China

US lawmakers press Microsoft president on China links and cyber breaches

At Thursday’s House of Representatives Homeland Security panel, Microsoft President Brad Smith addressed tough questions about the tech giant’s security measures and connections to China. The scrutiny follows a significant breach last summer when China-linked hackers accessed 60,000 US State Department emails by infiltrating Microsoft’s systems. Additionally, earlier this year, Russia-linked cybercriminals spied on emails of Microsoft’s senior staff, further intensifying concerns.

Lawmakers criticised Microsoft for failing to prevent these cyberattacks, which exposed federal networks to significant risk. They highlighted a report by the Cyber Safety Review Board (CSRB) that condemned Microsoft for lack of transparency regarding the China hack, labelling it preventable. Smith acknowledged the report’s findings and stated that Microsoft acted on most of its recommendations. He emphasised the growing threat posed by nations like China, Russia, North Korea, and Iran, which are increasingly sophisticated and aggressive in their cyberattacks.

During the hearing, Smith defended Microsoft’s role, saying that the US State Department’s discovery of the hack demonstrated the collaborative nature of cybersecurity. However, Congressman Bennie Thompson expressed dissatisfaction, stressing that Microsoft is responsible for detecting such breaches. Given its substantial investments there, panel members also inquired about Microsoft’s operations in China. Smith noted that the company earns around 1.5% of its revenue from China and is working to reduce its engineering presence in the country.

Despite facing significant criticism over the past year, some panel members, including Republican Congresswoman Marjorie Taylor Greene, commended Smith for accepting responsibility. In response to the CSRB’s findings, Microsoft has pledged to prioritise security above all else, launching a new cybersecurity initiative in November to bolster its defences and ensure greater transparency moving forward.

Dutch authorities reveal extensive Chinese cyber-espionage operation

The Dutch military intelligence and security service (MIVD) has raised alarms over a global Chinese cyber-espionage campaign, that successfully targeted ‘a significant number of victims’, including Western governments, international organisations and the defense industry. The Netherlands’ National Cyber Security Centre (NCSC) provided the details of this operation in the warning sharing how state-sponsored hackers exploited a vulnerability in FortiGate devices for ‘at least two months before Fortinet announced the vulnerability.’

This vulnerability, identified as CVE-2022-42475, was leveraged during a ‘zero-day period’ to compromise around 14,000 devices in Netherlands. In particular, the warning says that the had successfully breached the internal computer network of the Dutch Ministry of Defence. After gaining access, the hackers deployed a remote access trojan (RAT) named COATHANGER to perform reconnaissance and exfiltrate user account information from the Active Directory server. It, however, remains unclear how many of these systems were infected with the COATHANGER malware. The MIVD warned that identifying and removing these infections is particularly challenging.

“The NCSC and the Dutch intelligence services therefore state that it is likely that the state actor still has access to systems of a significant number of victims,” the report cautioned, emphasizing the ongoing threat posed by this extensive cyber-espionage campaign.

China releases draft rules to promote ‘cross-border’ e-commerce

China’s Ministry of Commerce has announced draft rules aiming to expand e-commerce businesses that trade across borders, including promoting the construction of overseas warehouses. E-commerce companies will be supported by national ministries and government departments, helping them ‘go global’, the ministry said. Beyond spreading its reach outwards, the draft rules aim to regulate inbound trade by improving data management and optimising export supervision as well.

Why is this important?

These draft rules come at a crucial point when local e-commerce has been facing a more general macroeconomic slow down, and when cross-border trade has been growing exponentially. That same growth has pushed regulators beyond China to consider stricter rules for large e-commerce firms. The EU has recently done so against online marketplace Temu

Chinese AI chip firms downgrading designs to secure TSMC production

Chinese AI chip firms, including industry leaders such as MetaX and Enflame, are downgrading their chip designs in order to comply with Taiwan Semiconductor Manufacturing Company’s (TSMC) stringent supply chain security protocols and regulatory requirements. This strategic adjustment comes amidst heightened scrutiny and restrictions imposed by the US on semiconductor exports to Chinese companies, which includes limitations on accessing advanced manufacturing technologies critical for AI chip production.

The US has imposed strict export controls to obstruct China’s military advancements in AI and supercomputing. These controls include restrictions on sophisticated processors from companies like Nvidia, as well as on-chip manufacturing equipment crucial for advanced semiconductor production. That move has prevented TSMC and other overseas chip manufacturers using US tools from fulfilling orders for these restricted technologies.

In response to these restrictions, top Chinese AI chip firms MetaX and Enflame have reportedly submitted downgraded chip designs to TSMC in late 2023. MetaX, founded by former Advanced Micro Devices (AMD) executives and backed by state support, had to introduce the C280 chip after its more advanced C500 Graphic Processing Unit (GPU) ran out of stock in China earlier in the year. Enflame, also Shanghai-based and supported by Tencent, faces similar challenges.

Why does it matter?

