Ep 3: The Most Dangerous Time in American History - To Catch a Thief: China’s Rise to Cyber Supremacy

Summary5 min read

Summary of "To Catch a Thief: China’s Rise to Cyber Supremacy"
Episode 3: The Most Dangerous Time in American History

Release Date: March 24, 2025
Produced by Rubrik in partnership with Pod People
Host: Nicole Perlroth

1. Introduction: The Kate Machine and Welding Incident

The episode opens in Belleville, Wisconsin, at Kate Machine and Welding, a long-standing family-owned machine shop. In 2015, the shop became an unwitting pawn in a sophisticated Chinese cyber espionage operation.

Nicole Perlroth describes the setting:
"[00:04] Drive past the dairy farms, corn fields and horse pastures and you'll eventually arrive at Kate Machine and Welding in Belleville, Wisconsin."
Steve Category, the third-generation owner, recounts the intrusion:
"[00:34] We had probably 15 people working at our shop... all of a sudden someone shows up and they're ripping apart the server room..."

2. The Evolution of Chinese Cyber Espionage

Initially, Chinese hackers focused on stealing American trade and defense secrets by infiltrating servers abroad. However, as the Chinese shifted their operations domestically—where the NSA couldn’t monitor without court orders—the scale and audacity of their attacks grew.

Nicole Perlroth explains the strategic shift:
"[00:58] The Chinese were moving their operations to the United States... vulnerable servers like this one at Kate's shop became staging grounds for attacks."
Steve Category reflects on the shop being used as a funnel:
"[03:38] They were trying to get to the big ones... we were just a funnel for them."

3. Economic Reforms and IP Theft under Deng Xiaoping

The transformation began with Deng Xiaoping’s 1978 policies, which aimed to modernize China’s economy through "reform and opening." This period marked the beginning of systematic intellectual property (IP) theft to accelerate China's technological and economic advancements.

Jim Lewis provides historical context:
"[08:47] Deng inherited a China that was a mess... he started a gigantic espionage campaign to steal intellectual property."
Evan Medeiros discusses China’s economic priorities:
"[09:28] The most important story of China over the last 40 years is the period of reform and opening that started in late 1978."
Nicole Perlroth highlights the joint venture requirements:
"[12:11] Western companies had to enter joint ventures with Chinese counterparts, leading to forced technology transfer."

4. Systematic Impact on US Businesses

American companies like DuPont and McDonnell Douglas became targets of relentless IP theft. These breaches weren’t limited to high-tech industries but spanned various sectors, undermining entire business lines and facilitating the rise of Chinese competitors.

Matt Turpin shares his experience with DuPont:
"[22:22] Germplasm is just plant DNA... China kept everything, including proprietary technology and training."
John Bedbrook comments on Shenzhen’s transformation:
"[13:23] Shenzhen, widely known as the Silicon Valley of China, is the engine room of the country's technology and innovation."
Nicole Perlroth notes the economic gamble by American companies:
"[28:11] Why American companies like DuPont and McDonnell Douglas turned a blind eye was simple: the financial incentives outweighed the risks."

5. The Internet’s Role in Espionage

The advent of the Internet in the early 2000s provided Chinese hackers with unprecedented access and opportunities to conduct large-scale IP theft. The lack of initial cybersecurity measures allowed for rapid and unchecked exfiltration of data.

Jim Lewis discusses the impact of the Internet:
"[29:23] They connected to the Internet and found it was like letting a pig into a candy store."
Nicole Perlroth emphasizes the lack of initial security:
"[29:55] The Internet was brand new technology, and the Chinese exploited its vulnerabilities from the start."

6. Notable Cyber Espionage Campaigns

Several major cyber espionage campaigns highlighted the breadth and depth of Chinese cyber operations:

Operation Aurora: Targeted Google and other tech giants.
Shady Rat: Spanned over 30 industries, stealing diverse data from multinationals to nonprofits.
"[39:27] Shady Rat's targets ranged from giant multinationals to tiny nonprofits across more than 30 industries."
Night Dragon: Focused on the oil and gas sector, targeting bidding data and field information to outbid Western companies.
"[39:58] Night Dragon hit more than 70 organizations, including several oil and gas multinationals."
Nicole Perlroth highlights the systematic nature:
"[37:10] This maps directly to their national priorities, made in China 2025 and their five year plans."

7. Consequences and Current State

The cumulative effect of these cyber espionage activities has been the hollowing out of American industries and the meteoric rise of Chinese corporations like Huawei. The theft of IP has enabled China to leapfrog in technological advancements, posing significant national security threats.

