 https://www.justice.gov/opa/press-release/file/1099881/download 26 https://www.justice.gov/opa/pr/new-york-man-charged-theft-trade-secrets 27 https://www.justice.gov/opa/press-release/file/1096411/download 28 https://www.justice.gov/opa/press-release/file/1106491/download ----- Simultaneously, there was a HUMINT element to the JSSD’s espionage operations against aerospace targets. Xu Yanjun, was identified in his indictment as the Deputy Division Director of the Sixth Bureau of the JSSD in charge of Insider Threats. Xu affiliated himself with two cover organizations—Jiangsu Science and Technology Association (JAST) and the Nanjing Science & Technology Association (NAST)— when interacting with potential targets. Xu also was reported as frequently associating with the Nanjing University of Aeronautics and Astronomics (NUAA), a significant national defense university controlled by China’s Ministry of Industry and Information Technology (MIIT), that interfaces directly with many of China’s top defense firms and stateowned enterprises. It is likely no coincidence that NUAA is a regular collaborator with stateowned enterprises (SOEs) COMAC and AVIC, the main shareholders of AECC, which went on to produce the LEAP-X inspired CJ1000-AX turbine engine for the C919. Over the course of several years, Xu would recruit both an insider at LEAP-X manufacturer General Electric (GE), Zheng Xiaoqing, and a Chinese-born Army reservist, Ji Chaoqun (季超 群). Zheng’s background appears to have made him uniquely qualified to accurately assess turbine engine schematics, and it was clear from his indictment that he had received coaching on which sensitive information on GE’s turbine technology to access and how to use steganography in an attempt to exfiltrate the information. Ji, who entered the U.S. on an F-1 student visa to study electrical engineering in Chicago, was approached by Xu (initially undercover as an NUAA professor) in December 2013 and eventually recruited to provide assessments on other high-value individuals in the aerospace industry for potential recruitment by the MSS. Ji’s position in the U.S. Army Reserve program known as Military Accessions Vital to the National Interest (MAVNI) provided a perfect cover for Ji’s assessment activities, as the program focuses on potential recruitment of foreign citizens with skills pertinent to national interest and legally residing in the U.S. Had it been successful, JI would have been handing Xu other foreign-born recruitment candidates as they were about to enter U.S. military service on potentially sensitive projects. # Exposure As the frequency of MSS operations increased and attention shifted from the PLA during its reorganization, a mixture of anonymous reporting from a group called IntrusionTruth, private sector reporting, and DoJ indictments have shed more light on the MSS’s cyber operations. However, most notably, these repeated exposures do not appear to be actively hindering continued activity from MSS contractors, which have only gotten more brazen in their recent activities. Beginning in May 2017, the first public exposure of MSS-affiliated entities came from an anonymous group known as IntrusionTruth in the form of blogs and a twitter account dropping (sometimes dubiously sourced) series of posts detailing personal details of MSS cyber contractors and the breadcrumbs they’d left behind during their prior intrusion efforts. Over the course of several years they would out individuals tied to groups known in the private sector as ----- GOTHIC PANDA/APT3, STONE PANDA/APT10, AURORA PANDA/APT17, KRYPTONITE PANDA/APT40, and other lesser known entities. These were roughly tied to provincial and national level MSS bureaus and CNITSEC offices in Guangdong, Tianjin, Jinan, and Hainan respectively. Though sometimes presented haphazardly in blog posts, multiple private sector firms' work including CrowdStrike, Mandiant, and RecordedFuture appeared to frequently corroborate IntrusionTruth’s releases. In addition, several released DoJ indictments followed these mysterious releases, further corroborating that the US government knows about many of these actors and their backgrounds. I will refrain from commenting much further on IntrusionTruth as anonymity is key to their continued successful operations. The MSS has previously proven it has no issues publicly executing spies or those assisting foreign powers, and their very existence is likely perceived as a threat to the CCP.