Originally published at Wired.
Beware of Chinese spies offering laptops, women, or educational stipends—and especially watch out for odd LinkedIn requests.
On Tuesday, the Justice Department unsealed new chargesagainst 10 Chinese intelligence officers and hackers who it says perpetrated a years-long scheme to steal trade secrets from aerospace companies. The case continues an impressive tempo from the Justice Department, as it continues to try curb China’s massive, wide-ranging, and long-running espionage campaign. In fact, it’s the third time since September alone that the US government has charged Chinese intelligence officers and spies, including one of its biggest coups in years: The extradition earlier this month of an alleged Chinese intelligence officer, caught in Europe, who will face a US courtroom.
That arrest marks the first time the US has prosecuted an officer of China’s Ministry of State Security. The feds believe that the suspect, Yanjun Xu, spent years cultivating a person he thought was a potential asset inside GE Aviation, which makes closely held jet engine technology.
While historic, the GE Aviation case hardly stands as an outlier. Chinese espionage against the US has emerged over the past two decades as perhaps the most widespread, damaging, and pernicious national security threat facing the country—compromising trade secrets, American jobs, and human lives.
The majority of Chinese espionage cases over the years have involved ethnic Chinese, including Chinese students who came to the US for college or advanced degrees, got hired at tech companies, and then absconded back to China with stolen trade secrets. Historically, very few Chinese spying cases have featured the targeting or recruitment of Westerners. But this year has seen a rash of cases of Americans allegedly recruited to spy on China’s behalf, encouraged to turn over sensitive military, intelligence, or economic information—at least one of which started with a simple LinkedIn message.
Sifting through more than a dozen of the major cases that have targeted Westerners, though, provides an illuminating window into how China recruits its spies. The recruitment follows a well-known five-step espionage road map: Spotting, assessing, developing, recruiting, and, finally, what professionals call “handling.”
Stage 1: Spotting
The first step in any espionage recruitment is simply knowing the right people to target. That job often falls to what intelligence professionals call a “spotter,” a person who identifies potential targets, then hands them off to another intelligence officer for further assessment. These spotters, sometimes friendly officials at think tanks, universities, or corporations, are often separate from the intelligence officers who ultimately approach potential spies, allowing a level or two of remove. They sometimes have such “deep cover” that they are considered too valuable to make a recruitment approach directly, leaving that work to a cut-out who could more easily disappear if the recruitment pitch is rejected.
In that vein, last week’s Yanjun Xu indictment ties in to another little-noticed September arrest, where the FBI charged a 27-year-old Chinese citizen and Chicago resident with acting as an unregistered foreign agent for China—the federal criminal charge that prosecutors often use as code for spying. That man, Ji Chaoqun, had arrived in the United States in 2013 to study electrical engineering at the Illinois Institute of Technology, and had subsequently enlisted in the Army Reserves.
This year has already seen a rash of cases of Americans allegedly recruited to spy on China’s behalf.
Yet according to the government’s criminal complaint, Ji Chaoqun had less pure motives at heart than service: He had allegedly been recruited at a Chinese job fair while in college to join a “confidential unit” and work as a “spotter” for Yanjun Xu, helping the MSS officer identify potential recruits and providing background reports on at least eight potential spies. In a 2015 email, Ji Chaoqun wrote that he was enclosing “eight sets of the midterm test questions for the last three years,” according to court documents. He attached eight PDFs of background reports downloaded from sites like Intelius, Instant Checkmate, and Spokeo, which compile public records on individuals for purchase online. (The sites limit purchases to US-based consumers, so they were inaccessible to Yanjun Xu himself.)
All eight of the targeted individuals were ethnic Chinese who worked in science or technology. Seven of them were either currently employed or had recently retired from US defense contractors, according to the US government.
“Spotting” doesn’t necessarily have to involve human targets; an article in the November issue of WIRED,excerpted from the new book Dawn of the Code War, outlines the US pursuit of the Chinese spy Su Bin, who was captured in Canada in 2014 after working for years as a technical “spotter” for Chinese military intelligence officers. Su, an aviation expert, would examine stolen file directories hacked by Chinese intelligence to point them to the most valuable and relevant documents, helping them navigate massive troves of files on secret projects like the US development of the C-17 military transport plane.
Stage 2: Assessing
Once intelligence officers identify potential recruits, they then examine how they might encourage those targets to spy. Professionals often summarize the motives for espionage with the acronym MICE: money, ideology, coercion, and ego. Spies want to be paid for their work, or believe in the cause, or can be blackmailed, or want the ego boost that comes with leading a double life.