Jim Lewis links IP theft to the rise of Chinese powerhouses:
"[33:17] Nortel's IP was raided by Chinese hackers, leading to Huawei becoming the world's biggest telecom."
Steve Stone illustrates the complete takeover of a plant’s operations:
"[38:02] We saw a US company's plant in China mimicked exactly by their Chinese counterpart, effectively stealing the business."
John Holtquist underscores the broader impact:
"[40:35] Chinese IP theft has enabled China to replicate and surpass American technological advancements, weakening US industry."

Notable Quotes

Steve Category:
"[03:58] They would never think twice about little old Kate Machin and welding trying to access their server, apparently."
Kevin Mandia:
"[06:53] Theft of IP was a game changer. Chinese hackers weren't there for state secrets. They were there for commercial gain."
Evan Medeiros:
"[07:06] Regular espionage... does not involve picking winners, but China's approach was different—stealing IP to bolster their economy."
Jim Lewis:
"[15:49] When we steal technology, we are building our economic base. We are building our national security."
Dmitri Alperovich:
"[30:49] This is the greatest transfer of wealth in history that is impacting us."
Kevin Mandia:
"[32:41] They didn't alter log files or delete files. They let you know they were there, stealing terabytes of data."

Conclusion

Episode 3 of "To Catch a Thief" delves deep into the systematic and economically motivated cyber espionage orchestrated by China against the United States. Through personal stories, expert insights, and historical context, the podcast underscores the profound impact of IP theft on American industries and national security, painting a sobering picture of the digital battlefield in the age of cyber supremacy.

For more detailed insights and firsthand accounts, listeners are encouraged to tune into the full episode.

