The sabotage earlier this year of Hezbollah’s communications devices, apparently by Israel, was undoubtedly spectacular, but, as a matter of espionage, it was anything but new. Intelligence agencies have long targeted and exploited supply chains both for intelligence and sabotage purposes. From the 20th century Cold War to today’s geopolitical clash with Russia and China, infiltrating supply chains has always offered the opportunity to acquire valuable information about an adversary, or to disrupt critical sectors of its economy.
Western officials are now busily assessing their own strategic and tactical supply chain vulnerabilities. Hardly a D.C. conference goes by without mention of the CHIPS Act and semiconductor supply chains. The United States is funneling billions of dollars towards the development of ecosystems for high tech manufacturing and critical materials processing to support microelectronics both domestically (e.g., Intel in Arizona) and in partner countries (Mexico, the Philippines, and others).
Concerns about the fragility of supply chains in defense have also prompted the Department of Defense to produce its first-ever Defense Industrial Strategy. The White House has even established a Council on Supply Chain Resilience to coordinate and manage the many disparate supply chain initiatives across the U.S. government.
What’s surprising about this shift in the approach by the U.S. government is that it took so long. Globalization is not playing out the way it was supposed to. The tenets of liberal economic policy, including perfect competition and efficiency, are receding in favor of the idea of resiliency against risks posed by adversaries, especially China and Russia.
China, for one, never bought into the separation of national and economic security. Its approach to national advancement is not a whole-of government approach, but a whole-of-society one. The notion that national and economic security are somehow separate holds little merit outside of Western, liberal economies. China has acted according to its own view of national power, including by trying to stave off economic coercion via supply chains in critical industrial sectors.
Chinese policymakers, in other words, seem to have a greater appreciation for the history of supply chain sabotage. The U.S. government would benefit from a greater appreciation of the forms of sabotage that worked successfully in the past, and of the changes in supply chains, and the tactics of their adversaries, that have occurred in the interim. Those lessons from history offer valuable guidance on how the United States can better protect itself against hostile state supply chain exploitation today.
Sabotaging supply chains of adversaries is as old as statecraft and warfare. In the medieval period, armies would use spies acting as merchants to discover what adversaries were buying; they would also, for example, poison water supplies of enemies. Fast forward to the 20th century: When British intelligence discovered that Nazi Germany was using commercial front companies for espionage, the British tried—but apparently did not succeed—in doctoring technology that Berlin was known to be targeting. It was after the war, however, when the use of supply chains for intelligence collection and sabotage came into its own. In the early Cold War, the CIA devised an ingenious operation to collect foreign communications by rigging their manufacture and procurement. It secretly colluded with an apparently reputable Swiss company, Crypto AG, to sell rigged cypher machines to third party countries. The latter purchased Crypto machines believing they were buying the best neutral Swiss technology that money could buy. The CIA operation, codenamed RUBICON and only revealed in 2020, allowed the U.S. government to read foreign communications like an open book.
In the later Cold War, espionage and sabotage of supply chains took on a new dimension. The Soviet Union’s intelligence services, the KGB and GRU, targeted Western countries to steal as much scientific and technical (S&T) intelligence as possible in order to fulfill the Soviet Union’s grand ideological strategy against Western imperialism, principally the United States. Richard Nixon and Henry Kissinger’s thawing of relations between East and West, known as détente, allowed for the opening of commercial relations between the Soviet bloc and the United States.
While the U.S. government restricted dual-use technologies being sold behind the Iron Curtain, Soviet intelligence used détente to go on the offensive, using commercial front companies to steal Western military and industrial secrets. In 1982, a Soviet agent inside the KGB’s scientific and technical intelligence department, Line X, revealed the breadth and scope of the KGB’s S&T assault on the West. That agent, Vladimir Vetrov, received the codename FAREWELL from his handlers in French intelligence. Vetrov’s espionage allowed French intelligence, and its allies, an unprecedented window into the Soviet Union’s clandestine infiltration of Western supply chains.
Vetrov’s highly sensitive intelligence, based on about 4,000 documents he stole, now known as the FAREWELL dossier, was passed by the French at the highest level to the White House and the U.S. intelligence community. The dossier allowed the CIA, working with some of its European partners, to go one step further than espionage—to sabotage supply chains known to be targeted by the Soviet bloc. Although specific details remain opaque, the CIA’s operation apparently involved providing the Soviet government with a rigged NASA design of the space shuttle, flawed computer chips, misleading information on stealth technology, and malfunctioning turbines, which, when used, led to the destruction of an in Siberia.