While it often relies on ideology or coercion in pressuring ethnic Chinese to spy on its behalf abroad, China has proved particularly successful in luring Westerners with cash. In June of this year, FBI agents arrested a Utah man as he prepared to fly to China and charged him with attempting to pass national defense information to China. The felony complaint says that Ron Rockwell Hansen, a former Defense Intelligence Agency officer, had been struggling financially, living primarily off his $1,900-a-month DIA pension and facing debts of more than $150,000. In 2014, Rockwell allegedly began meeting with two MSS officers—who introduced themselves to him as “David” and “Martin.” During one 2015 business trip to China, they offered him up to $300,000 a year for “consulting services.” Hansen was, according to the government, to “attend conferences or exhibitions on forensics, information security, and military communications and to conduct product research.” The money, in turn, would be funneled to him by David and Martin by “overpaying him for purchases of computer forensic products.”
Hansen attended defense and intelligence conferences, allegedly on China’s behalf, for nearly four years, from 2013 through 2017. He took photos, made notes, and tried to strike up contact with former DIA and intelligence colleagues. Officials said he also purchased restricted forensics software to transport to China.
All told, according to the complaint, Hansen made 40 trips to China between 2013 and 2018, often returning with tens of thousands of dollars in cash—four trips cited by the government netted him $19,000, $30,000, $20,000, and, in 2015, $53,000. Ultimately, court documents show that Hansen received upwards of $800,000 from Chinese sources. Hansen pleaded not guilty to 15 counts in July.
American Superconductor managers had heard horror stories of American companies having their intellectual property stolen by Chinese business partners, so the company went to great lengths to lock down its software and allow access only by its own employees. Sinovel, instead, recruited Dejan Karabasevic, a Serbian employee based in Austria, to out-and-out steal the source code. Karabasevic pleaded guilty in an Austrian court in 2011.“They offered him women. They offered him an apartment. They offered him money. They offered him a new life,” the head of American Superconductor, Daniel McGahn, later told 60 Minutes.
Karabasevic was quite clear about his motives: As detailed in court documents, he wrote in one email to his new Chinese business partners, “All girls need money. I need girls. Sinovel needs me.” The Chinese firm ultimately offered Karabasevic $1.7 million to steal the turbine source code. He wrote to Sinovel in one text message: “I will send the full code of course.”
American Superconductor only became aware of the theft when its engineers noticed that some of the turbines being installed in Sinovel’s large wind farms in China were running a version of the operation software that hadn’t yet been released; by then, it was too late. The collapse of the partnership forced the company to lay off 600 of its 900 employees; a federal jury found Sinovel guilty on counts of theft of trade secrets and wire fraud in January of this year.
Stage 3: Developing
Intelligence officers generally don’t lead off by asking potential sources to betray their country or their employer. The third stage of espionage recruitment, instead, is known as “developing,” when recruiters begin to ask for trivial requests or favors to establish rapport. As former CIA director John Brennan said last year, “Frequently, people who go along a treasonous path do not know they are on a treasonous path until it is too late.”
In one of its more daring efforts in recent years, Chinese intelligence tried to place an ambitious China-loving American student inside the CIA, hoping that the would-be mole could rise through the undercover ranks of the agency.
Glenn Duffie Shriver, _a student from outside Richmond, Virginia, had become intrigued with China during a 45-day summer study abroad program in 2001. He later returned for his junior year abroad, becoming fluent in Chinese, and moved to Shanghai, where he acted in Chinese films and commercials. Around 2004, he responded to a newspaper ad asking for someone to write a white paper about trade relations between the US, North Korea, and Taiwan; the woman who hired him, calling herself “Amanda,” paid him $120 for the essay. She told him she liked the work and asked if he’d be interested in more—and then introduced him to two men, “Mr. Wu” and “Mr. Tang.”
Over time, those two encouraged Shriver to return to the US to join either the State Department or the CIA. “We can be close friends,” they told him. Shriver flunked the foreign service exam twice, but the MSS paid him a combined $30,000 for the effort. In 2007, Shriver applied to the CIA’s National Clandestine Service, the unit that runs its undercover foreign operatives, and received a $40,000 payment from the Chinese MSS.
The US government ultimately arrested Shriver, and the FBI even turned the incident into a low-budget movie to warn other students studying abroad about Chinese friends bearing gifts. Shriver pleaded guilty to one count of conspiracy to communicate national defense information in 2010.
“It started out fairly innocuous: ‘Oh, you know, we really want to help young people here in China. You know, we realize sometimes you’re far from home and the costs can be quite a bit, so here is just a little bit to help you out,’” Shriver said at his sentencing. “And then it kind of spiraled out of control. I think I was motivated by greed. I mean, you know, large stacks of money in front of me.”
That subtle evolution and push over the line from personal or professional favor to outright espionage was also clearly evident in last week’s case against MSS official Yanjun Xu, who had allegedly targeted GE Aviation. The GE case, which reads almost like a slow-motion David Ignatius espionage novel, was somewhat unique: No documents or trade secrets were compromised—the sting appeared to unfold with the cooperation of the company—but the recruiter apparently followed a clear path of asking for small things before pushing the employee over the line to outright theft.
