UNCLASSIFIED

against those who engage in a range of intelligence activities directed against U.S. interests and objectives at home and abroad.

To counter continuing espionage and other foreign intelligence threats against America's national security secrets, and to deal with these new challenges, the United States requires a national, systematic perspective and coherent policies, including a strategic counterintelligence response. It is for exactly these reasons that the Congress created the position of the NCIX. The CI Enhancement Act of 2002, which established my office, directs that the NCIX head national counterintelligence for the U.S. government, subject to the direction and control of the Director of National Intelligence. As NCIX, I chair the National CI Policy Board, which is the principal mechanism for developing policies and procedures for the approval of the President to govem the conduct of CI activities. I also lead a 64-person Office of the National Counterintelligence Executive (ONCIX), which is now within the office of the DNI.

ONCIX has the core mission of providing strategic direction to the nation's counterintelligence efforts overall. Specifically my office is responsible for:

· Developing the National CI strategy, an unprecedented effort in the annals of U.S. counterintelligence.

Providing annual assessments of the foreign intelligence capabilities of our adversaries and the threat they pose to the United States.

• Overseeing and coordinating strategic analyses on critical CI issues, as the threat, technology, and our interests and vulnerabilities continue to evolve.

Drafting assessments to gauge and help remediate the damage inflicted by the spies we have caught, such as Ames, Hanssen and Montes.

Developing and setting priorities for Cl collection requirements across the Community. Developing policies and standards for training and educating CI professionals in the challenging art and tradecraft of CI.

• Fostering heightened public awareness of basic CI threats to our nation.

Providing budget guidance for the CI Community to ensure that the nation's resources are focused on the key CI tasks outlined in the National CI Strategy.

Nearly 140 nations and some 35 known and suspected terrorist organizations currently target the United States for intelligence collection through human espionage and by other means. Their purposes are many: to steal our national security secrets to support their war aims or terrorist objectives, or to undercut us in foreign policy or commerce, or to exploit what they learn of our intelligence capabilities to hide their actions or mislead us. If left unanswered, their success could come at dear cost, putting in jeopardy U.S. operations, military and intelligence personnel, and Americans at home.

Effective counterintelligence is a strategic imperative to protect American lives and operations and to support the advance of freedom.

UNCLASSIFIED

UNCLASSIFIED

In March of this year, the President approved the nation's first National CI Strategy, which I would like to submit for the record. Its purpose is to direct and unify U.S. counterintelligence activities to achieve strategic objectives in support of the nation's security. The Strategy speaks directly to the critical issues that are before this Committee today: protecting critical U.S. technologies, trade secrets, and sensitive financial or proprietary economic information from foreign collectors.

The foreign theft of sensitive dual-use and military technologies has eroded the U.S. military advantage by making dangerous technology available to our adversaries. In addition, it has degraded the U.S. Intelligence Community's ability to provide information to policymakers, and it has undercut the competitiveness of U.S. industry by allowing foreign firms to acquire, at little or no cost, technology that U.S. firms spent hundreds of millions of dollars developing.

Stopping the illicit foreign acquisition of sensitive U.S. technologies must be addressed through a combination of national security tools: export control laws, diplomatic measures, industrial security arrangements, limits on foreign investment in strategic U.S. industries, and counterintelligence.

It is the job of U.S. counterintelligence to identify the foreign intelligence hand orchestrating efforts to acquire sensitive U.S. technologies. The primary focus of CI is to defeat the efforts of foreign intelligence services to acquire U.S. national security secrets. It is also our job to support larger national policy efforts to stem the outflow of sensitive technologies. My office was created, in part, to contribute this essential Cl policy piece to our nation's national security and homeland security objectives.

Sensitive U.S. technologies-those that both underpin the U.S. economy and contribute to U.S. military prowess—remain prime targets for foreign acquisition, both lawful and illegal. To this end, foreign companies, scientists, academics, and others see the acquisition of U.S. technology as key to advancing their economic and military interests.

