China's methods of pilfering U.S. properties remain a mystery, perplexes Defense Department faction tasked with barring foreign spies

In a recent speech, David Cattler, the Assistant Director of Industrial Security at the Defense Counterintelligence and Security Agency (DCSA), highlighted several concerning incidents that have compromised US defense systems. These include the Volt Typhoon, Salt Typhoon, and suspected Chinese hacks of the US Treasury, among others.

Cattler also pointed out that increasing interaction between private industry and the defense department is contributing to the growth of insider threats. He noted that cyber-enabled espionage, AI-driven targeting, and foreign capital exploitation are expanding the threat landscape.

The DCSA is responsible for vetting the security credentials of federal employees, contractors, academics, and private companies involved in work for the Defense Department. However, Cattler expressed concern about China's efforts to gain access to academic and technology research related to the Department of Defense. This is a concern shared by Matthew Redding, the DCSA's Director, who stated that China's government and military industrial complex, as well as its allies, are actively pursuing this access.

The international intelligence community has been warning for years that China targets intellectual property in western nations. This was evident in the Silk Typhoon, tied to the US Treasury break-in, which now hammers IT and government targets. Chinese spies have been accused of pilfering data from big tech companies, including Google, and major government contractors, such as Microsoft.

In response to these threats, Cattler called for increased cooperation between government and industry. He stated that today's adversaries do not separate economic competition from national security. Cattler also wants more security services centralized under the DCSA to accomplish its mission.

The DCSA is taking steps to address these threats. Cattler stated that the agency expects to issue more facility clearances, engage in more personnel vetting, and conduct more training. The DCSA reviews 30,000 suspicious incidents per year, with four to five thousand of those ending up being credible, according to Redding.

However, the DCSA did not immediately provide information on how it plans to adapt its strategies to increase its chances of success. One government defense contractor reported to the DoD that it had been dealing with 65,000 phishing attempts every month. Microsoft reportedly cut China's early access to bug disclosures and PoC exploit code in response to these threats.

The name of the leading DCSA employee over the last decade focusing on improving security measures to prevent leaks of US state secret information to China is not publicly disclosed. Despite this, both Redding and Cattler called particular attention to insider threats as a growing risk.

In conclusion, the growing threats to US defense systems require a coherent and aligned response from both government and industry. The DCSA is taking steps to address these threats, but more needs to be done to protect US interests in the face of increasing cyber threats from China and other nations.

China's methods of pilfering U.S. properties remain a mystery, perplexes Defense Department faction tasked with barring foreign spies