“Our nation’s critical infrastructure sectors, such as energy, chemical and communications, are increasingly relying on UAS for various missions that ultimately reduce operating costs and improve staff safety,” David Mussington, executive assistant director for CISA’s Infrastructure Security, said in a memo that accompanied the report, titled “Cybersecurity Guidance: Chinese-Manufactured UAS.”

“However, the use of Chinese-manufactured UAS risks exposing sensitive information that jeopardizes U.S. national security, economic security, and public health and safety.”

“Urgent attention” must be paid to “China’s aggressive cyber operations to steal intellectual property and sensitive data from organizations,” Mr. Mussington added.

Chinese-made drones have long been a concern in the United States, particularly those made by China-based Da Jiang Innovations (DJI), which is the world’s largest manufacturer of commercial drones. In December 2020, the Commerce Department added DJI to its export control list for being complicit in the Chinese regime’s human rights abuses. Two years later, the Pentagon added DJI to its list of “Chinese military companies” that are operating directly or indirectly in the United States.

The FBI–CISA report doesn’t mention DJI or other Chinese UAS makers by name.

Chinese Laws

However, it highlights the risks associated with using Chinese-made drones by pointing to different Chinese laws, including the National Intelligence Law that took effect in 2017, which compels Chinese companies to hand over data collected within China and elsewhere to Beijing’s intelligence agencies.

“The 2021 Data Security Law expands the PRC’s access to and control of companies and data within China and imposes strict penalties on China-based businesses for non-compliance,” the report says, referring to China’s official name, the People’s Republic of China.

“The 2021 Cyber Vulnerability Reporting Law requires Chinese-based companies to disclose cyber vulnerabilities found in their systems or software to PRC authorities prior to any public disclosure or sharing overseas,” the report adds.

“This may provide PRC authorities the opportunity to exploit system flaws before cyber vulnerabilities are publicly known.”

The report points out three major vulnerabilities that Chinese-made drones can exploit: data transfer and collection, patching and firmware updates, and a broader surface for data collection. Drones controlled by smartphones and other internet-of-things devices could allow foreign intelligence gathering on U.S. critical infrastructure.

Sensitive imagery, surveying data, and facility layouts are some of the vulnerable data that “allow foreign adversaries like the PRC access to previously inaccessible intelligence,” according to the report.

“Without mitigations in place, the widespread deployment of Chinese-manufactured UAS in our nation’s key sectors is a national security concern, and it carries the risk of unauthorized access to systems and data,” Bryan Vorndran, assistant director of the FBI’s Cyber Division, said in a statement.

The memo encourages owners and operators of U.S. critical infrastructure to buy drones that are “secure-by-design,” including those made by U.S. companies. The report provides several cybersecurity recommendations.

Responses

Rep. Elise Stefanik (R-N.Y.), chairwoman of the House Republican Conference, and Rep. Mike Gallagher (R-Wis.), chairman of the House Select Committee on the Chinese Communist Party (CCP), issued a joint statement in response to the report.

“The new Cybersecurity and Infrastructure Security Agency report makes clear that Communist Chinese drones present a legitimate national security risk to our critical infrastructure and must be banned from the U.S.,” the lawmakers stated.

“The CCP has subsidized drone companies such as DJI and Autel in order to destroy American competition and spy on America’s critical infrastructure sites. We must ban CCP-backed spy drones from America and work to bolster the U.S. drone industry.”

Last November, a bipartisan group of 11 House lawmakers, including Mr. Gallagher and Ms. Stefanik, sent a letter to the Biden administration, calling for an investigation into Chinese drone maker Autel Robotics, citing national security concerns. The group said the firm is openly affiliated with the Chinese military and “poses a direct threat to U.S. national security as local law enforcement and state and local governments are purchasing and operating Autel drones.”

Mr. Gallagher and Ms. Stefanik also introduced the Countering CCP Drones Act (H.R.2864) in April 2023 to prevent DJI technologies from operating on U.S. communication infrastructure.

Sen. Mark Warner (D-Va.), chairman of the Senate Intelligence Committee, advised people interested in purchasing Chinese-made drones to read the security report.

“For years, I’ve been concerned about the security risks associated with drones, including those made in the PRC,” he wrote in a post on X, formerly Twitter. “This memo represents a good first step to studying that, and I hope anyone considering purchasing a Chinese drone reads it carefully.”