A World of Increased Foreign Access to Sensitive U.S. Technology and Trade Secrets

The globalization of the U.S. economy and the explosive growth in technology, especially information technology (IT), have been double-edged swords. Some of the very factors that have significantly contributed to U.S. economic growth and technological progress have at the same time facilitated foreign entities' technology acquisition efforts against us. For example:

Our general culture of openness has provided foreign entities easy access to sophisticated technologies. Each year, for example, we allow tens of thousands of official foreign visitors into U.S. Government-related facilities such as military bases, test centers, and research laboratories. Some of these visitors are dedicated to acquiring U.S. technology and know-how not otherwise available.

UNCLASSIFIED

UNCLASSIFIED

American colleges and universities, centers for high-tech development, employ large numbers of foreign born faculty and train large numbers of foreign students, many of whom will return to their home countries. For example, an increasing number and share (approaching 30 percent) of science and engineering faculty employed at U.S. universities and colleges are foreign born, according to National Science Foundation statistics. Moreover, the most recent data available indicate that about 40 percent of the PhDs awarded by U.S. universities in technical sciences and engineering roughly 8,000 per year now go to foreign students. The vast majority of these students are legitimately studying and advancing academic pursuits. But some are not.

· Breathtaking advances in IT have vastly simplified the illegal retrieval, storage, and transportation of massive amounts of information, including trade secrets and proprietary data. Compact storage devices the size of a finger and cell phones with digital photographic capability are some of the latest weapons in technology transfer as are the tools of cyberspace.

Sophisticated information systems that create, store, process, and transmit sensitive information have become increasingly vulnerable to cyber exploitation. Many nations have formal programs for gathering our networked information, and foreign competitors are developing the capability to exploit those vulnerabilities.

Globalization has mixed foreign and U.S. companies in ways that have made it difficult to protect the technologies these firms develop or acquire, particularly when that technology is required for operations overseas. In 2004 alone, according to the Department of Commerce, foreign investment in the United States amounted to more than $100 billion. A couple of the notable foreign acquisitions of U.S. high-tech companies in the past few years include the purchase of fiber optic network provider Global Crossing by Singapore Technologies and the more recent takeover of IBM's personal computer business by China's computer giant Lenovo.

The Major Threats

Given the access that foreigners have to U.S. technology and the importance of that technology to their economic and military development, it should be no surprise that individuals from many countries are involved in the creative acquisition of U.S. technology including theft. In FY2004 alone, the CI Community tracked efforts by foreign businessmen, scientists, academics, students, and government entities from almost 100 countries to acquire sensitive U.S. technologies.

In order to discuss in detail the specific countries involved in this technology transfer, we would need to go into closed session, but a couple of points about the collectors are notable. First, while the number of countries seems large, in fact, most of the activity was conducted by individuals from a very few locations. The top 10 collectors, for example, probably accounted for 60 percent or so of the suspicious foreign collection efforts against U.S. cleared defense contractors last year, according to reporting from the Defense Security Service. The countries in

UNCLASSIFIED

UNCLASSIFIED

that top-10 list are a diverse group. They include some of our closest allies as well as some of our adversaries. Among them are countries where per capita income levels are high as well as those at the other end of the scale. Two countries that always rank near the top of the list and that are frequently cited in the press are, of course, China and Russia.

It is difficult to determine how much of the theft of U.S. sensitive technology is being directed by foreign governments and how much is simply being carried out by private businessmen, academics, or scientists for purely commercial or scientific reasons. Importantly, in many cases we do not know how much of a nexus there is between the private and public sectors that are targeting our technologies. Anecdotal evidence and incomplete statistical information indicate that much trade secret and technology theft takes place without direct intervention by foreign governments, though most foreign governments that are involved do not discourage such theft and themselves often benefit from the transfers. It is clear, however, that the major threat countries continue to employ state organs—including their intelligence services—as well as commercial enterprises, particularly when seeking the most sensitive and difficult to acquire technologies. In addition, we note that a number of countries have begun to establish institutions at home and in the United States to take full advantage of technology acquired by private citizens working or studying here.