Loading summary

Transcript98 lines

[00:05]
Nicole Perleroth
Drive past the dairy farms, corn fields and horse pastures and you'll eventually arrive at Kate Machine and welding in Belleville, Wisconsin. 2,500. For more than 50 years, the Cates have welded fertilizer tanks, jet fighter parts, cheese molds, even a farmer's broken glasses. They thought they'd seen it all until the day a few strangers knocked on their door in 2015.
[00:34]
Steve Category
We had probably 15 people working at our shop. Everyone knew the project you were working on. So when all of a sudden someone shows up and they're ripping apart the server room, everyone wants to know what's going on. I'm Steve Category and I'm the third generation owner of a small family machine shop called Kate Machine and Welding.
[00:58]
Nicole Perleroth
The men knocking on the Kate store had spent their early careers at the National Security Agency, the nsa. At nsa, they'd watched as Chinese hackers brazenly made off with American trade and defense secrets, pulling them back to servers in China. But increasingly, the Chinese were moving their operations to the one place the NSA couldn't look. The United States. Where they started setting up shop. And vulnerable servers like this one. In this dusty back office at the Katz Welding Shop, the NSA can't look at domestic traffic, at least not without a court order. And as the Chinese began staging their attacks from American servers, the NSA started going blind. A few analysts got so frustrated that they left the agency to start a private company called Area 1. Their company worked with everyday unwitting Americans whose servers had been compromised by China servers the Chinese were now using to stage these attacks. At least from the private sector, these analysts could trace the attacks and when possible, block them at the source.
[02:13]
Steve Category
So they asked if they could put a server monitoring our server and just spy on the spies and it wouldn't cost us anything or affect us. Just continue business as usual. And that was the last we heard from them for months.
[02:34]
Nicole Perleroth
On the day I visited The Cates, Area 1 sensor lit up. It showed real time connections to America's biggest brand names and fastest growing Silicon Valley startups. As a condition of witnessing the inflow and outflows from this one server, I have agreed not to name specific victims. But I watched firsthand as Chinese hackers leapfrogged from the K8 server to a major American airline, a Silicon Valley food delivery startup, a major Manhattan law firm, and some of our most elite university research labs. It was nauseating watching the CCP cart off America's crown jewels. Billions worth of R and D, cutting edge research, source code, all of it moving through the cade's dusty server here in Wisconsin. Back to China. And on the off chance, one of China's targets flagged some strange traffic coming from a Wisconsin welding shop. Well, who would suspect the Kates?
[03:39]
Steve Category
They were trying to get to the big ones. And they would never think twice about little old Kate Machin and welding trying to access their server, apparently. So that's why they did it. But yeah, I mean, we were just a funnel for them.
[03:58]
Nicole Perleroth
At that very moment, I was watching China raid our most valuable ip. And Americans, still livid from the Edward Snowden disclosures, were decrying NSA overreach, demanding that government stay the hell out of Americans private communications. Stop watching us. Stop watching us. With the US Capitol as their backdrop, protesters turned out by the thousands with one message for the US Government. Stop watching us. The Cape server and thousands like it across America, from welding shops to Texas saddleries, was precisely where the NSA couldn't look. As for China, well, that made it the perfect cover.
[04:43]
Steve Category
I don't know what year the Dark Knight came out. There's a scene in there where Bruce Wayne has to catch the bad guy, and so he taps into everyone's cell phones and uses them as a big spy device. And I remember thinking, like, this reminds me of what we went through. Like, no one wants it to happen until there's chaos, and then it's like, ooh, what do we do now?
[05:10]
Nicole Perleroth
In the game of spycraft, it's still perfectly acceptable to break into government agencies, even defense contractors. But what the Chinese were doing, breaking in, siphoning off billions, trillions of US Trade secrets that broke all the rules. I'm Nicole Perleroth, and this is to catch a thief.
[05:39]
Kevin Mandia
So it wasn't just hacking for security reasons, which the defense industrial base, to me would be between the goalposts for fair game for espionage. And I think everybody would nod to that and go, yeah, that's fair game. They make weapons, they make planes, and for security purposes, you may want to know, what's the next weapon system going to look like? So you hack in and find out. But why would you hack a beverage company? Or why would you hack somebody that is in entertainment? Those reasons were because a lot of these places were doing mergers and acquisitions in China. So it was clear to us there's economic reasons behind these intrusions as well.
[06:16]
Nicole Perleroth
That was Kevin Mandia. In the early 2000s, his team of incident responders at Mandiant started getting more and more calls from businesses, hundreds, then thousands of them, frantically calling for Mandiant's help in rooting Chinese hackers out of their systems.
[06:34]
Kevin Mandia
The bottom line is if you made something that could help sustain the health and welfare of 1.3 billion people, you got targeted. You know, if you made some heat tolerant crop of some kind, if you made certain chemicals or things that were critical, you were fair game to what they wanted to accomplish in theft of ip.
[06:53]
Nicole Perleroth
Theft of ip, that was a game changer. Chinese hackers weren't there for state secrets. They were there for commercial gain.
[07:06]
Evan Medeiros