Thanks to the recent investigative journalism of national security reporter Zach Dorfman, we now know that the FBI was up to similar tricks. In an operation codenamed INTERING, the FBI ensured that the Soviet Union “would unknowingly purchase millions of dollars’ worth of sabotaged U.S. goods,” Dorfman wrote in a recent Politico Magazine article. The FBI used a well-connected Austrian businessman, whose identity remains a secret today, to “seed faulty tech to Moscow and its allies; drain the Soviet bloc’s coffers; expose its intelligence officers and secret American conspirators; and reveal to American counterspies exactly what tech the Soviets were after.” The Bulgarians were the principal target of operation INTERING, receiving, thanks to the FBI, a suite of rigged microelectronic products.
The last century’s Cold War was a simpler time. The Soviet Union was never a major economic power on the world stage and the West was effectively able to sideline it. None of that is true for China today, nor even for Russia, whose economy is proving to be remarkably resilient in the face of Western sanctions after its full-scale invasion of Ukraine. While there are parallels between the last century’s Cold War and the current geopolitical clash between East and West, there are also major differences. China’s massive economic weight—and its interconnectivity with the rest of the world over the past two decades—make the present rivalry far more complicated, and thus arguably more dangerous, than the past, as former U.S. Secretary of State Condoleezza Rice has recently noted.
Today’s digital landscape also differentiates contemporary exploitation of supply chains from the past. As The Economist’s defense editor, Shashank Joshi, wrote in September: “what previously required front companies, physical infrastructure and agents carrying tools of sabotage can now be done virtually.”
Take, for example, Russia’s SolarWinds hack, the biggest cyber intrusion known to date in the United States, discovered in mid-December 2020. The Russian government was able to insert backdoor networks into the private sector and federal agencies, using a software update provided by a company called SolarWinds. The extent of the hack was breathtaking and included key sectors of U.S. national security infrastructure, such as the Energy Department, which controls the National Nuclear Security Administration.
On present evidence, it appears the SolarWinds hack was espionage (intelligence collection), not sabotage. But here’s the rub: In a digital environment, the distinction between espionage and sabotage can be extremely small, the difference between observation, inserting malware, and activating it. It can come down to differences in code. As has been recently pointed out by British army legal scholar Juliet Skingsley, the distinction between espionage and sabotage, though often little in practical terms, constitutes a fundamental distinction in international law, which generally permits espionage, except where expressly prohibited by treaty or custom, but not sabotage.
China has a fundamentally different approach to intelligence collection and exploitation of supply chains than the Soviet Union ever did—or at least was able to during the Cold War. Except for oil, the Soviets produced little that the rest of the world wanted, the same being true of Russia today. That is not the case for the People’s Republic of China (PRC). The PRC’s extraordinary economic boom in the first two decades of this century, and its integration into the world economy as it made cheap goods that the world wanted, was fueled by industrial espionage, more politely termed the “acquisition of intellectual property.” Unlike the Soviet Union and Russia today, whose theft of secrets tends to be narrow and targeted on specific Western industries and sectors, the PRC undertakes a “whole of society” approach to collecting intelligence.
It collects both overtly and covertly, blending open sources with traditional human intelligence and technical intelligence collection. The result is an adversary for the U.S.—and the West more broadly—which makes the Soviet Union and its intelligence services look like school children. The Chinese Communist Party (CCP) employs a military-civil fusion strategy in fulfillment of its concept of “comprehensive national security.” In practical terms, this means that the CCP uses all of the levers and mechanisms of the Chinese government, commerce, military, and diaspora Chinese populations to collect information useful for Beijing’s grand strategic objective: to displace the United States as the leading economic and military power in the world.
