Full Report
China’s technological rise has been one of the United States’ biggest preoccupations for nearly a decade, across both Democratic and Republican administrations. In their new book, The Great Heist, David Shedd and Andrew Badger—former officials at the Defense Intelligence Agency—detail the years of espionage that enabled that rise. Through court documents, interviews, and even fictional scenarios,…
Analysis Summary
# Threat Actor: Chinese State-Sponsored Espionage
## Attribution & Identity
- **Actor Identification:** Chinese state-affiliated intelligence and espionage entities.
- **Aliases:** Not explicitly named in the text by security industry monikers (e.g., APT groups), but characterized as a coordinated national effort overseen by the Chinese government.
- **Known Associations:** Linked to the strategic rise of China's technological and military capabilities over the last decade.
## Activity Summary
The article references "The Great Heist," a detailed account by former DIA officials David Shedd and Andrew Badger regarding a multi-year espionage campaign.
- **Recent Operations:** Ongoing efforts to bypass U.S. export controls and acquire advanced semiconductor technology.
- **Historical Context:** Decades of intellectual property (IP) theft used to bridge technological gaps between China and the United States.
- **Cyber Posture:** Persistence in U.S. networks despite shifting political administrations and defense strategies.
## Tactics, Techniques & Procedures
- **Intellectual Property Theft:** Large-scale exfiltration of proprietary research and trade secrets.
- **Economic Espionage:** Utilizing court documents and interviews to identify vulnerabilities in U.S. corporate and defense sectors.
- **Hybrid Methods:** The use of traditional human intelligence (HUMINT) combined with advanced cyber hacking.
- **Legal/Semi-Legal Acquisition:** Exploiting policy shifts to purchase advanced semiconductor chips or bypass Commerce Department restrictions.
- **Fictional Scenario Planning:** Used by the actor to model and execute complex, multi-stage infiltration operations.
## Targeting
- **Sectors:**
- Defense and National Security
- Technology (specifically Advanced Semiconductors)
- Research and Development (Intellectual Property)
- **Geography:** Primarily targeting the United States.
- **Victims:** U.S. government agencies, defense contractors, and advanced technology firms.
## Tools & Infrastructure
- **Malware Families:** Not specified in this high-level summary.
- **Infrastructure:** The article notes the erosion of the U.S. cyber posture, implying the actor utilizes persistent access points within U.S. critical infrastructure and governmental networks.
## Implications
- **Strategic Threat:** The scale of theft is described as having "eroded U.S. power," allowing China to achieve a technological rise that would have otherwise taken decades longer.
- **Threat Assessment:** The article suggests a high threat level, warning that current U.S. policy (as of the article's 2026 perspective) may be underestimating the actor's intent and capability by downplaying the "China threat" in national defense strategy.
- **Competitive Parity:** The actor’s success is leading to a closing gap in military and economic capabilities between the two nations.
## Mitigations
- **Policy Reinforcement:** Strengthening the Commerce Department’s ability to block technology transfers.
- **Defense-In-Depth:** Re-establishing and strengthening the U.S. cyber posture specifically against Chinese hacking groups.
- **Export Controls:** Maintaining rigid restrictions on the sale of advanced semiconductor chips to prevent military dual-use.
- **Counter-Espionage:** Utilizing insights from former intelligence officials (like those from the DIA) to identify and close gaps exploited during "The Great Heist."