Regular espionage, what we consider to be fair game is listening into the phone calls or reading the emails of officials of other governments to understand what their strategic intentions are, what their policies are as a way to give the US an advantage in great power competition. That's what Garden bride espionage is all about. You want to know what the other side is doing and thinking, and especially what they don't want you to know. The National Security Agency does not hack into Chinese companies or the Chinese government and turn around and give it to Google or Apple or General Motors. Just doesn't happen.
[07:46]
Nicole Perleroth
That was Evan Medeiros, former China director at the National Security Council and Obama's lead China advisor. He makes a critical distinction. Spies spy, that's what they do. What they don't do, at least not in a free market economy, is pick winners. Say the NSA was in position to get the latest in ad tech, who would they pass it to? Dupont or Monsanto? Or say the Chinese made a significant AI breakthrough, who would the NSA pass that to? Microsoft or Google? That's just not how a free market works. But in China's socialist market economy, China's military and spy agencies could pass those trade secrets onto whichever Chinese enterprise stood to benefit most. And that is exactly what they did over and over and over again. But I'm getting ahead of myself. So Jim, why don't you introduce us to Deng Xiaoping?
[08:48]
Jim Lewis
We all know who Mao Zedong is, right? Great leader of China, currently popular again thanks to Xi Jinping, the current leader. Mao had some rather strong views about Marxism. One of the strongest views he had was that it would work. He was wrong on that, which was the problem. So when Dengue, who was Mao's successor, came in, he discovered that China was impoverished, it was bankrupt. It was so far behind the Soviet Union back then, the Soviet Union and the US that the Chinese were afraid they would never catch up.
[09:21]
Nicole Perleroth
That was Jim Lewis, who spent decades immersed in the issue of Chinese cyber espionage. Now here's Evan Medeiros again.
[09:29]
Evan Medeiros
So the most important story of China over the last 40 years is the period of reform and opening that started in late 1978. This was announced and pursued by Deng Xiaoping, known as the great reformer of China. And through this reform and opening policy, basically what Deng Xiaoping said was, we're going to open China and we're going to develop the economy. Because under Mao, we became so backward, backward economically, technologically. As a result, people's lives suffered and China lost influence internationally.
[10:07]
Nicole Perleroth
Under Mao, China was something of a hermit kingdom, cut off from global markets. Unlike its neighbors in Japan and other emerging Asian economies, Mao's mismanagement had left China reeling from a widespread famine that by some estimates killed as many as 14 million. When Deng came in in 1978, China's economy and technology lagged decades behind the West. Back to Jim Lewis.
[10:36]
Jim Lewis
Deng inherited a China that was a mess, and he came up with two ways to fix it. The first was to open the Chinese economy to the West. Let American companies, European companies, Japanese companies invest. The second was to start a gigantic espionage campaign to steal intellectual property and to use that as the basis for China to build its own capabilities.
[10:59]
Nicole Perleroth
For the party to retain power, Deng knew he would have to prioritize economic growth. It's what scholars call performance legitimacy. If people are suffering, they'll demand change. But if their economic prospects are good, they'll have fewer reasons to challenge the status quo. So Deng set about a period of reform and opening. But rather than go full capitalist, he opted for a socialist market economy, Essentially central state planning with free market perks. China's state owned enterprises were restructured and companies were allowed to operate based on free market principles. Here's Evan Medeiros again.
[11:42]
Evan Medeiros
And so, for much of the last 40 years, economic development has always been the ultimate top priority. Economic development was essential to not only growing the Chinese economy and giving the Chinese people a better standard of living, improving their lives, but it was central to the legitimacy of the Chinese Communist party. If they were going to claim to continue to be in power, one of the sources of that was improving people's lives.
[12:12]
Nicole Perleroth
Deng welcomed Western investment with a few caveats. Westerners rushed at the chance to take advantage of China's low cost labor and crack open a consumer market more than a billion strong. But first, movers like Coca Cola and General Motors couldn't just set up shop in China. Beijing forced foreign companies to enter into something called a joint venture with their Chinese counterparts and capped their ownership at 49%. This gave Chinese companies access to Western technology and the chance to learn from foreign experts expertise. For American, European and Japanese companies, this basically entailed forced technology transfer. Many deluded themselves into thinking they could manage the loss of IP for the reward of partaking in China's growing market. Deng's reforms resulted in China's economic miracle. Tiny fishing villages like Shenzhen transformed into global manufacturing powerhouses. This is the Chinese megacity of Shenzhen, a gleaming monument to China's economic miracle.
[13:23]
John Bedbrook
Shenzhen, widely known as the Silicon Valley of China, is the engine room of the country's technology and innovation.
[13:31]
Nicole Perleroth
Once a small fishing town, the city has gradually become a global hardware center and tech hub.
[13:38]
John Bedbrook
And the population has reached 30 million.
[13:41]
Nicole Perleroth
China's economy grew nearly 10% every year after Deng took over, lifting millions of Chinese out of poverty. What was once a poor agrarian society became the world's largest trading partner and today the world's second largest economy. But China wasn't content to be the world's manufacturing closet. The CCP's leaders were determined to see to it that China become an innovator in its own right. Indigenous innovation became a national priority. They announced a series of initiatives like Made in China 2025, a national policy to transform China from a manufacturer of cheap, low quality goods to a leading innovator in critical industries like next generation technology, clean energy, robotics, AI. Every five years, the Party dictated a new list of economic priorities. In their Five Year Plan, you had.