Its strategy has only grown more acute since Xi Jinping took power in China just over a decade ago. China under Xi has made little secret of the fact that it desires to acquire any and all economic and military information it deems necessary from the West. The PRC’s key strategic documents, like Made in China 2025, expressly set out areas of technology in which it seeks to be the world leader, if necessary by leapfrogging ahead of the United States. The technologies that China targets are spread via supply chains and across sectors. They include emerging technologies, such as AI, quantum computing, synthetic biology, as well as semiconductors, aerospace and aviation, green technologies, telecommunications, robotics and automation, and nuclear technology. The CCP’s strategic documents state that if a technology cannot be developed domestically, the Chinese state is permitted—even obliged—to steal it from overseas. From Beijing’s perspective, all is fair in its mission for national rejuvenation after a century of humiliation at the hands of Western powers.
Under a series of increasingly authoritarian national security laws passed under Xi, the CCP requires Chinese companies to cooperate with its state security and intelligence services whenever requested. This is the context for headlines in recent years about everything from fears over the CCP’s use of Huawei and TikTok as intelligence collection platforms, to its ability to monitor cranes at U.S. port authorities, to allegations of espionage by Alibaba at European logistics hubs. In October, a Chinese national working at a logistics firm was arrested on suspicion of passing information to Chinese intelligence, reportedly on German arms movements out of Leipzig airport.
The U.S. government is thus facing an adversary which operates fundamentally differently, by fusing commerce, government, and the military. By comparison, Washington is competing with one hand tied behind its back. An ideological issue looms large here: Unlike some of its Western partners, the U.S. government does not conduct industrial espionage for the benefit of American companies. This was not always the case. Washington’s embargo on industrial espionage arose after the Cold War, in the 1990s, according to one CIA insider, who spoke on the condition of anonymity.
There are advantages and disadvantages on both sides of the argument for state backed industrial espionage. On the one hand, harnessing the deep capabilities of the U.S. government for the advantages of U.S. companies smacks of crony capitalism. On the other hand, other Western countries, for example France and Israel, show little such restraint separating intelligence and commerce, and that’s to say nothing of China.
It may be time for the U.S. government to revisit the existing embargo on conducting industrial espionage. Should we still uphold theoretical economic principles at the expense of our economic well-being?
The public does not know whether the U.S. is sabotaging hostile state supply chains in the manner previously done with the FAREWELL dossier—nor should we. It is a fair bet, however, that some officials in corners of the intelligence community are at least thinking along similar lines. According to a former senior CIA officer, who was granted anonymity for REASON, the CIA has a unit devoted to supply chain operations. One day the archives may reveal what U.S. covert actions have taken place.
But whatever tactical successes may be achieved through such U.S. sabotage and covert action operations, the government remains ill-equipped to deal with China’s whole-of-society, strong-arm methods set out above. And it is an onslaught: Chinese intelligence services are targeting everything from U.S. aerospace giants to venture capital and startups in Silicon Valley. Awareness and intent is a good place to start—but in this struggle, the U.S. is handicapped by a culture that doesn’t view companies as national resources, when in fact private sector innovation has long been driving American power .
In light of the profound transformations occurring in global supply chains, a holistic, collaborative, and proactive approach is required. Policymakers, industries, and intelligence communities must unite to craft resilient, secure, and efficient supply networks fit for the future.
To do this, the U.S. government needs to shift its perception about companies; to treat them as real partners, rather than merely “vendors.”
A case in point is supply chains. In our experience, government departments frequently choose to build custom solutions when cutting edge commercial solutions already exist, often under the belief that government needs are unique. In most cases, this is not true—certainly in terms of supply chains. Large automotive companies, global shipping companies, and multinational retailers all face problems at the scale and complexity of government agencies. Commercially scaled solutions achieve remarkable speed and innovation in supply chains without federally funded research centers. These latter institutions are chock full of brilliant people, to be sure, but the economics of rebuilding what exists at scale in the private sector is dreadful for taxpayer return on investment, often for an inferior product.
Unlike in the last century, it is now no longer the U.S. government but the private sector that is developing the emerging technologies that will change our lives this century—artificial intelligence, quantum computing, and synthetic biology. Approximately 85% of U.S. critical infrastructure is currently held by the private sector. R arely, if ever, does the U.S. government know a sector or business better than the businesses themselves. This is especially true for emerging technologies, and their associated supply chains.
By addressing these multifaceted challenges head-on, it is possible to pave the way for a more secure, sustainable, and prosperous U.S.-led global economy in the era of AI and digital transformation. The starting point in Washington must be this simple truth: In today’s context, national security is private sector security.
The post The Era of Supply Chain Spy Wars Is Here appeared first on Foreign Policy.
