Chinese Spies Use Conferences to Find Targets
Love makes people do crazy things. In the case of former Army officer Benjamin Pierce Bishop love allegedly caused him to give the Chinese government secret strategic information on how the United States would detect and intercept nuclear missiles heading for American soil.
Bishop worked as a defense contractor at U.S. Pacific Command in Hawaii. The 59-year-old with top-secret clearance is being charged with giving classified national defense information to a Chinese woman half his age. She became interested in him, and then showed a unique interest in nuclear weapons, ballistic missiles, and how the United States detects and defends against them.
The woman Bishop was dating is accused of spying for the People’s Republic of China.
Red flags include both the information she allegedly pressed him for, and how she picked him up at a conference in Hawaii on international military defense.
For people in the defense and intelligence industries, it is common knowledge that Chinese spies use conferences and trade shows to find their targets.
Paul Williams, chief architect at BlackOps Partners Corporation which does counterintelligence and protection of trade secrets and competitive advantage for Fortune 500 companies, said he has witnessed this first hand. He said a colleague of his was once approached at a cybersecurity conference by a tall, well-spoken Chinese man wanting details on confidential technology used to detect spies.
His colleague refused to give. The man pressured him, repeating, “I need this technology.” When pushing didn’t work he offered $1,000 on the spot.
“Then he said, ‘If you won’t give it to me, we have other ways to get what we want,’” said Williams, in a phone interview. “This veiled threat may have referred to approaching other employees of the same company, or possibly even to a cyberattack.”
“Some will ask why would the Chinese use, what are in many cases such obvious and crude methods of pursuing information? Why would they do that?” Williams said. “Answer: They do it because it works, that’s why.”
Conferences, conventions, and trade shows “offer opportunities for foreign adversaries to gain access to U.S. information and experts in dual-use and sensitive technologies,” states a 2011 report from the Office of the National Counterintelligence Executive.
The events attract top players in industries from cybersecurity to government contracting, and vendors will often bring along their cutting-edge products.
Conferences are also ideal places for espionage because people often let their guard down and are willing to make cold contacts, according to Doug Helton, director of threat operations at counterintelligence company SpearTip, and a former special agent in the U.S. Air Force Office of Special Investigations.
“Those types of forums are perfect for any kind of criminal or national intelligence entity,” Helton said, in a phone interview. “It’s easy to blend in, and it’s easy to ask questions.”
He said it is common knowledge in the defense and intelligence industries that Chinese spies exploit conferences for espionage. The problem is complicated though. Helton said that from the viewpoint in the industries, economic ties with China often mean “that you can’t just not invite Chinese to the conferences.”
A Coordinated Act
Chinese spying takes place in two phases. The first leverages what has often been termed a “death by 1,000 cuts” approach to gather as much information as possible. The second involves methods to find weak links in companies of interest.
At conferences, large groups of Chinese spies will scout the different booths, each asking a different question so as not to raise an alarm, according to Helton and Williams. They then combine the information gathered by each spy to create a more complete picture.
This information is then given to another agent who will approach the company and feign interest. Once the deal is made, the agent gets pricing information, names, and contacts of key people in the company, and information through non-disclosure agreements they will not uphold.
The second step comes into play when the Chinese spies have already identified a particular company they want to go after.
The tools of choice to gain deeper access are often social media sites like LinkedIn and Twitter, according to Jody Westby, CEO of security company Global Cyber Risk and an adjunct professor at Georgia Institute of Technology’s School of Computer Science.
“They’ll look in chat rooms, social media, Facebook,” Westby said, in a phone interview. “People post all kinds of information out there.”
By doing a simple search for a company name on LinkedIn, Google, and Facebook, a spy can create a comprehensive map of the company’s employees. They will then look at their profiles “and find someone who may be vulnerable,” Westby said.
A “vulnerable” employee can be someone who is disgruntled, or someone who has a lot of debt, or a trait that can be exploited. Someone with a love of money will be tempted by bribes. If a person’s weakness is lust they may find themselves in a sex trap, referred to as a “honey trap.” Others may be approached by agents of influence and be brought in as a “friend of China” who will act out of a sense of helping a friend.
Others may be tempted by undercover Chinese agents to believe that by their actions they can improve understanding and friendship between their adopted country, the United States, and their native land, China, according to Williams.
“The threads that can be exploited today are quite sophisticated,” Westby said.