back to article Five Eyes intel chiefs warn China's IP theft program now at 'unprecedented' levels

Intelligence chiefs of the Five Eyes alliance today warned that Chinese government spies stealing IP and other sensitive data from private companies pose an "unprecedented" threat to national security. The five from the US, UK, Canada, Australia, and New Zealand all appeared together on stage for the first time ever at a …

  1. Yorick Hunt Silver badge
    Facepalm

    "Five Eyes," "Hoover Institution," "Condoleezza Rice..."

    Say no more!

    1. Yet Another Anonymous coward Silver badge

      Hey if Ronnie Biggs tells you that your train is vulnerable to theft.....

    2. Anonymous Coward
      Anonymous Coward

      China IPR

      Say no more.

  2. luis river

    You think that ?

    Great matter. Intel on six years new category product line they are in quasi equal graph tech stuff than AMD -ATI in 30 years tech life !!

    1. Yet Another Anonymous coward Silver badge

      Re: You think that ?

      How's your Gran for soap?

  3. StrangerHereMyself Silver badge

    Decouple

    I believe we should decouple from the internet or make a separate internet which can't be accessed from non-Western states. The internet initially started out that way in the early '70's. With internet and digital storage it has become too easy to steal secrets and intellectual property.

    1. aerogems Silver badge

      Re: Decouple

      I understand the point you're trying to make, but it wouldn't really work. Take Apple for example, which still relies heavily on China for most of the manufacturing of its products -- even if they are slowly shifting more and more of it to Vietnam. It wouldn't really be very practical for them to have workers in the US using Internet A, while workers in China were using Internet B. At some point, someone would need to be using both and then that gives Chinese hackers a potential way in to Internet A.

      To make it work, you'd have to start bringing manufacturing back to other nations which would drive up costs significantly because we have regulations that make sure the air we breathe is generally safe, same with the water, and that we pay people at least a certain amount. The sad reality is, people will tend to always buy what is cheapest. Say you have a new release movie on BD. You go to a local retail store and there are two versions sitting side by side. One was made in the US or England, the other China. Let's say the difference in price is 1 dollar/pound. I will pretty much guarantee the cheaper Chinese one will sell at a significantly higher rate. Even if you said that the US/English made one had a lifetime warranty and they'd replace it for free even if you accidentally ran it over with your car or damaged it in some other equally ridiculous way.

      1. StrangerHereMyself Silver badge

        Re: Decouple

        I'll be the first to admit that I don't have all the answers, but short of going back to paper and pencil this is the only way of preventing China from nabbing all of our tech. If someone has a better idea I'd like to hear it.

        Fact is, security is way down the list of priorities of most companies, including high-tech companies with valuable IP.

        1. aerogems Silver badge

          Re: Decouple

          Fair enough, my friend. I'm not trying to dump all over your idea or anything. Frankly, anyone on these here interwebs who can admit that they don't know everything automatically earns a certain level of respect from me. I am all for "reshoring" a lot of jobs, be they in the US, Blighty, or anywhere else. While your idea, as-is, probably is unworkable, there might be a nugget of something useful that someone could take and run with.

      2. DS999 Silver badge

        Re: Decouple

        Apple could still collaborate over a common intranet even if there was more than one internet.

        We come pretty close to this system today, as China's Great Firewall makes the internet its citizens see a subset of the full internet. Companies that have some operations in China conduct their business over their corporate intranet, which isn't affected by the Great Firewall. An employee in the US could send an email containing a link to an external (western) news article that the employee in China can't access, so there would be some consequences/limitations even with a common intranet.

        Not sure how China handles the situation where an employee of an international company is able to access "banned" stuff if his web access goes out the company's intranet outside of China, rather than accessing from inside of China. Is that against the law, or just "discouraged"? Anyone know?

      3. MachDiamond Silver badge

        Re: Decouple

        "To make it work, you'd have to start bringing manufacturing back to other nations which would drive up costs significantly because we have regulations that make sure the air we breathe is generally safe, same with the water, and that we pay people at least a certain amount."

        There's a very good book by former Dow CEO Andrew Liveris, "Make it in America". It's a very good look into the sorts of issues large corporations have to consider when looking where to grow their businesses and where to pull back. Labor costs are becoming much less of a factor as there's less human labor in many products and wages are rising in places such as China as there's more competition to attract skilled workers.

        Environmental regulations are a good thing, but how they are implemented can be a problem. In the US there can several overlapping agencies regulating the same thing, all with different reporting requirements and often conflicting rules. Put a factory up in another country and not only have to deal with fewer regs, the ones that are policed only go through one agency. For a big company, that can eliminate a whole department of compliance personnel all commanding premium wages that are needed to juggle all of the rules and make sure the company is sticking to them.

