Security Experts:

Connect with us

Hi, what are you looking for?


Security Infrastructure

U.S. Senators Introduce Bi-Partisan Bill to Counter China Hacking Threat

As concern over the full cyber purpose of China and its state-sponsored hackers grows, two senators have introduced a bi-partisan bill aimed at protecting U.S. technology and economic supremacy.

As concern over the full cyber purpose of China and its state-sponsored hackers grows, two senators have introduced a bi-partisan bill aimed at protecting U.S. technology and economic supremacy.

On Friday last week, U.S. Senators Marco Rubio (R-FL) and Mark R. Warner (D-VA) — both members of the Senate Select Committee on Intelligence — introduced a bill to establish a new Office of Critical Technologies and Security. The purpose of this Office purpose would be “to stop the transfer of critical emerging, foundational, and dual-use technologies to countries that pose a national security risk”; and “to maintain United States technological leadership… and ensure supply chain integrity and security for such technologies”.

This is to be achieved by coordinating a ‘whole-of-government’ response via a new focal point within the Executive Office of the President, under a Director appointed by and reporting to the President.

China is not mentioned by name within the bill. Nevertheless, it is clear the emerging awareness of the China hacking threat, and the long-term China purpose, is behind the bill.

Bi-Partisan Cybersecurity Bill introduced

“China continues to conduct a coordinated assault on U.S. intellectual property, U.S. businesses, and our government networks and information with the full backing of the Chinese Communist Party,” said Rubio in an associated statement. 

“The United States needs a more coordinated approach to directly counter this critical threat and ensure we better protect U.S. technology. We must continue to do everything possible to prevent foreign theft of our technology, and interference in our networks and critical infrastructure. By establishing the Office of Critical Technologies and Security, this bill will help protect the United States by streamlining efforts across the government. I look forward to working with my colleagues and the Administration to enact this legislation and guard against these national security threats.”

Warner added, “It is clear that China is determined to use every tool in its arsenal to surpass the United States technologically and dominate us economically. We need a whole-of-government technology strategy to protect U.S. competitiveness in emerging and dual-use technologies and address the Chinese threat by combating technology transfer from the United States,” he said. “We look forward to working with the Executive Branch and others to coordinate and respond to this threat.”

Mitigating the threat will be no easy task, since it has two primary fronts. The first is the increasing sophistication of Chinese government-sponsored hacking groups. In the last two years, at least two major campaigns have been deemed China-related: the Cloud Hopper campaign and the Marriott hack. Before then, the massive OPM hack was also put down to China.

The second front is the apparent pressure for western companies operating in China to hand over their technology to a Chinese partner. While this isn’t strictly required, and the need for a Chinese partner is lessening, it still happens often enough for the practice to be part of President Trump’s justification for his ‘trade war’ against China. Note, however, that Tesla’s new factory in China is 100% owned by Tesla; Tesla keeps 100% of the profits, and no Tesla technology is passed to China.

Nevertheless, the new bill is designed to prevent China illegally acquiring American technology through hacking where it cannot acquire it legally through business.

Related: The United States and China – A Different Kind of Cyberwar 

Related: ‘Five Eyes’ Nations Blame China for APT10 Attacks 

Related: China-Linked APT15 Develops New ‘MirageFox’ Malware

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Expert Insights

Related Content

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture


The White House announced on Wednesday that the Industrial Control Systems (ICS) Cybersecurity Initiative has been expanded to include the chemical sector.


Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

Application Security

Incident Response

Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations...

Data Protection

Artificial intelligence is more artificial than intelligent.

Security Infrastructure

On October 21, 2002, the Internet’s core root server system as a whole came under a significant attack. A coordinated distributed denial-of-service attack aimed...