As The AI Cold War Looms, Has Time Finally Been Called On China's Spy Industry?
Africa/Middle East, June 2018. The building, one of several tawny midsized structures on an industrial estate, sits a mile from the highway. Across the street, a strip of low-rent retail outlets and the rear entrance to a chain hotel. A gatehouse stands guard beside a single gap in average-height fencing. There is almost no traffic. Visitors cross from the hotel, through desert-like heat, without looking up. They hand passports and laptops through a window and wait for hosts to walk across the car park to meet them. Inside the building, there are rows of meeting rooms and offices with clusters of cubicles in between. Wall posters advocate mission and teamwork. If you didn’t know better, you’d assume this was a small software house rather than a national security collection agency.
Beijing might be more than 4,000 miles to the east, but this is one of the frontlines for China’s state-subsidized surveillance industry, its quasi-commercial spy machine. Far from the air-locked interiors of well-staffed buildings in Washington and London, in the world of interconnectivity and data-sharing, this soft national security underbelly is everywhere and anywhere. The era of open procurements across a globalized technology industry has made it frighteningly straightforward for a determined and organized state machine to extend its collection network. And China certainly has that.
This week, FBI Director Christopher Wray told a news conference that “the threats we face have never been more severe, or more pervasive, or more potentially damaging to our national security, and no country poses a broader, more severe long-term threat to our nation’s economy and cyberinfrastructure than China. [Their] goal, simply put, is to replace the US as the world’s leading superpower, and they’re using illegal methods to get there.”
The Extended Reach Of China’s National Security
China stands accused of state-sponsored, industrial-scale cybertheft of commercial and government IP, or of planting and recruiting sources in strategic Western organizations. If a target is cyber-secure, then IP theft reverts in whole or part to old-fashioned physical (read human) facilitation; the emerging facts around alleged operative Xu Yanjun illustrate this. But where a target organization is poorly protected, there’s no need. Cybertheft can be electronic and automated. Here, a collaboration (whether directed or generic) between the Chinese state and its leading companies ensures that technology is purchased and installed by the target. And this is done brazenly: the Trojan Horse is gift-wrapped inside a keenly priced project tender response document. Providing subsidized equipment to foreign agencies, to telecoms, resources, energy and critical infrastructure customers. Don’t ever think it isn’t all joined up – it’s determined and organized.
Accusations against China for industrial subsidies are rife, and in surveillance, there are four key areas within this strategy. First, national-level telecommunications equipment, essentially network backbones. Second, actual surveillance equipment, cameras, servers, switches, analytics. Third, ‘smart city’ type technology civil, transportation and enterprise security. And, finally, the tier two and tier three security agencies far from Washington and London, where security hurdles are lower and pricing more important. In a world of intelligence sharing and distributed collection, there is more than one way to breach the walls of the castle.
So, back to that national collection agency building in June. On this occasion, the focus is facial recognition to protect public spaces against terrorist attack. But it could just as easily be ‘lawful intercept’, cybersecurity, data warehousing, ITC infrastructure. The agency is running a process, an evaluation, against a specified requirement. After months of testing, a Chinese company makes the shortlist. It has shipped test servers inside the wire, onto the network. It has thrown engineering resource into the mix. It has committed months of investment.
When it looks like the contract is about to veer towards one of the non-Chinese options, the agency’s program manager takes the Western vendors to one side. “It doesn’t really matter what happens with the rest of the test,” he says, trying to be helpful. “The Chinese have said they won’t be beaten on price. They’ll pretty much give it away if they have to. You can’t compete.”
Within the surveillance industry, this is now commonplace in South East Asia, Africa, the Middle East, even parts of Europe. The SOP is broadly the same. Free trials and equipment. Unbeatable pricing. Seemingly unlimited numbers of Chinese engineers in matching polo shirts, flown across to support deployments. The numbers shouldn’t add up. Except they do. It isn’t meant to be commercial. It’s meant to be a national security strategy. And it has been immensely effective.
Ignorance Is Now No Defense
Hikvision is the world’s largest surveillance equipment manufacturer. Like ZTE, Dahua, Hytera, it has grown rapidly both at home and abroad. Huawei is much larger and more diverse than the others. Surveillance just one of its areas of focus. The usual arguments center on whether the companies are state-owned or state-controlled. That misses the point. Promoting the country’s national security is a duty across the board. Huawei is not state-owned, it insists that it’s not state-controlled. But it is a ‘national champion’, carrying obligations to support the government in return for public sector contracts, financing support, state protection.
The warnings against buying Huawei devices or deploying Hikvision or Dahua or ZTE or Hytera security equipment are certainly not new. But the latest twist in this long-running tale is AI. China has built itself an AI surveillance hothouse that is second to none. Staggering investment rounds. Access to seemingly endless state procurements of facial recognition, citizen monitoring, dystopian surveillance. The brute force oppression of the Uighur population in Xinjiang Province and the urban electronically enforced zero-tolerance policing in the major cities further east are testaments to organization and determination.
