In our new report, Inside China’s Talent Acquisition Ecosystem, the DTEX i³ team looks at how China builds capability over time, focusing on it through an insider threat perspective. This is the first iteration, in a four-part series, on China’s talent acquisition ecosystem and how that system supports national priorities like science, technology, and defense. The goal of this first report is to frame the system before moving into specific programs, use cases, and other areas of note.
A useful place to start is to go to the end result and work our way backwards. We do this by highlighting China’s military parade from September 2025. China uses these events as a demonstration of projected power, displaying advanced aircraft, missiles, and other high-end systems. That hardware gets most of the attention, however, the more relevant part came years earlier. Some of these displayed capabilities required scientists, engineers, research institutions, funding, and long-term direction. That idea, and how overseas talent aided in this endeavor, is the main part of what this series stays focused on as we break it apart in a digestible manner.
A system built over time
China’s overseas talent acquisition is not a single case or the full directive to the operational apparatus but, rather, a key part in its execution. For this, China’s pursuit and aim for foreign talent are better understood as a system.
National policy at the highest levels sets the direction with milestones set in 2027, 2035, and 2049, for example. Provincial and municipal governments turn that into their own plans, funding, and recruitment targets. Universities, research institutes, and companies carry the work forward through appointments, labs, and research projects. Over time, that structure absorbs expertise and builds the replicating blueprint for other efforts within China’s borders. Sectors such as AI, advanced semiconductors, energy vehicles, and many others are all part of those sought after items.
This is not a single pipeline, but rather a layered system operating at the same time across multiple levels. Individuals can move across those levels while staying aligned to the same priorities.
Where risk actually forms
These activities rarely start with anything unusual at first and can begin with professional opportunities like a research role, collaboration, or a funded project. None of those are out of place as they are standard across academia and industry. The change happens as access, funding, or affiliations begin to overlap and gradually align with foreign priorities over time.
Participation tends to come first with obligations and expectations built after. By the time risk becomes visible, the relationship has already been firmly planted sometimes many years prior.
Program names do not tell the full story
Attention has been given to named programs, like the Thousand Talents Program. That visibility is useful for awareness, but it does not represent the full and developing system.
As scrutiny increased on this particular program, references to it and others like it became less visible. The structure did not go away, it shifted into local initiatives, institutional roles, and newer recruitment pathways all under new banners. Attention to program names can be useful, but it creates the impression that risk is limited to a defined set of initiatives rather than distributed across a broader and more adaptive ecosystem. The underlying activity continues, often under new labels or structures, with visibility that frequently lags behind the reality of how the system operates.
Access before outcome
Many organizations are well positioned to investigate theft of sensitive information. They and many more organizations are less prepared to understand how China has leveraged systems and embedded processes years before the information gained is then operationalized for the benefit of the nation.
A researcher can have legitimate access to sensitive work, an engineer can be working in a priority field, or a professor can have concurrent academic appointments. These in and of themselves are not the issue.
The risk forms when that access sits alongside outside funding, obligations, or roles that are not fully visible and slowly begin to develop. A quick example is Charles Lieber, a professor employed at both a Western and a Chinese institution simultaneously. Decades of expertise and millions of dollars in Western grants to build a laboratory transitioned to a “Shadow Lab” quickly cloned at a Chinese university.
Early signals are usually administrative, such as funding disclosure gaps. Some can be overlapping commitments or external “advisory” roles that do not align cleanly. This type of activity would appear far before anything shows up in security tooling such as a breach or exfiltration of information.
From national directive to industrial capability
One of the clearer top to bottom examples in the report follows this path across a single line of effort.
China’s national push for domestic computing capability and technology self-reliance moves into provincial policy in Zhejiang Province. From there, the effort is carried into the area’s Binjiang district through local government activity and partnership tied to Huawei and AI efforts.
That is where overseas talent acquisition comes into play.
Chinese universities and local programs recruit and place overseas talent into this environment. In this case, Zhejiang University through its Binjiang Research Institute plays that role, recruiting targets that are set at the provincial level. Institutions then identify candidates, bring them in, and place them inside labs, projects, and centers tied to those priorities.
The Zhejiang University Binjiang Research Institute operates the Zhejiang Kunpeng Ecological Innovation Center, and this is the physical, sustainable outcome of this entire process. This center was built as a partnership between the local government and Huawei, where the overseas-trained experts work with local companies to rewrite their software so it runs seamlessly on Huawei’s native Kunpeng CPUs instead of American chips.
By training thousands of engineers and local businesses contributing, China secures its infrastructure against foreign sanctions, perfecting a localized blueprint that is duplicated across other provinces and national priorities to create a self-sufficient ecosystem. This case here is all just one example showing the plan in action.
Why this matters now
Talent programs are a multipronged intelligence approach sitting alongside other forms of activity.
They operate in parallel with cyber and other collection efforts, each playing a different role.
Talent acquisition works through access and presence over long periods of time. Cyber activity can be event-driven and technical. Treating those as the same problem will lead to missed signals.
This also connects to how different systems define ownership. In the West, research output is treated as intellectual property. In China, that output is framed as contributing to national development. That difference shapes how these programs are structured and how long-term access is used.
The result is accumulation over time that poses significant risk to Western economic security and disrupts the balance of technological and military competitiveness.
This is part of a larger series
This is the first report in a four-part series with the next focusing on the Thousand Talents Program as a case study, and exploring how that model worked in practice.
The third report moves into newer and less visible recruitment activity across provinces and the targeted sectors.
The final closes on why these risks are often identified too late, the limits of retrospective indicators, and the gap between early warning and post‑incident response.
Taken together, the series lays out the talent acquisition ecosystem as a think piece from start to finish and points to China’s usage of it in the larger playbook.
In closing
China is using any and all means necessary to vacuum knowledge to build their comprehensive national power, especially relative to the U.S. As they orchestrate a grand strategy to take center stage in the world community, corner markets, and make other states increasingly dependent on China, they gain technological supremacy and displace the U.S. as the leading nation-state for many of these efforts on the world scene.
If China becomes the strongest pole in a multipolar world, quickly gaining ground in strategic technologies, the question is not only what was built, but how. That process uses initiatives and people moving through access, funding, and institutions, continuing inside environments that can carry the work forward.
Our new series focuses on that part of the problem.
FAQ: Chinese talent plans
China’s talent acquisition system creates insider risk by aligning legitimate access, funding, affiliations, and research roles with national priorities. Risk often develops gradually, before theft or misuse occurs, making early indicators difficult to detect through traditional security tools alone.
China’s talent programs are difficult to identify because activity is no longer limited to well-known names like the Thousand Talents Program. Recruitment has shifted into local initiatives, university roles, research institutes, and sector-specific pathways that may not carry obvious program labels.
Early warning signs can include undisclosed funding, overlapping affiliations, external advisory roles, conflicting obligations, or research access tied to foreign priorities. These signals are often administrative or behavioral, appearing long before a formal investigation or technical security alert.
Subscribe today to stay informed and get regular updates from DTEX