FBI boss: Never mind Russia and social media, China ransacks US biz for blueprints, secrets at 'surprisingly' huge scale
'Espionage and criminal investigations ... almost all of which lead back to Beijing'
RSA While Russian hackers, Kremlin-backed or otherwise, grab the headlines, China remains the biggest cyber-security threat to America, FBI director Christopher Wray warned today.
Speaking at the RSA Conference in San Francisco this morning, Wray said the scale of Beijing's government-orchestrated online espionage is greater than that of any other nation state. The Middle Kingdom's spies are attacking US corporate computer networks, and plundering systems for blueprints and other top-secret intellectual property, at an unprecedented rate, the FBI boss claimed.
"Of all the things that surprised me since taking on the directorship, it was the breadth and depth and scale of the Chinese counterintelligence threat," Wray said.
"We're investigating espionage and criminal investigations in nearly all 56 FBI field offices, almost all of which lead back to China. For too long, the US has been focused on the threat China poses. There's nothing like it."
Oh no Xi didn't?! China's hackers nick naval tech blueprints, diddle with foreign elections to boost trade – new claimREAD MORE
When asked if there was a political element to such claims, in light of the ongoing trade row between the White House and Beijing, Wray was dismissive. The FBI is an independent agency, he said, adding, "If we find someone doing crimes, we will go after them, and I don't really care what a foreign government has to say about it," to warm applause from the conference crowd.
Russia's online meddling is still an issue, Wray said, but it mainly targeted social media and other internet forums to "sow divisiveness and discord, and undermine faith in democracy." These efforts were curtailed somewhat by Uncle Sam's cyber-warriors during the midterm elections, and the FBI is bracing for more Kremlin-masterminded inference and mischief when the 2020 elections roll around.
The Feds have had a lot more help from tech giants in countering Russia's social-media shenanigans than they have had in the past, Wray noted, and overall the public-private partnership was working well. He recalled the time a list of British and US military personnel was stolen and passed onto Daesh-bags in Syria as a kill list – a case Wray said would not have been cracked without the help of private industry.
Now about encryption backdoors
Possibly in light of his audience, Wray insisted the FBI doesn't want to weaken encryption nor demand surveillance backdoors in software and other products – his predecessor, on the other hand, wanted the front-door keys to the world's crypto-systems. However, Wray still expects his agents to somehow be let in to inspect private encrypted chatter and data when investigating terror threats and foreign snoops, without undermining people's personal security.
"I'm well aware this is a provocative subject, and my first approach is that we aren't combative," the FBI boss said. "It's a public safety issue. We are a very strong believer in strong crypto, but we are duty bound to protect American people. This can't be a sustainable end state, an unfettered space for terrorists and spies to hide their communications."
In the last year, Wray said, he had seen increasing signs the technology community and law enforcement were talking more reasonably about this. There may well be a way to combine strong encryption and lawful intercepts he said, if people are willing to put their heads together.
Wray finished his keynote with a plea for more recruits to join the FBI and serve their country.
"The grass is browner on this side of the fence but there's no greater challenge," he said.
"We are more selective than some ivy league colleges, and had a 0.5 per cent staff attrition rate last year – very few organisations have that. Getting up in the morning and going to work to defend the Constitution keeps people motivated, and I would stack our crew against anyone else in the world." ®
Sponsored: Becoming a Pragmatic Security Leader