A call to disrupt the People’s Republic of China’s economic espionage campaign against the United States was sounded in a new report by a Washington, D.C., technology think tank.
“China’s campaign of economic espionage against the United States spans cyber intrusions, insider theft, and technology transfer disguised as collaboration,” declared the report written by intelligence analyst and applied historian Darren E. Tromblay and published by the Information Technology & Innovation Foundation (ITIF).
“Washington must recognize that Beijing is operating an elaborate espionage ecosystem and take strategic measures to disrupt it,” it added.
China’s espionage ecosystem is systemic and strategic, it explained. From state intelligence agencies to nominally private firms, Beijing coordinates cyber, human, and corporate channels to steal U.S. industrial and defense technologies.
Chinese companies in the United States act as collection platforms, it continued. Subsidiaries and “consulting” fronts recruit American talent and channel proprietary know-how back to PRC state-owned enterprises.
Despite the breadth and depth of the PRC’s economic espionage campaign, it hasn’t attracted the urgency of other security concerns, explained Anthony Vinci, an adjunct senior fellow in the national security program of the Center for New American Security, a Washington, D.C.-based think tank focused on U.S. national security and defense policy.
“We have traditionally treated military and political issues as a core national security concern,” he told TechNewsWorld. “We have to start treating economic espionage as one of our core national security concerns. We still don’t do that as a nation.”
“Once we do that,” he said. “We need to take a whole-of-government or whole-of-society approach to it, where we’re sharing authorities and counterespionage approaches across agencies, similar to how we did it with counterterrorism after 9/11.”
Most Advanced Espionage System on Earth
China’s approach to espionage is more than spycraft. It’s an entire ecosystem. The Chinese system is fundamentally different from other U.S. adversaries in both scale and integration, observed Michael Bell, CEO of Suzu Testing, a provider of AI-powered cybersecurity services, in Las Vegas.
“Russia conducts opportunistic espionage through intelligence services,” he told TechNewsWorld. “China operates a whole-of-society approach where companies, universities, and talent programs function as coordinated collection platforms.”
“Based on the cases we’ve been seeing and industry analysis, no other nation-state has achieved the level of integration where a student visa, university partnership, and a state-owned enterprise investment can all be vectors for the same operation,” he said.
“I think the Chinese Communist Party runs the most advanced data collection and espionage system on earth,” Vinci added. “Then they’re combining that with cyber hacking at a scale that Russia or Iran literally don’t have the resources to do.”
One of the most damaging vectors for PRC economic espionage is insider threats, according to the ITIF report. Programs such as Thousand Talents and new “foreign expert” schemes have turned engineers and researchers inside U.S. firms into conduits for trade secrets, it noted.
“Turning an insider provides both the ability to steal concepts, as well as subvert forward progress,” Trey Ford, chief strategy and trust officer at Bugcrowd, a crowdsourced bug bounty platform based in San Francisco, told TechNewsWorld.
Why Insider Access Is So Damaging
April Lenhard, principal product manager for cyber threat intelligence at Qualys, a provider of cloud-based IT, security, and compliance solutions, in Foster City, Calif., explained that insider threats are so damaging because employees already know how to navigate systems that are gated off to outsiders.
“Trusted employees don’t just steal files,” she told TechNewsWorld. “They also know to take and use processes, context, and proprietary ‘secret sauce’ that costs American companies billions of dollars in R&D, while handing it over to China for free. That innovation can’t be recovered once it’s gone.”
Insider threats are uniquely damaging because they often bypass many traditional perimeter-focused defenses, added Eran Barak, co-founder and CEO of MIND, a platform focused on data loss prevention and insider risk management, in Seattle.
“Whether intentional or accidental, insiders already have access to sensitive systems and data,” he told TechNewsWorld. “That access, combined with a lack of visibility and control, makes it easier to exfiltrate critical information without triggering alerts.”
“Nation-state actors often exploit this by targeting individuals with privileged access, knowing that human behavior is more difficult to monitor than external network traffic,” he continued. “According to industry research, data sprawl, alert fatigue, and lack of contextual awareness in legacy security systems have made insider threats not only harder to detect, but also more impactful when successful.”
“The reality is, adversaries don’t need to break in if they can log in,” he said.
Eroding Counterintelligence Capacity
The report also warned that the United States’ counterintelligence capacity is eroding. Shifts in FBI and DHS priorities have weakened the government’s ability to detect and disrupt Chinese theft, just as Beijing’s efforts intensify, it explained.
“While it is the administration’s prerogative to assess threats and how best to address them,” the report noted, “counterintelligence, particularly combating economic espionage and trade secret theft, is an essential mission that should be maintained and adequately resourced.”
The shift in government resources should be viewed as an opportunity, Suzu’s Bell argued.
“China and Russia already understand that cyber espionage can’t be purely government-led,” he explained. “They’ve built whole-of-society programs leveraging universities, companies, and networks. The U.S. needs to mirror that by deepening partnerships between federal agencies and private sector cybersecurity firms that can serve as force multipliers in the cyber fight.”
“Rather than lamenting FBI and CISA resource shift,” he continued, “we should be building stronger information sharing frameworks, bringing trusted private contractors with appropriate clearances to bridge intel gaps, and recognizing that companies in strategic sectors aren’t on their own. They’re on the front line, and we need to treat them as partners, not just victims to be protected.”
Chinese espionage is not a series of isolated events or a crime spree, added Qualys’s Lenhard, it’s an industrial drain. “Chinese espionage is a colossal campaign to accumulate American competitive capability faster than America can defend or replace it,” she said.
“To disrupt China’s espionage pipeline, the U.S. has to stop treating technology theft like a compliance issue,” she continued. “Any engineered transfer of strategic technology needs to be handled as a full counterintelligence threat, not a regulatory footnote.”
Ultimately, the PRC-U.S. contest over technology secrets is not trench warfare, but rather a continually evolving fight, the report noted. “PRC objectives will continue to change, as their geopolitical objectives shift, and this will inform its targeting of specific industries, companies and technologies,” it explained.
“Changes in how the countries interact — both in the human and technical spaces — will shape intelligence methodologies and tradecraft,” it added. “The U.S. government’s ability to disrupt economic espionage — especially through preemptive, strategic measures — will mitigate risk to industry.”
