Actually, through professionals I’ve met, whose companies do manufacturing business in China, I understand that it works approximately like this:
-
The PLA runs military colleges which basically teach hacking. A lot of the stolen IP from US companies is done by teams of students. They don’t really hide this, if you’ve ever done IP lookups based on brute force attacks on your servers.
-
Once they steal the IP, they have to give it to companies somehow so that company can have plausible deniability. Enter the world of boutique consulting companies. There’s a lot of these tiny consulting companies which are far too small to deliver the stuff they deliver. But a contract would go like this:
-
A company that makes phones wants to come out with a great new phone that directly competes with another foreign company.
-
So the Chinese company goes to a contractor who has maybe 5 people who work for it. They say, “We’d like to outsource the design and development of a new phone”. Contractor says OK.
-
Some weeks go by, and the contractor delivers the design specifications and source code of an entirely new phone, wrapped up in a bow.
-
That phone may closely resemble, and contain the same firmware bug as the (as yet unreleased) phone by the American company. But the Chinese company, if asked, has paperwork to prove undeniably that they outsourced the work, and any resemblance is incidental.