[14:43]
Jim Lewis
The government telling people what to do. And China more or less, but much more skillfully copied this Soviet model of state planning. And the Five Year Plan is a decision on where China thinks it should invest its money, where it should force its companies to go, what the government should do. We have Wall street, they have Beijing. You can judge which one works best. But it's their economic plan for what their will do.
[15:14]
Evan Medeiros
China was going through this process of trying to move up the value chain in production, needed access to R and D and production expertise that it didn't have. So the Chinese government started stealing it. For Chinese companies, at least some of.
[15:29]
Jim Lewis
Them were thinking, how do we leapfrog the wicked Westerners?
[15:34]
Nicole Perleroth
Corporate thievery has always offended our Western sensibilities, but China sees things differently. China's leadership not only rationalized IP theft, it became a national priority.
[15:49]
Jim Lewis
We had a senior defense official who said to the Chinese, look, you spy on us, we spy on you, we get it, everybody does that. What we don't do is we don't steal technology, we don't steal intellectual property, and we'd like you to stop. And a senior PLA colonel said, you have this firm line between political military espionage and technological espionage. That line doesn't exist for us. When we steal technology, we are building our economic base. We are building our national security. And so at that moment, I thought, hmm, it's gonna be tough to get these guys back on the ranch.
[16:25]
Nicole Perleroth
Why should Chinese companies spend decades and billions on R and D when they could just as easily steal it from foreigners for free? Here's John Holtquist, Mandiant's chief intelligence analyst. So imagine if you can just drop them, like where the efficiency here is enormous. And how much does it cost to.
[16:45]
Dmitri Alperovich
Steal a million dollars worth of intellectual property? Based on my understanding of the space, it's peanuts. The efficiency is enormous.
[16:55]
Nicole Perleroth
Scholars say the ccp. He also felt justified in stealing Western technology as reimbursement for what China calls its century of humiliation. When European powers occupied China, the century was actually closer to 110 years.
[17:14]
Matt Turpin
Hook ended by the First Opium War and the rise of Mao's China. It was marked by foreign interference, invasion and destruction at the hands of foreign powers.
[17:25]
Nicole Perleroth
What Americans consider unethical thievery, the CCP views as reparations.
[17:31]
Jim Lewis
There's this sense that the displacement of ownership that they're owed for the imperialism of the 19th century.
[17:39]
Evan Medeiros
The idea of taking this from the United States wasn't thought of as this major infraction. And it was motivated in part by this Chinese belief that. That we China, had been subject to shame and humiliation at the hand of foreigners for so many years. Now is our time. So there was almost a sense of self legitimizing this IP theft, like as if we China, had been held back. We're trying to get ahead. So stealing this stuff is really not so bad. And these foreigners have so much to offer anyway.
[18:13]
Jim Lewis
And it goes back a long time. I was reading some memoirs from a British diplomat assigned to China in 1900, and he said that one of the things that impressed him was when a new British product showed up. There was a Chinese copy within a matter of weeks. So this has been going on for more than a century.
[18:32]
Nicole Perleroth
The theft was so blatant at times it almost felt like they were daring their Western counterparts to do something about it.
[18:40]
Jim Lewis
One of the things about the Foreign Service is you change jobs every two or three years. And so I got into a new job, and the very first day we had a meeting on McDonnell Douglas, now owned by Boeing. McDonnell Douglas built a plant in Shanghai. And the McDonnell Douglas guy said, you know, every morning when we come in, it's kind of like a fairytale. Every morning when we come in, things have been moved a Little bit. And so your government, being a bit paranoid, put cameras in the ceiling. The standard trick, by the way. So I'm not giving anything away. The Chinese should have known better. Put government cameras in the ceiling and recorded the fact that every night the Chinese came in, disassembled every machine, took pictures of it, took pictures of what was being made, and it was like, holy cow. So that was the introduction for me for Chinese espionage. That was 26 years ago. That's been part of their growth plan since Deng xiaoping, since the 1980s. They don't have the same sort of sense of ownership that we have.
[19:47]
Nicole Perleroth
The McDonnell Douglas story was hardly unique. This level of thievery had become systematic under China's joint venture requirements meet John Bedbrook.
[19:59]
Matt Turpin
My name is John Bedbrook and I was formerly head of biotechnology at DuPont.
[20:08]
Nicole Perleroth
In the late 1990s, DuPont's primary business was corn. Corn genetics really. DuPont had figured out a way to make super varietals of the crop that could withstand drought, disease, fungi, pests, and ultimately increase farmers yield. And dupont was determined to bring that same know how to rice. China was the obvious place to start.
[20:33]
Matt Turpin
We went to China to form this venture because, you know, rice was not a big crop of what was then pioneer hybrid seed, which was owned by DuPont. It was largely a corn seed company. You know, we thought it would be smart to go where the market was.
[20:51]
Nicole Perleroth
Here's what you need to know. China holds 20% of the world's population, but only 10% of its arable land. Food security, really, the means to efficiently grow staples like rice is the top national priority. That partly explains why China was an early pioneer in hybrid rice, where you cross breed two distinct rice strains to produce a super efficient varietal. But China's Cultural Revolution devastated that progress. Mao villainized China's scientists and skilled ag workers. Most were forced to abandon their work. Many were sent to rural labor camps. Research institutes were shuttered or repurposed for political indoctrination. This is how those millions died from famine. By the time John first set foot in China, he was shocked at the state of things.