There are clearly two separate issues here, both of which are important. First, the national subsidization of exports within a critical industry, like security, damages the international market, creating a trading imbalance and skewing competition. Where genuinely commercial entities are pitched against state-supported alternatives, a race to the bottom on price does not incentivize innovation. Functionality drops to ‘just enough to (broadly) meet a spec sheet’. And, second, we are in an era of technology transformation in surveillance. The shift to cloud and edge capabilities. The deployment of IoT devices. And, above all, the acceleration of AI in scale and complexity. A national security strategy that looks to deploy a global platform of data networks, edge nodes and AI processing is clearly a prize to pursue. If the goal is superpower status, what level of investment becomes too much? Now, the millions of dollars required to enable keenly priced contracts in target countries and industries look seriously cheap.
Facial recognition is one thing. And placing a server onto a network another. But the real issue is the introduction of AI inside the wire. Because an AI can learn to collect, to steal; it can learn to compromise; and it can learn to hide. So, customers should maybe think carefully before buying AI from an organization that has obligations to actively support the national security interests of its home country, before allowing it free rein on their networks, inside their firewalls. And where those organizations are the so-called Chinese AI start-ups, the level of state ownership and control is part of the package: closed state procurements and state-facilitated investment rounds tells the tale.
None of this is new, of course. The US House of Representatives Permanent Select Committee on Intelligence initiated an investigation back in November 2011 which talked of “the threat posed to U.S. national security interests by vulnerabilities in the telecommunications supply chain… China has the means, opportunity, and motive to use telecommunications companies for malicious purposes.” Huawei and ZTE were singled out in the investigation’s 2012 report. And those two companies have also been front and center in headlines this time around.
Despite this, there has clearly been cynicism and denial in many quarters over the years. In the West, the “don’t know or don’t care” attitude is now harder to maintain. But take a customer like the one above, explain the potential risk in deploying Chinese equipment inside their security wire, and the likely response is “maybe, but it’s so much cheaper.” The agency accepts the risk. There’s every chance of a government to government arrangement anyway, at a higher level, that has arranged for Chinese direct investment into the country. In terms of subjugation, the ship (likely Chinese built) has sailed.
But in the last 12-18 months, events have escalated to a new level. US-encouraged bans on government procurements of Huawei and ZTE telecoms equipment, at a critical time with 5G imminent. Even the UK, long a defender of Huawei equipment and the Chinese giant’s flagship export foray, and with a special watchdog in place to evaluate their equipment, has come out and offered only “limited assurances“ as to the probity of the technology. And on the surveillance side, the beginnings of a backlash, again US-led, against Hikvision and Dahua and Hytera. Then there was the exposure of Chinese spy-chips, allegedly intended for the US supply chain. And, of course, proliferation allegations against Huawei’s CFO, leading to her arrest in Canada. The organizations involved deny any national security collusion, and Huawei has even pledged to spend $2 billion addressing British concerns. But with multiple countries now escalating their security measures against Chinese technologies, it seems unlikely that concerns will simply be managed away.
As AI Cold War Looms
The US-China trade war is making headlines, with tariffs, restrictions on technology imports and limits on investment, but it is the looming AI cold war that is driving behaviors. Russia’s President Putin said last year that “Artificial intelligence is the future, not only for Russia but for all humankind. It comes with colossal opportunities, but also threats that are difficult to predict. Whoever becomes the leader in this sphere will become the ruler of the world.” China’s ambition is that by 2030 the country’s “AI theories, technologies, and applications should achieve world-Leading levels, making it the world’s primary AI innovation center, achieving visible results in intelligent economy and intelligent society applications, and laying an important foundation for becoming a leading innovation-style nation and an economic power.”
We haven’t been here before. The surveillance industry has tolerated the uncommercial practices of Chinese companies because it has been seen as part of doing business. Now, maybe not for much longer. No one can purchase Chinese kit anymore with no awareness of the alleged issues. It’s become a mainstream headline. A mainstream issue.
As for AI, we are at the early stages of development and the implications are not yet commonly understood. What is inarguably true is that if an AI can teach itself complex games without instruction, then it represents an immense danger if given free rein inside an organization. An AI can learn to exploit a network. It can learn to take opportunities. To steal. To compromise. Maybe even to act. The physical or cyber theft of intellectual property is as nothing compared to the dangers of AI infiltrating networks and systems. Once they’re in, they’re in. There is no turning back.
So, if you’re an agency or a government department or a major commercial organization, and the Chinese surveillance equipment or, worse, the Chinese AI being proposed seems too good or too cheap, then think carefully. Why might that be?