[29] However, I do believe good work is being done here and it is breaking down some of the existing barriers between private sector cyber intelligence and the federal sector, which ultimately leads to more future collaboration. Integral work is currently being done by all the mentioned parties to identify these threats and prevent them from harming US interests. However, more work is needed to assist these efforts with funding and new policies centered around collective defense, active defense/offense, and education of our partners, allies, and our workforces. # Recommendations The CCP has managed to absorb new technology and strategy the U.S. has pioneered (the Internet, EW usage in the Gulf War, Cult of the Dead Cow’s use of Trojans, Microsoft’s source code, destructive cyberweapons, etc.) and turn it into an asymmetric advantage. In a way, rampant Chinese cyber espionage is a monster of our own creation, but it is one that can at least be curbed through carefully considered policy adjustments. One thing is painfully clear: the strategy of “Name & Shame” does not work, and the CCP’s constantly regurgitated response asking for proof and the US complying is akin to handing China a report card on their intelligence gathering capabilities. Robust, two-way policies for sharing of threat actor information across the private and federal sector, as well as between international intelligence partners can still be incredibly useful. But naming and shaming in hopes of embarrassing China into changing its behavior is not the effective deterrent or panacea it was perhaps naively hoped to be under rule of Xi Jinping. My recommendations, while numerous, look to combat China’s whole-of-society approach to gathering intelligence with our own multi-faceted active defense approach. It draws upon 29 “Chinese Communist Espionage: An Intelligence Primer”, Introduction, pg. 1, Peter Mattis and Matthew Brazil, Naval Institute Press 2019 ----- frustrations myself and many other hard-working patriots in both the federal and private sector have experienced when trying to combat this threat for well over a decade. This involves a strategy of hardening defenses, providing meaningful consequences that impose costs to APT groups, and education of our partners and domestic assets. ### Harden Defense - Invest in better software solutions and data centers to un-silo and share data between domestic agencies and commercial businesses. Some collaboration is happening between CISA and information sharing and analysis centers (ISACs), but it is disparate, usually depends on interpersonal relationships, and data is fragmented from company to company (i.e. hard to utilize effectively for collective defense). This needs to go beyond CISA and should involve several government agencies and counterintelligence stakeholders. - Re-examine intelligence classification methods for data sharing purposes. As demonstrated in several of the aforementioned DoJ cases, much of the data concerning Chinese intrusions are “overclassified”, which unnecessarily gate keeps relevant parties and hampers collective defense. Sources and methods should remain classified, but most cyber tactics, techniques, and procedures (TTPs) are predominantly discoverable using open source techniques and should be treated as such. Open source centers work and should be more accessible to the private sector. - Increase intelligence sharing on Chinese cyber espionage with allied international countries to reduce attack surfaces and increase collective defense. The US need not act as gatekeepers of Chinese counterintelligence when a multitude of nations and industries suffer from the same affliction. Encourage two-way sharing of Indicators of Compromise (IOCs) and counterintelligence reports. Improve inter-agency task forces to share internationally, and educate partners on removing bureaucracy from the multitude of cyber departments and stakeholders that currently exist. Publicly promote united stances with partners against China’s cyber espionage activities and more recently destructive actions (HAFNIUM). - Establish defensive partnership programs via government and private sector cybersecurity firms with Asian allies (Taiwan, Japan, South Korea, Philippines, Vietnam) to hunt, remove Chinese adversaries from their networks, and improve overall defensive posture. Frankly, this should have already started for increasingly critical technology companies such as TSMC and other partners in the semiconductor supply chain. - Re-shape public and private policies around disclosure of hacks. As both a former FBI and private sector cybersecurity employee I’ve seen a breakdown between the balance of commercial firms trying to prevent stocks from plunging by disclosing an intrusion and ----- counterintelligence efforts getting the timely information they need for national security purposes. Incentivize reporting of intrusions via trusted commercial cybersecurity partners or FBI/DHS and establish meaningful consequences for firms that sweep intrusions under the rug or attempt to cover them up. Reporting should be mandatory for commercial firms receiving government