Yanjun Xu began his recruitment efforts, officials said, by contacting American aerospace experts under the guise of an educational exchange; he worked with the Nanjing University of Aeronautics and Astronomics, one of China’s top engineering schools, to invite the targeted aerospace engineers to give lectures on their work. The targeted GE employee, identified only as “Employee #1” in court documents, was both reimbursed for travel expenses and paid a $3,500 “stipend” for the lecture at NUAA. The ploy was one Xu appeared to use routinely; court documents cite other examples of “seminars” and “educational exchanges” with aerospace engineers that served as recruiting efforts for espionage.
During the unnamed GE employee’s visit to NUAA in June 2017, according to court records, Xu introduced himself, using the cover identity of “Qu Hui,” and explained that he worked for the Jiangsu Science and Technology Promotion Association. The American engineer and Xu had multiple meals together, according to the indictment, and Xu invited the engineer to return for another lecture. By January 2018, Xu was regularly asking the GE engineer to pass along small details about system specifications and the company’s design process, authorities say. He then provided what amounted to a shopping list of aviation design secrets, asking, “Can you take a look and see if you are familiar with those?”
In February, Xu allegedly asked for a copy of the employee’s file directory for his company-issued computer, explaining how to appropriately sort and save the directory for Xu’s review. The two then began to make plans for Xu to access the company computer during a business trip to Europe; as Xu explained, according to court documents, “We really don’t need to rush to do everything in one time because if we’re going to do business together, this won’t be the last time, right?” It was on what Xu thought was that European business trip in April that the Chinese intelligence officer was arrested in Belgium.
Stage 4: Recruiting
The direct request to spy is often the most fraught moment of an espionage operation—but sometimes it starts off easily enough. One-time CIA officer Kevin Mallory was recruited to spy for the Chinese right off LinkedIn in February 2017. Mallory, who was working as a consultant at the time, was contacted over the social network by someone from a Chinese think tank known as the Shanghai Academy of Social Sciences. The FBI said in court documents that the prestigious organization—China’s oldest social science think tank—is regularly relied upon by MSS, who “[use] SASS employees as spotters and assessors,” and that MSS officers “have also used SASS affiliation as cover identities.”
Mallory spoke by phone with the purported SASS employee, and subsequently traveled to China twice, in March and April 2017, for in-person meetings. There, he received a special phone and instructions on how to use its secure messaging capabilities to contact his Chinese “clients.” According to the criminal complaint, Mallory also wrote two short white papers on US policy matters for his Chinese intelligence handlers.
Mallory was caught, in part, because he didn’t realize that the device didn’t wipe sent secure messages, and FBI agents were able to peruse his communications with the Chinese intelligence officers. The deal was quite explicit: In one message, Mallory wrote, “your object is to gain information, and my object is to be paid for.” Ultimately, the FBI believed that Mallory passed at least three classified documents to the Chinese and was paid about $25,000.
Mallory was found guilty of conspiracy to commit espionage during a June trial, though the judge threw out two convictions related to sharing or trying to share national defense information.
Stage 5: Handling
The most delicate part of an espionage operation is always maintaining the regular, day-to-day communication between a spy and his or her assigned “handler.” Whereas previous generations often relied on the Cold War tradecraft of physical “dead drops” or in-person “brush passes” for covert information exchanges, today’s espionage often relies on encrypted communication tools, surreptitious cell phones, and emails left in draft folders.
Some of that modern tradecraft was on display in the charges against another former CIA case officer, naturalized US citizen Jerry Chun Shing Lee, who is suspected of being perhaps the most devastating Chinese spy ever. According to court documents released following his arrest in January, Lee met with two Chinese intelligence officers in April 2010, who promised him “a gift of $100,000 cash in exchange for his cooperation and that they would take care of him for life.” Beginning the very next month, the Chinese intelligence officers allegedly began passing “taskings” to Lee in envelopes, delivered by one of his business associates, that asked him to reveal sensitive information about the CIA.
Lee ultimately received requests for at least 21 different pieces of information, according to court documents. In response to one such request, Lee “created on his laptop computer a document that included entries pertaining to certain locations to which the CIA would assign officers and a particular location of a sensitive operation to which the CIA would assign officers with certain identified experience.” Communications flowed, in part, through an email address created using his daughter’s name, the indictment says.
It appears that Lee’s alleged work may have helped devastate America’s own spy networks inside China. While the government’s reliance on an insecure encrypted communications system exposed several of its own human assets, according to a recent report in Foreign Policy, its problems may not have only been high tech. When FBI agents covertly searched Lee’s luggage at one point, the Justice Department indictment says, they discovered a “Day Planner containing handwritten, classified information up to the Top Secret level pertaining to, but not limited to, operational notes from asset meetings, operational meeting locations, operational phone numbers, the true names of assets, and covert CIA facilities.”
Read more at Wired.