The decision to downgrade chip designs to meet production demands reflects the delicate balance between technological advancement and supply chain resilience. While simplifying designs may expedite production and mitigate supply risks in the short term, it also raises questions about long-term innovation and competitiveness. The ability to innovate and deliver cutting-edge AI technologies hinges on access to advanced chip manufacturing processes, which are increasingly concentrated among a few global players.

China launches AI chatbot based on Xi Jinping’s ideology

China has unveiled an AI chatbot based on principles derived from President Xi Jinping’s political ideology. The chatbot, named ‘Xue Xi’, aims to propagate ‘Xi Jinping Thought’ through conversational interactions with users. Xi Jinping Thought, also known as ‘Xi Jinping Thought on Socialism with Chinese Characteristics for a New Era‘, is made up of 14 principles, including ensuring the absolute power of the Chinese Communist Party, strengthening national security and socialist values, as well as improving people’s livelihoods and well-being.

Developed by a team at Tsinghua University, ‘Xue Xi’ utilises natural language processing to engage users in discussions about Xi Jinping’s ideas on governance, socialism with Chinese characteristics, and national rejuvenation. The chatbot was trained on seven databases, six of which were mostly related to information technologies provided by China’s internet watchdog and the Cyberspace Administration of China (CAC). 

The chatbot’s creation is the latest effort of a broader strategy to spread the Chinese leader’s ideology and an attempt to leverage technology, strengthen ideological education and promote ideological loyalty among citizens. Students have had to take classes on Xi Jinping’s Thoughts in schools, and an app called Study Xi Strong Nation was also rolled out in 2019 to allow users to learn and take quizzes about his ideologies.

Why Does It Matter?

The launch of Xue Xi raises important questions about the intersection of AI technology and political ideology. It represents China’s innovative approach to using AI for ideological dissemination, aiming to ensure widespread adherence to Xi Jinping Thought. By deploying AI in this manner, China advances its technological capabilities and seeks to shape public discourse and reinforce state-approved narratives. Critics argue that such initiatives could exacerbate issues related to censorship and surveillance, potentially limiting freedom of expression and promoting conformity to government viewpoints. Moreover, the development of ‘Xue Xi’ underscores China’s broader ambition to lead in AI development, positioning itself as a pioneer in using technology for ideological governance.

Chinese researchers develop AI hospital town to revolutionise healthcare

AI is making significant strides in the healthcare sector, with Chinese researchers developing an AI hospital town that promises to revolutionise medical training and treatment. Dubbed ‘Agent Hospital’, this virtual environment, created by Tsinghua University researchers, features a large language model (LLM)-powered intelligent agents that act as doctors, nurses, and patients, all capable of autonomous interaction. These AI agents can treat thousands of patients quickly, achieving a 93.06% accuracy rate on medical exams. This innovative approach aims to enhance the training of medical professionals by allowing them to practice in a risk-free, simulated environment.

The AI hospital town not only offers advanced training opportunities for medical students but also has the potential to transform real-world healthcare delivery. The AI hospital can provide valuable insights and predictions by simulating various medical scenarios, including the spread of infectious diseases. The system utilises a vast repository of medical knowledge, enabling AI doctors to handle numerous cases efficiently and accurately, paving the way for high-quality, affordable, and convenient healthcare services.

While the future of AI in healthcare appears promising, significant challenges remain in implementing and promoting AI-driven medical solutions. Ensuring strict adherence to medical regulations, validating technological maturity, and developing effective AI-human collaboration mechanisms are essential to mitigate risks to public health. Experts emphasise that despite the impressive capabilities of AI, it can only partially replace the human touch in medicine. Personalised care, compassion, and legal responsibilities are aspects that AI cannot replicate, highlighting the indispensable role of human doctors in healthcare.

US defense group claims that China harnesses open-source software for military

A Chinese nonprofit organisation linked to the government is reportedly coordinating efforts among major tech firms in China to develop open-source software with potential military applications, according to a report from the Jamestown Foundation, a US-based defence policy group. The OpenAtom Foundation oversees the development of open-source operating systems, including OpenHarmony, a variant of Huawei’s Harmony OS that was developed after the company faced US sanctions.

OpenAtom’s efforts extend beyond civilian use, with initiatives to develop alternatives to US technologies for defence applications, such as satellite systems. The foundation led the adaptation of OpenHarmony for Chinese satellites, which was launched in the previous year and is capable of capturing high-resolution images at a low cost.

Sunny Cheung from the Jamestown Foundation highlights OpenAtom’s pivotal role in China’s strategy for technological self-reliance, noting that many of its leaders have ties to the Chinese Ministry of Industry and Information Technology, and a significant portion of its staff are affiliated with the Chinese Communist Party. However, China’s foreign ministry declined to comment on these allegations.