money, especially defense contracts. - More defensive options for federal (FBI, DHS) and approved private sector entities to remove attack surfaces and take down (and recover copies of) malicious C2 infrastructure. Increased sharing between federal/private stakeholders to include hosting providers and domain providers. Expand existing sharing relationships to include raw data in addition to technical indicators of malicious activity. ### Active Defense/Offense - More offensive options on a sliding scale for federal (DOD/NSA, CIA) entities to impose cost on known APT groups. Currently, there are no actions happening (or at least publicly known) that have dissuaded Chinese APTs from engaging in cyber espionage. The CCP has done cost/benefit analysis and concluded it is currently too beneficial to its strategic plans to stop these activities or to care about being implicated. In many cases, these individual actors or firms are well-known to US intelligence agencies; we should not be as hesitant to let our own professionals covertly degrade their ability to conduct future operations especially when there is a body of evidence of historical criminal or destructive actions. Tan Dailin/WickedRose would easily fall into this category as a two decade repeat offender. - Add Chinese universities, companies, and conferences providing support to APTs or a proven cyber talent pipeline for the MSS/PLA to the US Commerce Department’s Entity List. Consider revoking visas for professors and students from Chinese universities in special cyber and technology programs that are known to receive funding/support from MSS/PLA or have been implicated in prior espionage cases. - Conduct economic action to include sanctions against known CNITSEC contractors and entities actively supporting Chinese cyber espionage, surveillance of minority groups, and vulnerability miners that fail to report to affected western companies. - Deputize and create standards and procedures around private cybersecurity companies’ ability to assist in deception and denial techniques on behalf of their customers. Think less “letters of marque” and more the model set by the NSA’s Accredited Cyber Incident Response Services vendors. - Draft public policies that protect valuable domestic security researchers from external attacks by foreign APT groups and make targeting them a punishable offense by law. Establish meaningful consequences for foreign intelligence services that seek to harm, ----- intimidate, or disrupt the work of US domestic security researchers. The recent incident involving an anonymous researcher P4x shutting down North Korea’s internet in retaliation to personal attacks and a lack of government support comes to mind.[30] - Work with international law enforcement partners to apprehend and degrade MSS contractor’s overseas accomplices or seize laundered funds. This hits select entities in their wallets and makes it more difficult to for them to profit off criminal activity on the side of their MSS operations. ### Educate - Reform the DoJ’s “China Initiative” to include more educational resources about MSS/PLA recruitment techniques and the consequences of spying. Students studying abroad are frequent targets of these efforts, but there are little efforts made to educate students from abroad on the potential consequences. Solicit input from ChineseAmericans and trained linguists to make educational videos about PRC intelligence recruitment and pressure techniques, and safe steps to report it to university authorities and the DoJ. Require US universities to establish safe reporting spaces free of reprisal or public ridicule, as there are several cases of Chinese students reporting “unpatriotic” activities to the MSS while abroad, damaging trust in Chinese student associations. These efforts should take maximum effort to not discriminate against Chinese students and professors or impede normal educational exchanges. - Sponsor “diplomatic track” cyber competitions that promote further sharing between Chinese and western capture-the-flag/cybersecurity groups to reestablish the hacker spirit of healthy competition. Anyone who’s attended DEFCON or any less commercial cybersecurity conference will be able to tell you that for the most talented of cyber researchers, they attend to share knowledge and bend technology to their will, free of any patriotic loyalty. Attendees are immune from threat of arrest or prosecution, which encourages their best to attend these events and contribute to cross-country information exchanges and dialogue. - Coordinate alternate bug bounty programs with western stakeholders (Google, Microsoft, Apple, Meta) to encourage Chinese researchers to responsibly disclose vulnerabilities. Allow Chinese-focused payment methods (Alipay, WeChat/Weixin Pay) with