Chinese Industrial Espionage in Europe and UK

Europe under Threat from Industrial Espoinage

Chinese state-backed hackers have carried out a sustained, escalating cyber campaign across Europe from 2020–2025 that goes beyond simple espionage. These operations have targeted vaccine research, government and parliamentary networks, telecom and cloud infrastructure, and critical systems to enable long-term surveillance, coercion and potential sabotage. The pattern poses a strategic threat to European sovereignty, democratic processes and critical infrastructure, creating a dilemma for the EU as it contemplates deeper economic and political ties with China.

Key points

• 2020–2021: High‑impact breaches (e.g., Hafnium/APT31 exploiting Microsoft Exchange) targeted governments, research institutions and vaccine labs to steal sensitive data and monitor policymakers.
• 2023–2024: Attacks shifted toward deeper infrastructure infiltration (telecoms, supply chains) by groups like Volt, Salt, Flax Typhoon, enabling indirect access to power grids, hospitals and other critical systems.
• 2025: Continued operations included attempts to access diplomatic communications and compromise cloud/third‑party vendors to implant backdoors for future exploitation.
• Strategic intent: The campaign appears coordinated and long-term, aiming to gather intelligence, influence policy, and retain the ability to disrupt or coerce during crises.

Some Recent Chinese Espionage Cases in Europe

European countries have recently arrested several Chinese nationals on espionage and cyber-espionage charges, raising concerns about coordinated intelligence activity linked to China. Cases include long-term document transfers from a German parliamentary aide, spying on dissidents, photographing military sites, attempts to obtain missile information in Ukraine, and alleged theft of vaccine research tied to a China-linked hacking group. Governments and intelligence agencies across the EU, Sweden, Greece, Switzerland, Italy, Ukraine and allied cybersecurity bodies have warned about growing risks from both human intelligence and commercial cyber actors connected to Chinese state interests; Beijing denies the accusations.

Key points

• Jian Guo (Germany) convicted for transferring sensitive EU/German documents to China since 2002 and for spying on dissidents; sentenced to 4 years 9 months.
• Other arrests: Yaqi X (Germany) convicted for stealing military-related information; a Chinese man in Sweden suspected of spying on Uyghurs; a student and his father in Ukraine accused of targeting missile info; four Chinese nationals in Greece photographed Tanagra Air Base.
• Cyber cases: Xu Zewei arrested in Italy wanted by the U.S. for alleged theft of vaccine research and ties to a state-linked cyber group (Silk Typhoon); three Chinese tech firms named in a joint advisory for running cyber-espionage campaigns supporting Chinese intelligence.
• Western agencies (Germany, Sweden, UK NCSC, allied cybersecurity advisory) warn these activities combine human and cyber methods and pose political, military and economic security threats; China denies allegations and calls them a “Cold War mindset.”

Chinese Support of Russia in Ukraine War

Additional complications against EU interests are that China has increasingly bolstered Russia’s war in Ukraine through trade, finance, dual-use exports, intelligence, and coordinated disinformation, weakening Western sanctions and prolonging the conflict. European and U.S. leaders urgently need coordinated, stronger measures — including targeted sanctions, financial controls on yuan-denominated flows, interdiction of dual-use supply chains, and expanded security cooperation across democracies — to close loopholes and deter Beijing–Moscow alignment.

Key points

• Beijing’s economic and financial ties sustain Russia: bilateral trade is near-record levels, yuan usage in Russian external trade has surged, and Chinese entities are implicated in large-scale sanctions evasion.
• Dual-use and military-related transfers: Chinese components (optics, machine tools, batteries, cables) and covert shipments have been found in Russian drones, missiles, and defense production; satellite intelligence sharing and technician exchanges amplify Moscow’s capabilities.
• Hybrid threats and information operations: China and Russia coordinate cyber espionage, attacks on undersea infrastructure, and disinformation—now including generative-AI driven fake news—to degrade European cohesion and resilience.
• Western policy gaps: Current EU and U.S. measures lag behind the challenge; stronger, coordinated actions are needed — secondary sanctions, blacklisting Chinese firms, monitoring yuan clearing, and targeting banks and exporters facilitating Kremlin supply.
• Broader security response: Europe should deepen cooperation with Japan, South Korea, Australia, Taiwan and allies on supply-chain policing, cyber intelligence sharing, and maritime/undersea infrastructure protection to counter the Beijing–Moscow strategic partnership.
• Policy dilemma: The EU faces a contradiction between pragmatic engagement with China and the security risks of deeper integration; response options include stronger defenses, closer ties with trusted allies, and real consequences for cyber aggression.

Chinese Espionage Particularly High in the Netherlands

Dutch Defence Minister Ruben Brekelmans warned that Chinese espionage targeting the Netherlands is intensifying, with a particular focus on the semiconductor industry. He said Dutch intelligence identifies China as the biggest cyber threat, citing continued state-linked cyber activity and past breaches of military networks. The Netherlands is adopting protective measures and urges reduced dependency on China for critical raw materials at both national and EU levels.

European semiconductor research is under growing threat from state-backed Chinese espionage that targets chip designs and R&D. That is why the Netherlands is being targeted. High-profile intrusions at companies like NXP and ASML (both located in the Netherlands), plus attempts against research centers such as IMEC, have prompted the EU to boost research-security measures while investing €3.3 billion in advanced-chip R&D. Proposed and ongoing responses include risk assessments, a Research Security Advisory Hub, closer intelligence–university cooperation, staff screening and training, and strengthening domestic capabilities across the semiconductor value chain to prevent IP theft and hidden vulnerabilities that could threaten economy and defense.

