How China Could Use the Federal Breach to Recruit Spies

June 18, 2015 Updated: June 23, 2015

Federal employees may start seeing a friendlier side of the Chinese regime, including speaking invitations at prominent universities, approaches by beautiful Chinese women, business offers, and an ear for them to voice dissatisfaction.

Yet, all of this will be a front. Hackers allegedly with the Chinese regime recently breached a federal database that will give them a perfect roadmap on how to exploit U.S. government employees and recruit them as spies.

The U.S. Office of Personnel Management (OPM), which holds federal employee records and information on security clearances, revealed on June 4 that hackers breached records of at least 4 million current and former federal employees.

Some reports—including in CNN and Wired—have claimed security agencies within China could use the stolen information to blackmail U.S. government employees. According to several experts, however, the Chinese regime will likely take a different route with using the data to recruit spies.

While the Chinese Communist Party (CCP) does use blackmail to recruit spies, it limits this practice almost entirely to Chinese nationals.

In Canada, for example, there were recent cases of Uyghurs visiting China and being blackmailed by Chinese authorities who wanted them to spy on Uyghurs living in Canada. Uyghurs are a predominantly Muslim ethnic minority who are repressed in China.

As reported by the Globe and Mail one Uyghur, who declined to give a name fearing for his family’s safety was allegedly told: “We can jail you any time we like. We don’t care about Canadian passports. This is China.”

For non-Chinese, however, the approaches used by Chinese agents to recruit spies often have much more finesse.

Chinese Spycraft

In the United States, the motivations for espionage are defined as money, ideology, coercion, and ego (MICE). Agents will look for individuals who have a personal interest in providing information.

In China the criteria for potential spies are much broader. They look for people who have moral weaknesses they can exploit, which are fame, profit, lust, and anger.

It just happens that the federal database recently breached by hackers included details on security clearances and background checks, which would disclose all their moral shortcomings. Information that would otherwise take Chinese agents years to gather on even one person, may have just been stolen on millions of people.

According to Casey Fleming, chairman and CEO of BlackOps Partners Corporation—which tracks cyberspies and human spies involved in economic theft—the difference in Chinese espionage is very little known, but its effects are things he witnesses regularly in his line of work.

“They do it through wining and dining, they’ll treat you like royalty, and as soon as they get what they need they kick you out like a criminal,” Fleming said.

The key difference in how the Chinese regime recruits spies is that it’s more subtle. While the United States recruits informants it knows they are in need of money or protection, or have ideological reasons to support the United States, the Chinese approach is one where the recruited spies may not even realize they’re spying when they divulge information.

A source in Beijing with knowledge of Chinese spy operations detailed in a previous interview how the CCP’s recruitment process plays out.

The source said Chinese agents from four departments will often gather such information on foreign targets. These departments are the United Front Work Department, the International Department of the Central Committee, the Ministry of Foreign Affairs, and the military’s General Staff Department.

Chinese agents will exploit human follies to gradually reel people in, flatter them, give them offers, and eventually make them recognize their spy handlers as friends or business partners who they’re willing to do favors for.

People interested in fame may get invites for speaking events in China, complete with after events where they’ll be treated like royalty—with fancy food, good wine, and attentive company.

Those interested in profit may get opportunities for business and investments. Those with lust may get approached by beautiful women or handsome men. Individuals identified with anger—typically individuals with moral objections to government or company policies—may get recruited as “whistleblowers.”

“They do the honeypots,” Fleming said, referring to a spy technique where a targeted individual will be seduced by a beautiful woman (or handsome man.)

“They also do it through dating sites,” he said. “They do it through, they do it through LinkedIn.”

“They exploit college students by convincing them to write papers on this or that, then tell them they want a bit more, and before you know it you’re roped in,” he said.

“They want to know the list of security clearances, so they know to focus on a person to get classified data,” Fleming said. “If you have security clearances, you’re a target.”

Fleming noted, however, that even for individuals who don’t get targeted by physical spies, the stolen data could still bring them trouble. He said, “They’re using it to go after people for classified or sensitive data, to target their emails, their phones, and other things.”

Charm Offensive

Retired Gen. Michael Hayden, the former NSA and CIA chief, recently detailed what events may soon play out, during an event hosted by Wall Street Journal.

“Those records are a legitimate foreign intelligence target,” Hayden said, in a recording of the speech from The Wall Street Journal. “If I, as director of CIA or NSA would have had the opportunity to grab the opportunity in the Chinese system, I would not have thought twice.”

He said the data could be used to build a “massive database” of “information on Americans employed by the U.S. government.” He stated that the information is unlikely to be used for blackmail, since it’s information on federal employees already known by the U.S. government, noting “I don’t think that’s a high percentage shot for blackmail.”

As a practical example, he described a hypothetical situation of a scientist working on a project that Chinese agents want to learn more about.

“With this database,” he said, “they know what school you went to, where you live, almost what kind of car you drive, how many children, what you have written about, who are your foreign contacts, who is your wife …”

A Chinese agent, he said, may approach that researcher, with knowledge of their personal lives they can use for flattery. “You begin a relationship, and you begin to develop that relationship,” he said, noting that maybe six months later they may say something like “let’s establish a consultancy relationship, let me pay you.”

He noted that such spy techniques like those he described are commonplace, and not limited to China.

With this in mind, however, Hayden said the recent breach “is a tremendously big deal, and my deepest emotion is embarrassment.”

According to Fleming, the bigger picture is what’s really important. He said through recent breaches, the Chinese regime is “mapping all Americans to see who has access, who has control, from a command and control fashion for the event of a cyberwar or a conventional war.”

“Information is power,” he said. “They have a thirst for more power, and in today’s world data is power.”

Follow Joshua on Twitter: @JoshJPhilipp