While most of OpenAtom’s sponsors are Chinese firms like Alibaba and Tencent, US chipmaker Intel is also involved. Intel emphasised its commitment to fostering an open ecosystem strategy globally. The Jamestown Foundation suggests that the US should consider promoting its own open-source software initiatives to prevent China from gaining an advantage in this domain, which has largely been left to the private sector until now.

Taiwan accuses Chinese firms of illegal operations and talent poaching

Taiwanese authorities have accused Luxshare Precision Industry, a Chinese Apple supplier, of illegally operating in Taiwan and attempting to poach tech talent. The Ministry of Justice Investigation Bureau identified Luxshare as one of eight companies from China engaging in these illegal activities but provided no further details. The crackdown is part of Taiwan’s broader efforts to protect its high-tech industry from Chinese firms trying to steal expertise and talent.

Additionally, the investigation bureau named Zhejiang Dahua Technology, a video surveillance equipment maker blacklisted by the US in 2019 for its role in the treatment of Muslim minorities in Xinjiang. Zhejiang Dahua allegedly set up covert operations in Taiwan and attempted to obscure its activities by listing employees under a different company name. Both Luxshare and Zhejiang Dahua have not responded to these accusations.

Taiwan, home to semiconductor giant TSMC and a leader in advanced chip manufacturing views these Chinese efforts as a significant threat to its technological edge. The bureau emphasised its commitment to cracking down on illegal operations and talent poaching, warning that it will enforce the law resolutely. This announcement follows a sweep conducted earlier this month targeting suspected illegal activities by Chinese tech firms.

Chinese national behind 911 S5 botnet arrested in Singapore

The US Department of Justice (DOJ) announced the arrest of a Chinese national, Wang Yunhe, in an international operation targeting cybercrime. Wang, aged 35, was apprehended in Singapore on 24 May for allegedly creating and using malware responsible for cyberattacks, large-scale fraud, and child exploitation. This arrest comes on the heels of a similar high-profile sweep last August, involving 10 Chinese citizens charged with laundering over $2 billion through Singapore.

According to the US Treasury Department, the botnet, known as ‘911 S5,’ was used by criminals to compromise personal devices to further conduct identity theft, financial fraud, and child exploitation.

The Treasury’s Office of Foreign Assets Control has now imposed sanctions on three Chinese nationals behind the platform—Yunhe Wang, Jingping Liu, and Yanni Zheng—and on three entities owned or controlled by Yunhe Wang. FBI Director Christopher Wray described the ‘911 S5’ botnet as likely the world’s largest, comprising malware-infected computers in nearly 200 countries.

According to the DOJ, Wang and unnamed accomplices developed and distributed malware that compromised millions of residential Windows computers worldwide. From 2018 to July 2022, Wang accrued $99 million from selling access to hijacked IP addresses, facilitating cybercriminals in bypassing financial fraud detection systems. These criminals committed fraud, resulting in losses exceeding $5.9 billion, including 560,000 fraudulent unemployment insurance claims.

Wang used the illicitly obtained proceeds to acquire assets globally, spanning properties in the USA, Saint Kitts and Nevis, China, Singapore, Thailand, and the UAE. His possessions included luxury sports cars, numerous bank accounts, cryptocurrency wallets, luxury watches, and 21 properties across multiple countries. Matthew S. Axelrod from the US Department of Commerce’s Bureau of Industry and Security described the case as resembling a screenplay, highlighting the extensive criminal enterprise and lavish expenditures financed by nearly $100 million in profits.

The operation is a collaborative effort led by law enforcement agencies from the US, Singapore, Thailand, and Germany. It underscores the international cooperation required to combat cybercrime effectively.

The FBI has published information at fbi.gov/911S5 to help identify and remove 911 S5’s VPN applications from infected devices.

China’s AI chipmakers closing gap on global leaders

China’s domestic AI chipmakers are rapidly closing the gap on international leaders, according to Xu Bing, co-founder of SenseTime Group Inc. Despite the significant lag in computational power compared to the US, China possesses the talent and data necessary to advance in the AI field, Xu stated during an interview at the UBS Asian Investment Conference in Hong Kong. SenseTime, a leading AI company in China, faces challenges due to US sanctions that restrict access to advanced AI technology, such as Nvidia’s accelerators.

The US trade controls have spurred the development of domestic alternatives from companies like Huawei Technologies and Shanghai Biren Technology, both also affected by US restrictions. Xu emphasised that although Asia faces a considerable shortfall in computational resources, the region is abundant in talent and data. He noted that China’s AI chip industry is catching up quickly, with SenseTime collaborating with local semiconductor firms to enhance their computing capabilities.

While the exact gap between Chinese and US AI technology is uncertain, estimated between one to three years, Xu is optimistic that this disadvantage in computing power will be temporary. He believes that, over time, the disparity in computing resources will diminish, viewing computing power as a commodity China will eventually acquire in sufficient quantity. Notable Chinese companies making strides in AI chips include Moore Threads Intelligent Beijing Co., Huawei, and other key players like Baidu Inc. and Naura Technology Group Ltd, which have received government attention and support.