But the censorship industrial complex builds algorithms, not bombers. The players aren’t Raytheon and Boeing, but social media companies, tech startups, and universities and their institutes. The foes to be dominated are American citizens whose opinions diverge from government narratives on issues ranging from COVID-19 responses to electoral fraud to transgenderism.

When first exposed a few months ago, many of the actors and their media defenders perversely claimed that they, as private entities, were acting out of concern for “democracy” and exercising their own First Amendment rights.

However, the records and correspondence of an advisory committee to an obscure government agency tell a different story. The Functional Government Initiative (FGI) has obtained through a public records request documents of the Cybersecurity Advisory Committee of the U.S. Cybersecurity & Infrastructure Security Agency (CISA). The committee was composed of academics and tech company officials working with government personnel in a much closer relationship than either they or the media want to admit. Several advisory committee members who appear throughout the documents as quasi-federal actors are among those loudly protesting that they were private actors when censoring lawful American speech (e.g., Kate Starbird, Vijaya Gadde, Alex Stamos).

But the advisory committee members met often and worked so closely with their government handlers that the federal liaison to the committee regularly offered members his personal cell phone and even reminded them to use the committee’s Slack channel. Your average concerned citizen doesn’t have a Homeland Security bureaucrat on speed dial.

What were they working on? CISA’s “Mis-, Dis-, and Mal-information” (MDM) subcommittee discussed Orwellian “social listening” and “monitoring,” and considered the government’s best censorship “success metrics.” Who was to be censored? CISA was formed in response to misinformation campaigns from foreign actors, but it evolved toward domestic “threats.” Meeting notes record that Suzanne Spaulding of the Center for Strategic and International Studies said they shouldn’t “solely focus on addressing foreign threats … [but] to emphasize that domestic threats remain and while attribution is sometimes unclear, CISA should be sensitive to domestic distinctions, but cannot focus too heavily on such limitations.” So CISA should combat “high-volume disinformation purveyors before the purveyor is attributed to a domestic or foreign threat” and not worry so much about First Amendment niceties.

More telling is the group’s attitude toward what it called “mal-information” – typically information that is true, but contrary to the preferred narratives of the censor. Dr. Starbird wrote in an email, “Unfortunately current public discourse (in part a result of information operations) seems to accept malinformation as ‘speech’ and within democratic norms …” Therein lies a dilemma for the censors, as Starbird wrote: “So, do we bend into a pretzel to counter bad faith efforts to undermine CISA’s mission? Or do we put down roots and own the ground that says this tactic is part of the suite of techniques used to undermine democracy?”

It is chilling that there is no consideration of whether the information is true or of the public’s right to know it. “Democracy” in this formulation is whatever maintains the government’s narrative.

Accordingly, the group discussed recommendations for countering “dangerously inaccurate health advice.” It contemplated the roles of the FBI and Homeland Security in addressing “domestic threats,” and a CISA staffer felt the need to remind the subcommittee “of CISA’s limitations in countering politically charged narratives.”

CISA couldn’t censor all the people the advisors wanted. And it could face the same outrage that greeted President Biden’s Disinformation Governance Board, led by singing censor Nina Jankowicz. Americans didn’t want that body deciding what they could say, and Biden shut it down within three weeks. CISA’s advisers were acutely aware their work could be conflated with that of the DGB, and even considered changing the name of the MDM subcommittee. Dr. Starbird noted in an email that she’d “removed ‘monitoring’ from just about every place where it appeared” and made “other defensive word changes/deletions.” Similarly, Twitter’s Vijaya Gadde “cautioned the group against pursuing any social listening recommendations” for the time being.

The group also sought cover from outside and inside the government. They spent an inordinate amount of time talking about “socializing” the committee and its work – something DGB apparently hadn’t done. And like a partisan campaign, they looked for natural allies. Meeting notes record that they sought to “identify a point of contact from a progressive civil rights and civil liberties angle to recruit as a [subject matter expert].”

A government committee that seeks partisan allies, obfuscates its purpose, and can’t even be honest about the nature of its members’ participation is going to sort out online truth for Americans? Welcome to the Censorship Industrial Complex.