To compare how different countries gather intelligence, David Wise, an expert on espionage and author of “Tiger Trap: America’s Secret Spy War with China,” gave the following analogy of Russia, the United States, and China trying to extract information on a beach. “The Russians would send in a submarine in the dark of night and collect several buckets of sand,” he said, and “the Americans would send over a spy satellite and collect reams of data that would be analyzed back in Washington.”
The Chinese, however, “would send in a thousand tourists, each with instructions to collect one grain of sand.” Afterwards, they would “shake out their towels and at the end of that time China would know more about that beach than anyone else.”
In the international race to gather foreign intelligence, China trumps all through sheer numbers, recruiting mass amounts of spies to infiltrate all sectors of society.
And the effectiveness of China’s cyber espionage mechanism is the most alarming, particularly after the recent federal breach, in which Chinese hackers stole sensitive records of over 20 million current and former federal employees from the Office of Personnel Management (OMP).
With Americans becoming increasingly worried about the shadowy espionage threat China poses, here are 5 methods the Chinese regime uses to spy on foreign countries and steal intelligence.
1. Hacking and Cyber Espionage
Currently gaining attention is of course China’s hackers, which have breached foreign government bureaus and corporate networks numerous times in recent years.
The recent OPM breach of the Office of Personnel Management (OPM) gave the Chinese access to potential spy recruits as well as detailed information on millions of federal employees from their weaknesses to their social security numbers.
Similar cyber attacks targeted data from BlueCross, BlueShield, and stole some 80 million records from Anthem Inc., a U.S. health insurance company. Since 2010, Chinese hackers have also repeatedly compromised a database of the Veterans Affairs Department, which contains information on roughly 20 million veterans.
Experts say the Chinese regime may be building a massive database on Americans, using data stolen through cyber attacks. With software currently used to track the Chinese people, the Chinese could create the perfect roadmap to recruiting more American spies.
And personal information on Americans isn’t their only target. The Chinese have also launched several cyber attacks against large corporations to steal trade secrets and new technologies. The Commission on the Theft of Intellectual Property estimated such theft costs the U.S. $300 billion and 1.2 million jobs a year.
In May of 2014, a U.S. grand jury indicted five Chinese allegedly working for the People’s Liberation Army for cyber espionage of U.S. companies in the nuclear, metal, and solar industries to acquire intelligence for China’s state-run industries.
2. Planting Spies
In the more traditional kind of spying, China plants spies or recruits vulnerable employees to acquire sensitive information from large corporations or government agencies abroad.
In May of 2015, six people, including three Chinese professors, were charged in U.S. federal court for stealing trade secrets from two U.S. companies, Avago Technologies and Skyworks Solutions, and delivering the information to Tianjin University (a state-controlled university). Having taken source code, design layout, and other confidential documents, the defendants have been charged with conspiracy to commit economic espionage and theft of trade secrets.
And the Chinese regime does not only infiltrate the government or large businesses to steal intelligence, it also plants spies among groups considered potentially threatening to the regime and collects detailed information on them. In 2011, Sweden sentenced an Uighur man to 16 months in prison for spying on other Uighur refugees and sending the information to Chinese authorities. The Uighurs are a Turkic-speaking Muslim people living in Xinjiang, a region in northwestern China, who have suffered long-standing suppression under the Chinese regime.
3. Recruiting Students Studying Abroad
Every year, thousands of Chinese students study abroad in countries like the United States and the United Kingdom. Before leaving mainland China, Chinese security officials approach them, telling them to remain loyal to the motherland and report any useful information under the guise of a “patriotic duty.” Thus, Chinese students are informally inducted into an elaborate network of Chinese spies overseas. Since each student contributes very little, it barely feels like spying.
Used to steal information, keep track of political dissidents, and to block the operations of groups protesting the Chinese regime, student spies allow the Chinese regime to easily extend its reach to foreign territories. As students, they are also in prime positions to enter the workforce as employees for large corporations or government agencies and acquire more classified intelligence there.
The Chinese also infiltrate from the other end, recruiting Americans or other international students studying in China, like in the case of Glenn Duffie Shriver. While studying in Shanghai in 2004, Shriver was approached by a woman affiliated with Chinese state intelligence. After they forged a relationship in the next few months, he eventually accepted some $70,000 to attempt to join the State Department and the CIA. When his attempt at spying came to light, Shriver was sentenced to four years in prison.
4. Exploiting the Media
In 2012, Mark Bourrie, a Canadian parliamentary reporter and foreign correspondent for China’s state-run Xinhua News Agency, revealed the Chinese company had ordered him to collect intelligence for the Chinese Communist Party rather than for any news publication. After he put together the clues and realized he was being exploited as a spy for the Chinese regime, he quit the job.
Most of the time, he had been tasked with straight reporting jobs, but occasionally, he was given assignments that were obviously intelligence work. For instance, his Xinhua handlers told him to prepare a transcript of a press conference with the Dalai Lama and to find out what the Dalai Lama had discussed with Prime Minister Stephen Harper in their private meeting. In previous incidents, he had also been ordered to track political dissidents and collect intelligence on protesters, like practitioners of the persecuted spiritual faith of Falun Gong.
On Parliament Hill, Xinhua regularly exploited its media privileges to obtain foreign intelligence on Chinese dissidents, religious protestors, or political figures. In August 2014, after Xinhua reporters spied on Harper during his Arctic trips, they were banned from further travel with the Prime Minister for the rest of that year.
The Prime Minister’s former press secretary, Sara Macintyre said, “These aren’t reporters, they work for a state media agency, a propaganda agency, and the Prime Minister’s Office said they are not qualified to come as media, which is entirely appropriate.”
5. Infecting Consumer Technology with Spyware
Smartphones and other technology from China may come with pre-installed spyware programs that send users’ personal information back to China. The Generic Star N9500, a cheap smartphone manufactured in China, came with a spyware program which would steal all forms of data, from personal information to emails, from the phone and send it back to a server in China. Sold on Amazon and eBay for around $160, it contained spyware disguised as a Google Play service running in the background. In other cases, a Redmi Note smartphone from the phone company Xiaomi and two models of the Sony Xperia smartphone were also found relaying data to Chinese servers.
And the spyware does not just stop at phones and consumer technology.
In 2014, researchers at TrapX Security, a company based in California specializing in cyber security defense, found handheld scanning devices used in global shipping contained spyware. Targeting high-level networks in the shipping industry, the spyware could be used to track information on goods in transit and ultimately take control of the whole corporate computer system. TrapX did not reveal the name of the Chinese factory that manufactured the products, but it did disclose the name of the Chinese university involved–the Lanxiang Vocational School, which has a history in Chinese state-sponsored cyber attacks.