Key points:

• China increasingly targets Dutch technology sectors, especially semiconductors, to obtain intellectual property.
• Chinese state-affiliated hackers have conducted prolonged intrusions into European semiconductor firms (e.g., NXP) and research centers, exfiltrating sensitive design data for greater than 2.5 years.
• Dutch intelligence reported state-backed cyber intrusions, including access to a Dutch military network in 2023.
• Brekelmans described China as the main source of cyber threats against the Netherlands and said the activity is intensifying.
• The Netherlands has introduced tools to protect key industries and calls for steps (nationally and within the EU) to lessen reliance on China for critical materials.

Threats from Chinese EVs and Green Technology

Some UK military sites, including RAF Wyton, are restricting electric vehicles (EVs) — particularly those with Chinese-made components — from parking near sensitive areas over fears sensors, battery systems or onboard electronics could be exploited for espionage. The Ministry of Defence says there is no single central ban but individual sites may have stricter rules and that security procedures cover threats from all vehicle types. The move aligns with wider Western concerns about Chinese technology in critical infrastructure.

Key points

• RAF Wyton has told staff to avoid parking EVs near the base amid worries vehicle sensors and electronics could be remotely monitored.
• The MoD declined to publish a full list of affected sites, saying policies vary locally and are kept confidential for security.
• Most EVs contain some Chinese parts (batteries, sensors), prompting concern that components (battery management units, diagnostics, cameras) might leak telemetry, location or audio data.
• The action reflects broader measures against certain Chinese technologies (e.g., Huawei 5G restrictions) and follows guidance to avoid sensitive conversations near smart tech in vehicles.

In addition, the US warned the UK about plans to allow Mingyang, a major Chinese wind turbine maker, to build a factory in Scotland to supply North Sea wind farms, citing national-security and cyber-espionage concerns. The UK is reviewing whether to block the investment under national-security powers amid wider worries about Chinese firms’ involvement in critical UK energy and industrial supply chains. Supporters say Mingyang would boost the UK’s floating-wind ambitions and create jobs; opponents point to risks of dependence on Chinese technology and possible surveillance, while ministers balance energy goals, jobs, and relations with Beijing and Washington.

Key points

• Washington alerted London to potential national-security risks from a Mingyang factory in Scotland; the US has raised similar concerns with Germany.
• The UK government is reviewing whether to block the investment under the National Security Investment Act; security services are assessing China’s role in the energy system.
• Supporters argue Mingyang would help deliver floating offshore wind projects, supply chains, and jobs; critics warn of dependency, unfair competition and sensor-based surveillance risks.
• The issue follows other China-related controversies (e.g., Jingye/Scunthorpe steel) that have increased UK caution; devolved Scotland is open to investment but awaits Westminster security rulings.
• UK ministers must balance accelerating clean-energy deployment and industrial revitalisation with national-security scrutiny and diplomatic implications for relations with Beijing and the US.

Are Some Allies Too Soft on the China Threat: UK

 The failed prosecution of two British men accused of spying for China has exposed gaps in the UK’s ability to address Chinese espionage and influence operations. While legal cases are difficult and prosecutions a last resort, the broader problem is systemic: China’s global reach, resources and ambition create a “whole-of-system” intelligence challenge that the UK must meet through prevention, better awareness and stronger institutional resilience across government, parliament, local authorities, business and universities.

The dropped prosecution highlighted evidentiary and operational limits of pursuing espionage in court and showed the damage may be hard to reverse once suspicions arise. In addition, China is both a major economic partner and a systemic rival; its scale, technology and party-directed approach create unprecedented intelligence and interference risks. In the UK, parliamentary and local government have vulnerabilities (inexperienced staff, high turnover, local economic ties) make them prime targets for influence operations. Finally, all UK businesses and universities face trade-offs between collaboration benefits and risks of access to technology, data and influence; improved guidance and investment in knowledge and protections are needed.

The security threat China poses to the UK goes well beyond classic Cold War–style spying. Recent high-profile legal failures, such as the dropped case against Christopher Cash and Christopher Berry, highlight confusion about how to define and prosecute modern Chinese intelligence activity. Beijing’s approach combines traditional human espionage, large-scale cyber operations, transnational repression of dissidents, political influence campaigns, and economic-driven theft of intellectual property — all complicated by deep economic ties that make Britain reluctant to sever links.

Key points

• China uses both traditional espionage and broader tools: human intelligence, cyber campaigns (e.g., Salt Typhoon), and bulk data collection to build vast datasets useful for intelligence and AI.
• Political influence and transnational repression are central aims: cultivating politicians, infiltrating institutions, and targeting dissidents and activists in the UK.
• Economic espionage targets academia, industry and supply chains to support China’s economic and technological rise; this blurs lines between commercial and security concerns.
• Dependence on Chinese technology and markets (e.g., telecoms, green tech, critical minerals) creates vulnerabilities and makes blanket restrictions impractical, forcing a difficult balance between security and economic interests.
• The UK’s response is hampered by outdated laws, inconsistent messaging, and the challenge of crafting a clear China strategy that manages risks without losing economic engagement.