Intelligence and security experts are warning foreign firms in China of a growing threat of Internet-related crimes, government surveillance and loss of proprietary data. But some U.S. companies said they view those threats as exaggerated.
The latest warning comes from a report published last month by a network security firm founded by two former U.S. Navy intelligence officers. The report, released by Dublin, Ohio-based LogiKeep Inc., cautions companies that the government-controlled Internet environment in China could put the integrity of their networks at risk.
"The most important consideration is that, in one way or another, the government is involved in the operation, regulation and monitoring of the country's networks," states the report, "The People's Republic of China: A Network Security Threat Assessment." As a result of this and other factors, such as tensions with Taiwan, "U.S. companies could see an increase in scans, probes and attacks" that could be aimed at gaining technical information, the report states.
But representatives from companies with major operations in China said they have never had problems and don't plan to run scared now.
"I would discount most of the alarmist reports," said David Blumental, a corporate lawyer at the law firm of Vinson & Elkins in Houston who has represented numerous firms doing business in China.
"The real focus of their control efforts is what the Chinese call 'black and yellow,' or political and pornographic material," said Blumental. "How serious an issue [economic espionage] is depends on who you are and what business you're in." And it isn't unique to China, he added.
Philip Leung, vice president of the American Chamber of Commerce in Hong Kong, also expressed doubts.
"I am not convinced that the Chinese government is overtly -- or, for that matter, covertly -- engaging in corporate espionage via the Internet," said Leung.
Yet U.S. intelligence experts interviewed by Computerworld say China's vast intelligence-collecting apparatus has a voracious appetite for any U.S. technology that could help speed the People's Republic's military modernization and boost the country's economy. That puts high-tech vendor companies particularly at risk.
"Businesses operating in China are up against a national government that has essentially unlimited resources and a long track record of industrial and economic espionage," said one intelligence official.
"Every business in China is run by the government, and any effort to develop intelligence and promote those industries is a national effort," said Peter Gasper, a senior geopolitical analyst at LogiKeep and principal author of the report. He added that scans, probes and attacks against U.S. firms in China "are statistically confirmed and growing" and could be Chinese tests of offensive information warfare tactics or the work of Chinese virus writers.
The U.S. firms that may be at the greatest risk of losing proprietary data include companies that have set up development laboratories in China, said Gasper. But those companies, eager to gain a foothold in China's burgeoning IT market, don't necessarily share the fears of intelligencee experts.
Play by the Rules
Rosemary Yaecker, a spokeswoman for Murray Hill, N.J.-based Lucent Technologies Inc., which signed a $15 million deal this month with China's Liaoning Telecom for Lucent's optical networking products, said there are no barriers to doing business in China for companies that know the rules and abide by that nation's laws.
Fred P. McNeese, a spokesman for IBM Asia-Pacific, said IBM "believes appropriate safeguards are in place in China and elsewhere."
Patrick McGovern, chairman of the board of Boston-based International Data Group, the parent company of Computerworld, has played an instrumental role since 1980 in opening up China's markets to U.S. companies. He said he sees a China that's becoming less centralized.
"Our operations in China are indistinguishable from any of the 84 countries where we operate," said McGovern, whose company also owns a venture capital operation that has invested in more than 100 Web-based firms in China. "We've never had any problems with the Chinese government restricting what we were doing or any incidents where proprietary information was lost."
Leung acknowledged that there are more controls in place in China than in some other countries, but he said he doesn't believe they have been put in place to foster espionage. "While the Chinese view controls and regulations as necessary to facilitate an orderly Internet market and to protect the country from subversion . . . and other Internet crimes, I believe the controls are partially the result of political rigidity and bureaucratic inertia," he said.
"Human nature is the same everywhere in the world," said McGovern. "The thought that there are lots of people with time on their hands to explore what the 20 million Internet users in China are doing is totally impractical."
This story, "Net risks on rise in China" was originally published by Computerworld.