fredag 24. februar 2023

When States Buy Chinese, America Is Put at Risk

As a former Army Intelligence general, I shared Americans' contempt at the sight of a Chinese spy balloon floating above the United States earlier this month. It was a brazen symbol of disrespect for American sovereignty and our world-class detection capabilities. More troublingly, it was just the tip of a Chinese espionage iceberg inside the U.S.

China is everywhere—operations targeting American politicians and theft of commercial information from American companies are just two deeply established (and frankly, successful) lines of effort. While American leaders are thankfully working to close these security gaps, they are still paying inadequate attention to a major vulnerability at the state level: U.S. state governments have purchased millions of dollars' worth of technology manufactured by companies beholden to Beijing.

That the Chinese Communist Party (CCP) is actively penetrating state government systems isn't new information. Last year, cybersecurity firm Mandiant reported that Chinese hacking groups working at the CCP's direction had hacked six state government computer networks. Mandiant noted that the intruders were able to conduct this cyber breach by exploiting, in the words of the Associated Press, "a previously unknown vulnerability in an off-the-shelf commercial web application used by 18 states for animal health management." Cybersecurity expert Joseph Steinberg commented on the incident: "If we know that six states were breached by Chinese spies, it means we know 44 states probably have Chinese spies operating on their network that we don't know about."