    2. garwhale Bronze badge

      Re: Decouple

      Nothing to stop anyone using VPNs, setting up shop in a "Western state" or co-opting people in said Western states. The only way to stop digital theft would be to trash the internet and digital storage. That is not going to happen. It's a bit like fire prevention - you can take measures which will decrease the likelihood, but never change the risk to zero. Incidentally, IP theft was taking place long before computers were invented. How do you think inventions like the wheel and fire became worldwide?

  4. aerogems Silver badge

    Makes me think of a job I had a few years ago at a large multi-national company. China was basically the only market left with any significant growth potential, but because of fears regarding IP theft and the like, the company would only sell products a couple generations old in China. They even had people get specially configured laptops if they were going to travel to China. Didn't stop the employees in China from routinely sending emails wanting to know why this or that value in SAP was set the way it was for a specific material, and I'm guessing they were caught accessing design documents because the company made a big to-do about upgrading their SAP instance to a version that included a new feature which allowed them to restrict access based on region.

    And in a bit of an ironic twist, I grew up in farm country in the US, and so still sometimes see news reports about someone working at a college in, or near, my home state being deported because they were trying to steal secrets of some new agriculture technology. Sort of like how Thomas Jefferson stole seeds from Italy when he was the Ambassador. Seeds that were considered a state secret at the time. That theft essentially bootstrapped the American economy in the early days.

    1. Yet Another Anonymous coward Silver badge

      So they restricted SAP usage to China, driving them to madness and bankruptcy?

      1. aerogems Silver badge

        No idea. I wasn't really involved in those particulars, I just was peripherally aware of them. I wasn't the person who had to deal with the incessant questions from the China employees either, but it sounded like it was multiple emails a day, all asking oddly specific questions that really had absolutely nothing to do with their job. So, pretty sure they were politely, but firmly, told to STFU and stay in their lane. When China sends their industrial spies, they aren't sending their best. They are incompetent. They blow their own covers. Some, I assume, are at least semi-competent.

        The one funny story about it was that one time the person who handled those requests went on vacation, so someone else was covering for them. The spies would ask their questions and then wanted to know where "Ngoc" was. I guess that name is more typically masculine, but in this case it was a woman. So, the person covering responds back to one of the spies misgendering the person with something like, "No, Ngoc is a woman. A very beautiful woman." After which, the spies were all like, "That's OK, we'll wait for her to get back!"

        1. CowHorseFrog Silver badge

          Have you actually looked at most places ?

          Was doing a code review, pointed out some very big mistakes, and the eply was i know its wrong but i see others doing it and dont want to break standards...

  5. munnoch Bronze badge

    Meanwhile we're still happy to bank roll Poo Bear by buying (literally) boat loads of his cheap tat. It all adds up to a huge transfer of wealth. Ill-gotten in the first instance perhaps but handing it over to an idealistically hostile regime won't undo that. And the cheap tat is becoming less cheap with the likes of BYD and MG flooding our markets so the rate of transfer ramps up.

  6. amanfromMars 1 Silver badge

    Translate into Chinese please, lest in English it be thought Worthless and Nonsensical Double Dutch.

    "If you are working at the cutting edge of technology today, you might not be interested in geopolitics, but geopolitics is certainly interested in you," said MI5 Director General Ken McCallum. "Lots of people who, perfectly understandably, may not previously have thought that national security had anything to do with them do need to think about this in a new way."

    Methinks it is Five Eyes wonks who need to think about national, international and internetional security in a completely different way and which does not have them prime time leading with cutting edge technologies, but rather more following and supporting others elsewhere fully aware of the geopolitical implications of second and third party interest in their development and deployment of emerging and inscrutable and almighty powerful programs in Premium JOINT AIDVentures* Such is where all the next waves of great fortunes and future live action for NEUKlearer HyperRadioProACTive IT Systems Administrations is at.

    They [Five Eyes nationals] might like to realise, for it very likely is the present true actual case, they are themselves not fit to lead, with not a great enough understanding of that which is required for their intelligence services to provide new cutting-edge technologies in order that they can both prosper and grow ever stronger together, with such an intellectual property deficit having them vainly struggling forever and never able to take full advantage of all that can be made virtually available at no great extra cost by others foreign and alien to them .... and with JOINT AIDVentures* ...... JOINT Operations Internetworking Novel Technologies in Advanced IntelAIgently Designed Ventures ...... being one such present true actual case proving the point valid.