a holding mechanism that pays out only after a designated time period where patching can take place and CNITSEC’s ability to cherry-pick vulnerabilities can pass. This encourages more Log4j style disclosures[31] from Chinese tech firms where PRC intelligence is shut out from utilizing high value 0days. 30 https://www.wired.com/story/north-korea-hacker-internet-outage/ 31 In 2021, an Alibaba employee first reported the now infamous Log4j vulnerability to Apache, bypassing CCP government policies of reporting to CNITSEC first. Why the Alibaba researcher did not report the vulnerability to the government first is unclear, but the company lost a government contract as a result ----- - Continue to improve, invest in, and boost domestic US cybersecurity talent programs to fill the shortage of qualified professionals. Allocate funding for hiring qualified private sector experts as government consultants and improving federal/private partnership opportunities. Relax drug testing and federal application policies for cyber positions given the rapidly changing legal landscape for marijuana and psilocybin medical use across many states in the US. Former FBI Director Robert Mueller advocated this approach in 2010 anticipating the need to bring on more qualified cyber professionals in the future, and noting how many excellent applicants were turned away based on outdated drug policies. # Appendix and Figures _Figure 1. An image showing the MSS often shares buildings with and uses the MPS for cover._ _This is one of at least two locations cyber contractors known as TURBINE PANDA/APT26 were_ _believed to operate out of on behalf of the MSS Jiangsu Department in Nanjing._ and the employee was likely reprimanded, making researchers hesitant to skip over the government again in the future. ----- _Figure 2. An organizational chart showing where the MSS likely derives its authority and_ _intelligence requirements from._ ----- _Figure 3. An image from CNNVD’s (the PRC’s vulnerability clearing house) site showing the_ _MSS 13th Bureau CNITSEC’s oversight of CNNVD, and a shared location in Zhongguancun_ _Park in Beijing._ ----- _Figure 4. XPWN’s Advisory Board Reads Like a Xfocus and MSS Contractor Yearbook_ ----- _Figure 5. A timeline of Tan Dailin/WickedRose’s early career and evolution from patriotic hacker_ _to PLA operator and trainer, criminal operator, gaming firms, MSS contractor, and eventually_ _cybersecurity firm owner._ _Figure 6. Archive of Tan’s Personal Blog from 2006 Shows Blackfox was Likely Also Working for_ _the PLA’s Chengdu MR at the Same Time_ ----- _Figure 7. A mapping of how MSS cyber operators known as TURBINE PANDA and MSS_ _HUMINT operators worked in tandem to pilfer aerospace secrets over a multi-year campaign._ ----- _Figure 8. An aviation enthusiast site’s breakdown of the C919 airliner’s foreign components[32]_ **Industry Names** **Affiliation** **Unit/Location** (CrowdStrike, Mandiant, Microsoft, Other) COMMENT PANDA Former 3PLA 1st Bureau Unit 61398 - Shanghai APT1 FLUORINE PUTTER PANDA Former 3PLA 12th Bureau Unit 61486 - Shanghai APT2 SULFUR OVERRIDE PANDA Former PLA Chengdu 2nd TRB Unit 78020 - Kunming APT30 Naikon GOTHIC PANDA MSS Contractors (Boyusec) Guangzhou, Guangdong APT3 BORON UPS, Buckeye TURBINE PANDA MSS Contractors Nanjing, Jiangsu APT 26 TECHNETIUM Bronze Express 32 Originally retrieved from: https://www.aerotime.aero/aerotime.team/447-made-in-china-why-c919-can-hardly-becalledchinese |Industry Names (CrowdStrike, Mandiant, Microsoft, Other)|Affiliation|Unit/Location| |---|---|---| |COMMENT PANDA APT1 FLUORINE|Former 3PLA 1st Bureau|Unit 61398 - Shanghai| |PUTTER PANDA APT2 SULFUR|Former 3PLA 12th Bureau|Unit 61486 - Shanghai| |OVERRIDE PANDA APT30 Naikon|Former PLA Chengdu 2nd TRB|Unit 78020 - Kunming| |GOTHIC PANDA APT3 BORON UPS, Buckeye|MSS Contractors (Boyusec)|Guangzhou, Guangdong| |TURBINE PANDA APT 26 TECHNETIUM Bronze Express|MSS Contractors|Nanjing, Jiangsu| ----- |STONE PANDA APT10 POTASSIUM CloudHopper, MenuPass|MSS Contractors (Huaying Haitai, Laoying Baichen)|Tianjin| |---|---|---| |AURORA PANDA APT17 HELIUM HiddenLynx, Sportsfan, DeputyDog|MSS Contractors (Real SOI, etc.)|Jinan, Shandong| |KRYPTONITE PANDA APT40 GADOLINIUM Bronze Mohawk|MSS Contractors (Hainan Xiandun Technology)|Haikou, Hainan| |WICKED PANDA APT41 BARIUM|MSS Contractors (Chengdu 404)|Chengdu, Sichuan| _Appendix 1. A partial rosetta stone for Chinese APT groups that have been publicly outed to_ _date.[33]_ 33 Much more comprehensive rosetta stones exist in the private sector and at the classified level, however, I have attempted to protect proprietary data where possible and only used ones that have had public outings and multiple corroborations for the purposes of this testimony. Further sourcing available upon request. -----