[21:50]
Matt Turpin
You know, all of the geneticists and breeders had had to go off in the Cultural Revolution to work on farms and so and so forth, and were no longer available to provide breeding expertise to the seed companies. Plant genetics and plant varietal development was in very poor shape in China. And so that was the reason that they were so open to having the major players in the United States invest obviously in germplasm development in China.
[22:23]
Nicole Perleroth
Germplasm is just plant DNA. Dupont specialized in corn and soy breeding. If it could bring its proprietary germplasm to China's hybrid rice market, that was a multi billion dollar opportunity. But remember, dupont couldn't just come set up shop in China. China forced them into a joint venture.
[22:45]
Matt Turpin
We had to be minority holders and we decided to work on rice and develop ways of creating malsterles that were very efficient and would lead to a broader germplasm input into hybrid rice in China.
[23:06]
Nicole Perleroth
It wasn't just dupont's billions of dollars worth of proprietary know how. They brought DNA vectors and seedlings. They trained up dozens of Chinese engineers in their implantation process. For three years everything went swimmingly until the day it didn't.
[23:25]
Matt Turpin
In China, it's kind of a permit per experiment. So you design an experiment and you apply to the government for a permit to do that experiment. And we proceeded along this sort of line for several years and then suddenly they just ghosted us. They no longer were providing us with permits and not explaining why they were not giving them.
[23:54]
Nicole Perleroth
John couldn't make sense of it. In effect, China was shutting them down. He never got an explanation and it wasn't for lack of trying. He knew several higher ups in China's ag world from his student days in Cambridge and he chased every last one of them down.
[24:12]
Matt Turpin
When the permits stopped coming in, we had to lay everybody off and that was the end of the company. And you know, I spent quite a considerable amount of my time visiting members of the National Chinese Agricultural Academy trying to seek an explanation for, for what was going on. I sort of bothered them for months and finally they just said, we're sorry, we can't help you. And that was basically the end of the story. Yeah.
[24:45]
Nicole Perleroth
Did they give you any color at all about why the permits weren't getting approved anymore?
[24:54]
Matt Turpin
No, they were very cautious about what they said. They just said they couldn't help me.
[25:00]
Nicole Perleroth
And what was it like to just sort of lock up the place and walk away? What's that feeling like when you invest three years of your life into this breakthrough project? It just completely stalls one day and then you just have to lock up the place and abandoned asset?
[25:22]
Matt Turpin
Well, first of all, it feels devastating. Second of all feels unbelievably wasteful.
[25:29]
Nicole Perleroth
Container ships of rice were left to rot. Those Chinese engineers DuPont trained, they quietly left, taking all DuPont's IP, its methods, all their training with them. China kept everything.
[25:45]
Matt Turpin
Obviously, technology comes off patents and it becomes generic. But this was far from generation technology. It was proprietary technology. And, you know, it's hard to estimate the cost of that buildup. But the total investment in developing genetic engineering for crops was billions of dollars.
[26:11]
Nicole Perleroth
Some of those very same Chinese engineers started up their own labs, some right down the street. They thrived. Meanwhile, dupont went to US authorities who said there was really nothing they could do. And executives didn't have the stomach to press the issue further. Dupont was still managing other joint ventures in China. Word from on high was best not to rock the boat.
[26:38]
Matt Turpin
You know, I was totally miserable about the whole affair. I mean, obviously it wasn't the most important thing that we were managing, but it was just the way it was sort of ended, seemed terribly unfair and inexplicable. And I guess to be take a cynical point of view, they got to a point where they said, okay, we've had enough of their help. Let's just do it ourselves from here on out. It's not just a specific example where our particular methodology was adopted and then mysteriously disappeared. It was multiple cases. I mean, I visited companies that were. Their mission was simply to reproduce the work of Monsanto and other U.S. agricultural enterprises that had invested in developing the technology of genetic engineering. And then they were building the same insect resistant and herbicide resistant plants. It was just blatant. I mean, I guess the sort of attitude is that, you know, this is for China, so, you know, it's okay, but clearly, you know, if you want global intellectual property to be meaningful, it's clearly not okay. And now China is a major investor, probably the major national investor in agricultural technology.
[28:12]
Nicole Perleroth
Now, you may be wondering why American companies like DuPont and McDonnell Douglas were willing to turn a blind eye here, or why American administrations didn't do more to push back entire business lines. And billions of dollars worth of R and D were getting swept. Spies were literally rolling into private facilities in the dead of night and stealing everything. The answer, of course, is money. There was simply too much to be made in China. Short term, no American business was willing to say or do anything that might turn off the spigot, even if long term, it risked hollowing out entire industries.
[28:59]
Jim Lewis
Well, there was a lot of concern about what should we do? And there was a strong sentiment. You see this a lot in administrations. China is a big market. There's a lot of money in China. And so there are people who will say, oh, boys will be boys. It's just espionage. You know, let's not rock the boat too much.
