Threat Inteliigence / OSINT / NETSEC / NATSEC

MPS - Ministry of Public Security of China and cyber policy

We have already dealt with military and civil the face of Chinese intelligence in the context of cyber operations. This time we will look at a service focused on more internal activities - the Ministry of Public Security. This organization was established in 1949 as a successor to the Central Department of Social Affairs. Functionally, its assumption was to ensure the overall internal security of China - from police work, through internal intelligence, fighting subversive elements and political opponents, as well as protecting Chinese elites and government buildings. Unlike the People's Liberation Army and the Ministry of State Security, the MPS has a statutory police and administrative character. It oversees the People's Police and local public security offices located in all provinces of China. Strictly speaking, it is these local offices that exercise authority over the police stations. This does not mean, however, that the activities of MPS are limited only to the territory of China. Further, although the creation of the MSS meant that the vast majority of intelligence and counterintelligence functions were transferred to the newly created institution, it would be a mistake to treat the MPS as strictly a police institution. In practice, the scope of activities and powers granted to the Ministry place them closer to national intelligence agencies characteristic of authoritarian states - ta police force whose purpose is to combat political enemies rather than to enforce the law. When it comes to foreign operations, in order to find out their genesis, we must go back to the times before the creation of the MSS, whenamach MPS operated the South China Office. This institution dealt with the intelligence and running of agents even penetrating the CIA or operating in Hong Kong and Shanghai. The creation of the MSS obviously influenced this function - the office was incorporated into the structures of the newly created intelligence. It can be assumed that some of its functions were taken over by two newly created institutions. These are the South Research Institute and the Guangdong office, which is part of the MPS Foreign Cooperation Bureau. There is no direct evidence of foreign operations conducted by them, but business connections where The Foreign Relations Office is a co-owner of companies conducting business research in Hong Kong and Macao, if family business Marshal Ye Jianying show that interest in external operations has not been abandoned. On the other hand, it was admitted that the officers participating in forced importation operations to China political opponents, were employees of MPS.

As befits such a wide range of responsibilities, the organizational structure of MPS is extensive and includes many departments:

Source: https://www.cambridge.org/core/books/abs/chinas-security-state/from-the-social-affairs-department-to-ministry-of-public-security/1254E42B177C97E3917634B9EFA8C075

As we can see, however, the functions and place in the organizational structure of Chinese intelligence will differ significantly from the functions of the PLA military intelligence and MSS operations. So what is the role of MPS in China's cyber operations ecosystem? Primarily due to its position in the Chinese political system, it plays a key role in shaping the state cybersecurity policy and the use of information technology to combat internal threats. Although the Ministry is theoretically subordinate to the State Council, in practice, strong personal unions mean that in practice the activities of the MPS are determined by the Politburo. Of the last five MPS managers, three were direct members of the Politburo and the remaining two were party secretaries.

One of the most visible manifestations of influence The MPS on PRC's approach to cybersecurity is introduced in the 2007 MLPS (Multi-Level Protection Scheme). This regulation has established five levels of classification of information systems dependent on how serious the consequences may result from unauthorized access to them or their damage. Thus, the first level concerns systems the failure of which may violate the rights of persons, legal entities and other organizations, but will not have negative consequences for national security, public order or public interests. The highest, fifth, category are systems the violation of which will cause very serious damage to national security. The regulation has significantly limited the possibility of including foreign companies in the state's critical infrastructure. From the third level upwards, the systems were based on national solutions for the key elements of the systems, and the underlying hardware was tested and certified by the Chinese Compulsory Certification Center. As the third level (damage to the systems may cause serious damage to public order, public interests, and national security) includes telecommunications solutions, systems used in the healthcare, banking and energy sectors, the scope of the systems covered may be very wide. In addition, MLPS required the cryptographic solutions used to be reported to the State Encryption Management Bureau for evaluation, which would require disclosure of intellectual property details. MLPS has recently undergone a reform and after two years of work in 2019, MLPS 2.0 came into force. Along with the reform, the regulation gained even stronger legislative power - the provisions requiring the state to apply and the entities subject to adaptation were included in the Cybersecurity Law of the People's Republic of China. MLPS 2.0 has also expanded its scope in line with the technologies that have emerged in the meantime. Therefore, it contains provisions regarding the Internet of Things, mobile Internet access, cloud services and industrial control systems. It is also worth paying attention to the extension of the subjective scope. While the first MLPS concerned government-controlled systems, Volo version 2.0 already covers all network operators. For foreign entities, regulation may have serious consequences in two areas. First, the control and certification procedures already mentioned may require access to intellectual property such as software source code. Secondly, adherence to MLPS 2.0 is mandatory for entities falling into a given classification category. Combined with the possibility of applying fines and enhanced supervision in the event of non-compliance, this gives MPS a very wide range of control over the technology used in China.

