For years, America’s major technology companies have operated in China but remained completely mum about reports that Chinese state-backed hacking organizations have engaged in cyber attacks against them. Amazon and Apple went to enormous lengths to deny BusinessWeek’s allegations in 2018 that the People’s Liberation Army placed tiny chips on motherboards that were placed in servers purchased by both companies.
So it’s striking today that Microsoft has broken the wall of silence and stated publicly that an entity called Hafnium, which is state-sponsored and operating out of China, penetrated a Microsoft email service, allowing it to penetrate the computers of tens of thousands of customers. The hackers were able to steal emails and install malware to continue surveillance of their targets.
Also very interesting is that Microsoft turned to the federal government for help, an action that not one other major technology company has publicly acknowledged. It sought help from the U.S. Cybersecurity and Infrastructure Agency, which late last year described how China’s Ministry of State Security was roaming at will through America’s Information Technology systems, taking advantage of open source publicly available tools.
As I argued with Michael McLaughlin of the U.S. CYBERCOMMAND in a story in the National Interest in November, the Chinese have developed astonishing sophistication in communications and computing and are using it aggressively against American targets. All this squares with the pattern of activity I revealed in my book, The New Art of War, in May 2019. Now, almost two years later, my worst fears about Chinese penetration have been realized. We do not fully control our own computers. That obviously undermines our national security. We cannot protect our secrets.