The Methods of Operation

We face significant intelligence gaps in understanding how foreign nations collect against U.S. technology. But there are a number of things the CI Community can say with confidence about the perennially serious problem of state-sponsored industrial espionage. For example, we know that a number of the major foreign intelligence agencies have:

Dedicated programs whose primary task is technology acquisition. These programs often involve the use of front companies, which operate surreptitiously.

"Laundry lists" of targeted technologies and specific strategies for acquisition. Where an entire system cannot be acquired, foreign intelligence services may attempt to steal component parts.

Arrangements to share technology that has been both legally and illegally acquired with other countries' intelligence and security services, even when the sharing of that technology is itself illegal.

Overall, the techniques used to acquire sensitive U.S. technologies are far broader than those traditionally associated with espionage. In the case of China, for example, its national-level intelligence services employ a full range of collection methodologies, from the targeting of wellplaced foreign government officials, senior scientists, and businessmen to the exploitation of academic activities, student populations, and private businesses. The Chinese intelligence efforts take advantage of our open economic system to advance China's technical modernization, reduce the U.S. military advantage, and undermine our economic competitiveness. Let me highlight for

UNCLASSIFIED

UNCLASSIFIED

you some of the relatively new methods that China and other state and non-state collectors sometimes use to gain access to our technology. As might be expected, the techniques that are easiest to use, least expensive, and lowest risk are the ones first and most often employed.

For example, in a majority of cases, foreign collectors simply ask—via e-mail, phone call, FAX, letter, or in person—for the information or technology. When a foreign request for U.S. technology is either refused by a U.S. company or the U.S. firm asks the foreign firm to apply for an export license, the foreign company often simply breaks off communication and looks for another possible U.S. seller. With search costs extremely low, the foreign firm can afford to continue looking until it locates a U.S. company that either does not understand the export licensing requirements or is willing to ignore them in order to make the sale.

Another common technique employed by foreign entities is to exploit visits to U.S. businesses, military bases, national laboratories, and private defense suppliers. Recognizing the mutual benefits of an unhindered exchange of information, the United States opens its military bases, national laboratories and private defense suppliers to foreign visitors. Even foreign students and academics visiting U.S. universities where high-tech experiments are underway can present problems. The CI Community receives incident reports about foreign experts wandering into restricted areas, peppering U.S. researchers or scientists with questions well outside the range of issues they are supposed to discuss, and taking photographs of sensitive equipment that the foreign experts are not supposed to see.

The losses that result from such visits can be significant. Such foreign visitors are often among their nations' leading experts and, as such, may be much more effective at extracting sensitive information than would be traditional foreign intelligence officers. Specialists know their countries' or companies' specific technological gaps and can focus their collection efforts directly on the critical missing information. Finally, such experts are also in a position to recognize and exploit information that may be inadvertently exposed during visits.

And the technology losses to long-term foreign visitors can be even more significant than those to foreign experts making shorter visits. For one thing, overseas specialists who stay on site for extended periods of time become familiar with, and learn to circumvent, the security procedures meant to limit their access to sensitive technologies. This is particularly true of cyber security procedures. A long-term presence may allow visitors time to acquire passwords and to learn where on hard drives sensitive information is stored. Whereas short-term visitors are viewed as strangers on sensitive sites, long-term visitors become part of the landscape. Their activities naturally receive less notice, which enables them to wander into sensitive areas without attracting undue attention.

Increasingly the CI Community is most concerned about cyber tools being used in efforts to extract sensitive information. The insider threat-an individual with access to a U.S. firm's computer system but actually working for a foreign entity-is, of course, of most concern. But the Community is also worried about other cyber exploitation techniques, including probing, scanning, phishing, spamming, virus dissemination and the use of sophisticated hacking tools,

UNCLASSIFIED