Another manifestation of the influence of the MPS on politics is a series of regulations z 2015, which also forced companies wishing to do business in China to release the source code for their products. However, this regulation turned out to be so harmful to business and relations between China and the United States that it was finally withdrawn from it in April 2015. It is worth noting that not only the Obama administration, but also representatives of Chinese companies were critics of the regulation. He commented on the matter Eric Xu, who was then the president of Huawei. He expressed a lot of skepticism towards the concept of relying solely on local products in the field of IT solutions. He noted that to ensure safety, it is necessary to use the latest technologies, as those available then from manufacturers in China can be compared to the work of elementary school students who would compete with university students. This position is definitely noteworthy, given how starkly opposed it was to the condescending policy of excluding foreign entities from the market.

Also the regulations introduced in 2018 by the MPS under the People's Police Law and Cybersecurity Law contributed to increasing the powers to control entities operating in the technology industry. Under these provisions, the police may inspect internet service providers for content that may infringe the law and pose a threat to public order, and perform special searches during "periods of serious network security tasks". During such inspections, the police may enter the rooms where data are processed, copy and view documentation, check the operation of network security mechanisms and request explanations regarding the operation of the systems. It is true that the People's Police, under the previously applicable regulations, could control security and security systems, but the codification of these powers with regard to network security issues shows the direction of the MPS in the field of sector control in China. It is worth mentioning that The ministry shares responsibility for critical infrastructure with the Chinese Cyberspace Administration. The introduction of regulations extending powers is often an element of bureaucratic disputes.

In the context of cyberspace administration and the organization of MPS, the activity of the eleventh office, known as Public Supervision of Information Network Security, is also interesting. His involvement is visible, for example, through participation in ISOC - Internet Society of China. ISOC is a non-governmental organization (although also called quasi-governmental) associating private entities, research and educational institutions, and its aim is to work on the most effective use of the Internet for economic and social purposes. One of the visible manifestations of ISOC's work was, for example, the Public Pledge of the Self-Discipline of the Chinese Internet Sector - criticized on the basis of human rights an agreement between the private sector and the Chinese government under which network service companies were to identify and not to allow the dissemination of content that threatens state security and social stability. At ISOC, the Ministry acts as a leading organization - in fact the most essential entity despite the theoretical equality of members. This position makes it possible to influence the shape of the Chinese technology market also through seemingly consensual regulatory forums.

Due to its place in the organizational structure of the Chinese government, the MPS plays a completely different role than MSS or PLA - its activities are mainly aimed at managing and combating threats inside China. However, in contrast to democratic countries where the functions of intelligence and operational intelligence activities are separated and legal conditions protect citizens from, for example, the unlimited use of operational materials in criminal proceedings, in China this border is much less clear. As the example of Operation Fox Hunt shows, countering political opposition and threats to the government takes a strong priority over an organizational structure that protects the right to a fair trial. Similarly, in the case of cyberspace administration, regulations such as MLPS or participation in ISOC are instrumental in nature, enabling the adjustment of the IT industry conditions to the political needs of CCPs. In this way, the MPS is difficult to consider as an entity unrelated to China's intelligence and military efforts, but rather is a political arm supporting cyber operations efforts from the political side of regulatory control.

Leave a Reply

Your email address will not be published. Required fields are marked *

en_USEnglish