The Department of Defense has updated 1260H, National Defense Authorization Act of 2021, adding over two dozen Chinese companies believed to be engaged in aiding Beijing’s military. The list is intended to counter the People’s Republic of China’s (PRC) Military-Civilian Fusion strategy, which seeks to provide information and technology gained by civilian businesses within the PRC to the People’s Liberation Army (PLA.)
Newly added companies to the list, which can be found on the Department of Defense’s website, include artificial intelligence company Megvii, lidar maker Hesai Technology, tech company NetPosa, memory chip maker YMTC, China Three Gorges Corp, China Construction Technology Co, Yitu Network Technology and publicly traded companies Chengdu JOUAV Automation Tech Co, Chengdu M&S Electronics Technology Co, Guizhou Aviation Technical Development Co. And ShenZhen Consys Science & Technology Co.
While a company’s placement on the list doesn’t result in immediate sanctions or trade bans with U.S.-based companies, a revision to the 2024 National Defense Authorization Act prohibits the Defense Department under Section 805 from contracting with the named businesses in coming years. According to the Deccan Herald, placement on the list may impact civilian trade despite the lack of a ban.
“The Defense Department’s updated 1260H list underscores China’s unwavering commitment to its military-civil fusion strategy,” said Craig Singleton, a senior fellow at the Foundation for Defense of Democracies. ” Being listed on 1260H poses major reputational risks to Chinese companies,” he added, noting that some Chinese firms have tried to be removed from the list.
The update occurred the same day FBI director Christopher Wray issued a warning regarding the threat of Chinese-backed attacks on U.S. infrastructure during a House Select Committee meeting.
According to NBC News, Wray testified that “China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike.” During Wray’s testimony, the FBI and Justice Department disclosed that a Chinese-based hacking operation known as ‘Volt Typhoon” had been disabled. The operation infected hundreds of office and home routers with botnet malware that targeted critical infrastructure. “The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation, and water sectors — steps China was taking, in other words, to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous,” Wray said. Most of the routers infected by the virus were older models no longer protected by manufacturer security patches.