    And of course, Five Eyes would never themselves do any of that spying and snooping and phishing and stealing or purchasing of sensitive secrets from others, would they? :-) If you believe that, you gotta get out more lest you forever are condemned to remain an ignorant blunt tool of a fool.

    1. Anonymous Coward
      Anonymous Coward

      You've got to admire wumaos' persistance...

      >>>>... "Five Eyes do it too"...

      What about this "'unprecedented' levels" in the title?

      1. amanfromMars 1 Silver badge

        Re: You've got to admire wumaos' persistance...

        MRDA, AC, re: Five Eyes intel chiefs 'unprecedented' threat levels bleatings. One can’t have anyone/everyone thinking that’s just how everything spooky and sensitive naturally works in tandem to render secrets more acceptable as freshly minted or newly discovered general knowledge. That would never do, would it.

    2. Clausewitz4.0 Bronze badge
      Black Helicopters

      Re: Translate into Chinese please, lest in English it be thought Worthless and Nonsensical ...

      Meself would never, ever work with USA/UK/Israeli folks in a permanent basis. Politics decision. Permanent, only with my fellow countrymen or others I am aligned to.

      1. druck Silver badge

        Re: Translate into Chinese please, lest in English it be thought Worthless and Nonsensical ...

        Isn't that more to do with international sanctions than choice?

    3. Anonymous Coward
      Anonymous Coward

      Re: Translate into Chinese please, lest in English it be thought Worthless and Nonsensical Double...

      "lest in English it be thought Worthless"

      Are you speaking about your own comment? I recognize the words, but they don't seem to be arranged in a sensible manner.

      1. amanfromMars 1 Silver badge

        Re: the Question from AC .... Are you speaking about your own comment?

        Yes.

  7. Clausewitz4.0 Bronze badge
    Black Helicopters

    Geopolitics

    "If you are working at the cutting edge of technology today, you might not be interested in geopolitics, but geopolitics is certainly interested in you,"

    If geopolitics is interested in you, you certainly need to be interested in geopolitics.

  8. CowHorseFrog Silver badge

    Heres a crazy idea, maybe they should be jailing all those executives that sent all that tech and jobs to china 20 - 30 years ago and continue to do so today.

  9. Anonymous Coward
    Anonymous Coward

    My data point

    Once worked for a company making a product.

    Slowly lost quality due to parts that previously worked mysteriously going bad, and it got to the point that customers started to complain.

    Rather than fix the issues, they blamed everything but the shoddy parts quality and even went as far as sacking staff who were obviously innocent.

    Eventually enough IP got leaked that our overseas friends simply made their own version for half the price, resulting in making a deal with the

    competition and inevitable redundancies.

    I am absolutely convinced that it was deliberate sabotage but can't prove it.

    Things like components that no longer worked having done so before, no obvious reason but did determine that they weren't the specified part

    and had half their marked value in some cases but nothing was done other than complaining to the supplier(s).

    We even determined that some of the microcontrollers were seemingly defective from the get go, possibly due to substitution with an inferior

    component that had a lower clock speed and didn't even have the same part number (A suffix) but worked around it with a software fix.

    The clock speed on these was 12 rather than 26 MHz so in our application it was far too slow, but often they would run fine at this speed if

    a slight code modification was done to enable certain functions like brown out detection even though it wasn't normally used.

    AC, because a 10 year NDA may not be enough in this case due to the value of said product and what it was used for!!!

  10. DanceMan
    Boffin

    "whole other level of dangerousness."

    dangerousness -- is this worse than danger?

  11. kmckaig

    Yeah Sure...

    Says the Five Eyes, famous for their respect of privacy, non-invasive intelligence gathering and flawless transparency.

    People who think nothing of intercepting net hardware, adding spy-tech components and sending them on their way are hardly the ones to be saying to the private sector," Patch your Sh*t."

    As the kids say, "It's cringe when you do it, it's based when we do it."

    1. garwhale Bronze badge

      Re: Yeah Sure...

      Security patches don't care if they are mitigating attacks by Five Eyes, China, North Korea, Iran, or Russia (Four Noses?).

    2. amanfromMars 1 Silver badge

      Re: Yeah Sure... @kmchaig

      Quite so, kmchaig, .... if you’re not in [the Great Game with Greater IntelAIgent Games for Work, REST* and Play], you can never Win Win and Triumph against all Odds and Sodding Janusian Opposition Assuming the Role of Effective Competition.

      Who Dares Care Share Win Wins Wins with Absolutely Fabulous FailSafe 0Day Losses.

      * ....REST is an acronym for REpresentational State Transfer

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like