[29:24]
Nicole Perleroth
This was a big gamble. American companies bet that so long as they continued to out innovate the Chinese, they could mitigate their losses inside government. US administration after administration mistakenly believed that China's economic liberalization would inevitably bring about a political liberalization, as that China would adopt international norms of behavior, cut out the spying and end the theft of IP. Enter the Internet.
[29:55]
Jim Lewis
It went on for 20 years and then a godsend came along. For the Chinese, the godsend was they connected to the Internet. They connected to the high speed networks. This was early 2000s. What they found is while the Americans were very excited to have created this Internet thing, they had forgotten to lock it down. It's a brand new technology. You didn't think that the old rules where China was far away, it's actually about 10 milliseconds away. It was like letting a pig into a candy store. The Chinese had a field day and it's been like that ever since.
[30:36]
Nicole Perleroth
At a certain point in the early 2000s, the Five Year Plans became a roadmap for for China's state sponsored hackers. Here's Dmitri Alperovich who started tracking these thefts in their infancy.
[30:49]
Dmitri Alperovich
Time and again, something that's often been repeated, that this is the greatest transfer of wealth in history that's taking place that is impacting us. And you have this huge sucking noise of all of our intellectual property and trade secrets just moving over to China and eventually they'll be able to use it to outcompete us. And literally both industry and government folks telling me, oh, don't worry, we have the innovation, as long as they keep stealing. This is literally what someone told me, as long as they keep stealing, they can't innovate. And I was like, what are you smoking? I mean, of course they can. Of course, if you short circuit your research and development, if you steal someone's IP and you know what works and crucially, what doesn't work, then you can innovate on top of this for years.
[31:30]
Nicole Perleroth
The theft was blatant. Unapologetic. Subtlety was not high on the list of priorities at the times. I got my hands on a US National Intelligence Estimate, a classified report that represents a consensus of all 18 US intelligence agencies. Their 2009 report ranked countries by their cyber prowess in terms of skills. The assessment found that Russian hackers were the best. Chinese hackers were deemed pretty basic. But still, the assessment determined China represented the gravest cyber threat to the United States. Not so much for their skills, but for the sheer volume of their attacks.
[32:12]
Dmitri Alperovich
The tradecraft, by and large wasn't that good. And the reason it wasn't that good is because it didn't need to be because no one was looking for them. I just told you how the industry was so myopic and understanding this threat, so you didn't really need to try hard to succeed, so why would you? It's just not a good return on your investment to expend all this effort being stealthy and caring about being discovered when all you wanted to do is just do a quick hit and run, right, and grab your data and go.
[32:40]
Nicole Perleroth
Here's Kevin Mandia.
[32:42]
Kevin Mandia
I used to describe them as the most polite hackers in cyberspace because they didn't alter log files, they didn't delete files, they didn't change your data. They kind of let you know they were there, you know, stealing terabytes of data. And after a while I started wondering, do they think they're doing anything wrong?
[33:00]
Dmitri Alperovich
You know, it wasn't just the IP theft, it was the trade secrets relating to pricing data, customer data, things that they could use to out compete in the marketplace.
[33:10]
Nicole Perleroth
Jim Lewis can draw a direct line from Chinese IP theft to the rise of what is now a Chinese powerhouse.
[33:17]
Jim Lewis
The classic story is Nortel, a company that no longer exists.
[33:22]
Nicole Perleroth
In the early aughts, Nortel's fiber optics equipment was the world's envy. 70% of the world's Internet traffic ran through Nortel. For Beijing, that made it more than just an economic rival, that made it a national security threat. North American vendor Nortel is the first.
[33:41]
Dmitri Alperovich
Major telecoms victim of the global economic crisis.
[33:44]
Steve Category
Once the largest company in Canada has filed for bankruptcy protection.
[33:47]
Steve Stone
Also victimized by the deepening economic slump.
[33:50]
Nicole Perleroth
Missing from these obituaries was the fact that Nortel's IP had been raided by Chinese hackers.
[33:57]
Jim Lewis
Huawei, assisted by the Chinese state, broke into Nortel, hacked their networks and Nortel told me that sometimes they would come up with a technology and before they could get around to manufacturing it, they would see a Chinese company put it on the market before you can see the benefits. You didn't have to spend on R and D, you didn't have to do all the personnel stuff, but you got the technology. So Nortel's a classic example, and it's a strategic one because the Chinese carefully thought about what if we forced everyone to use Chinese telecom infrastructure, will that give us an advantage in signals intelligence? And the short answer is yes.
[34:40]
Nicole Perleroth
The details of Nortel's hack are now well known. Nortel's IT team discovered Chinese hackers inside their systems back in 2004. When they alerted executives, there just wasn't much urgency to do what it would take to kick them out and keep them out beyond changing up a few passwords. Ultimately, Nortel's investigators said they watched China card off thousands of critical product schematics, sensitive emails, key business strategies. Five years later, Nortel started getting massively underbid on a series of contracts by their Chinese competitor, Huawei. Nortel is now long gone. Huawei is now the world's biggest telecom.
[35:22]
Jim Lewis
