Connect with us

Hi, what are you looking for?


Security Infrastructure

U.S. Senators Introduce Bi-Partisan Bill to Counter China Hacking Threat

As concern over the full cyber purpose of China and its state-sponsored hackers grows, two senators have introduced a bi-partisan bill aimed at protecting U.S. technology and economic supremacy.

As concern over the full cyber purpose of China and its state-sponsored hackers grows, two senators have introduced a bi-partisan bill aimed at protecting U.S. technology and economic supremacy.

On Friday last week, U.S. Senators Marco Rubio (R-FL) and Mark R. Warner (D-VA) — both members of the Senate Select Committee on Intelligence — introduced a bill to establish a new Office of Critical Technologies and Security. The purpose of this Office purpose would be “to stop the transfer of critical emerging, foundational, and dual-use technologies to countries that pose a national security risk”; and “to maintain United States technological leadership… and ensure supply chain integrity and security for such technologies”.

This is to be achieved by coordinating a ‘whole-of-government’ response via a new focal point within the Executive Office of the President, under a Director appointed by and reporting to the President.

China is not mentioned by name within the bill. Nevertheless, it is clear the emerging awareness of the China hacking threat, and the long-term China purpose, is behind the bill.

Bi-Partisan Cybersecurity Bill introduced

“China continues to conduct a coordinated assault on U.S. intellectual property, U.S. businesses, and our government networks and information with the full backing of the Chinese Communist Party,” said Rubio in an associated statement. 

“The United States needs a more coordinated approach to directly counter this critical threat and ensure we better protect U.S. technology. We must continue to do everything possible to prevent foreign theft of our technology, and interference in our networks and critical infrastructure. By establishing the Office of Critical Technologies and Security, this bill will help protect the United States by streamlining efforts across the government. I look forward to working with my colleagues and the Administration to enact this legislation and guard against these national security threats.”

Warner added, “It is clear that China is determined to use every tool in its arsenal to surpass the United States technologically and dominate us economically. We need a whole-of-government technology strategy to protect U.S. competitiveness in emerging and dual-use technologies and address the Chinese threat by combating technology transfer from the United States,” he said. “We look forward to working with the Executive Branch and others to coordinate and respond to this threat.”

Advertisement. Scroll to continue reading.

Mitigating the threat will be no easy task, since it has two primary fronts. The first is the increasing sophistication of Chinese government-sponsored hacking groups. In the last two years, at least two major campaigns have been deemed China-related: the Cloud Hopper campaign and the Marriott hack. Before then, the massive OPM hack was also put down to China.

The second front is the apparent pressure for western companies operating in China to hand over their technology to a Chinese partner. While this isn’t strictly required, and the need for a Chinese partner is lessening, it still happens often enough for the practice to be part of President Trump’s justification for his ‘trade war’ against China. Note, however, that Tesla’s new factory in China is 100% owned by Tesla; Tesla keeps 100% of the profits, and no Tesla technology is passed to China.

Nevertheless, the new bill is designed to prevent China illegally acquiring American technology through hacking where it cannot acquire it legally through business.

Related: The United States and China – A Different Kind of Cyberwar 

Related: ‘Five Eyes’ Nations Blame China for APT10 Attacks 

Related: China-Linked APT15 Develops New ‘MirageFox’ Malware

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture


Identity and access governance vendor Saviynt has closed a $205 million financing round.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.


Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

Identity & Access

The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).