And that's part of the reason we have so many problems today is that the Chinese developed a very successful model, let's call it the Huawei model, and they're reluctant to give it up. White House paint is another example. Fiber optic cables is another example. High speed trains is another example. You can find places where the Chinese state encouraged companies to go into a business and provided them both with financing but also with intellectual property.
[35:53]
Nicole Perleroth
If, like me, you're asking yourself, why would China go to such great lengths to steal white paint? It actually came up in a number of interviews like this one with Matt Turpin, a senior China advisor under both Obama and Trump 1.0.
[36:11]
John Bedbrook
It spans sectors and industries across the entire US economy. This is not simply directed simply at the most advanced military aspects, but it's things like dupont and their secret recipe for making white paint, which had been a very valuable product for them. And then they see that it's stolen and that entire line of product is sort of taken away from them. We might think to ourselves, well, white paint is not that big a deal, but there's quite a bit of intellectual property that goes into making something that can stay bright white for long periods of time and, and why that would be valuable. And those are the kinds of things that got stolen. And the US government has had very little recourse to be able to go after those.
[36:53]
Nicole Perleroth
The CCP deployed that Huawei model against thousands of Western companies. China would announce its next five year plan and almost immediately threat researchers like Dmitry would watch Chinese hackers race to crack. Every company enlisted industries.
[37:11]
Dmitri Alperovich
This maps directly to their national priorities, made in China 2025 and these different five year plans that they've had. And the industries that they thought were strategic were exactly the industries that they were going after.
[37:24]
Nicole Perleroth
Here's Jim Lewis again.
[37:25]
Jim Lewis
You can map not perfectly, but pretty good, the targets set in the five year plan to the targets of Chinese espionage. So they'd say we want to have a powerful electric car industry. And astoundingly, espionage against electric car companies would go up. We want to have our own domestic jetliner. So there was a link between Chinese economic planning and Chinese cyber espionage.
[37:50]
Nicole Perleroth
It wasn't long before victims of these breaches started to crumble. Here's Steve Stone, who's tracked Chinese campaigns in government at Mandiant, Rubrik and now Sentinel One.
[38:02]
Steve Stone
We were working with a victim entity, and they said, hey, listen, we need you to actually hear this with your own in your own ears. And we're on the zoom with the head of the plant of this US Based company, and they had a plant in China because they want to do business in China. And the way that works is you have to have a Chinese business partner that has at least 51%, and you have 49. So they're. They're meeting with their Chinese counterpart who is their business partner. And their counterpart had built a plant that was the exact same plant the US Company had built down to an actual error. The US Company had messed up the paint and the ceiling pipes, and it was a certain color. Shouldn't have been. Well, the exact plant had the exact same color problem. And so we're literally on the zoom call. And it was very apparent that the business had just been stolen. The entire business was stolen. And we thought it was tied to this hacking event. And we were actually laying out, like, yeah, we can show you where they actually took that paint sample as part of this overall plan. Like, all cards are on the table. And what became very apparent out of that was, there's nothing we were going to do on the incident response side. Like, it's over, it's a wash. We're not going to change anything for that company.
[39:08]
Nicole Perleroth
Even when companies discovered they'd been hacked this badly, they never disclosed it. But one year after Google's breach, the one Dimitri called Operation Aurora, he traced a series of breaches back to two other massive Chinese cyber espionage campaigns. The first he called Shady Rat.
[39:27]
Dmitri Alperovich
In Shady Rat, it was, you know, every industry that they were trying to steal a piece from.
[39:32]
Nicole Perleroth
Shady Rat's targets ranged from giant multinationals to tiny nonprofits across more than 30 industries. China's hackers stole everything from emails and design schematics to legal contracts and negotiation plans. The second campaign, he called Night Dragon, and it hit more than 70 organizations, including several oil and gas multinationals.
[39:58]
Dmitri Alperovich
It was oil and gas bidding data that the Chinese were looking to get so that they could outbid these Western companies on major exploration projects.
[40:07]
Nicole Perleroth
That bidding information and field data could be worth billions of dollars to a competitor, which is why the Chinese were so determined to steal it. But Demetri was just looking through straws at a much bigger problem. In hindsight, if they'd known where to look, if those of us in media had better connected the dots, we would have seen Chinese hackers slipping out with enough IP to leapfrog a superpower.
[40:35]
John Holtquist
And that time period was the most dangerous in America's history. I think as we really got a superpower elevated, probably 50 years of IT advancement in a five year period, some number like that, because developing all that on your own would never have happened. And in my opinion, America's companies would have dominated China had they not been able to build their own Chinese companies with the IP they stole. When you start to look at it through the lives of people like that who lost their jobs, had to go on Social Security, or had to migrate out of the cities because of the Chinese espionage, it's a real factor.
[41:17]
Nicole Perleroth
That's next on To Catch a Thief. Follow To Catch a Thief to make sure you don't miss the next episode and if you like what you hear, rate and review the show. To Catch a Thief is produced by Rubric in partnership with Pod People, with special thanks to Julia Lee. It was written and produced by me, Nicole Perleroth and Rebecca Chasson. Additional thanks to Hannah Pedersen, Sam Gabauer and Amy Machado. Editing and sound design by Morgan Foose and Carter Wog.