Now the Chinese Are Hacking Us Through Our Limos

Kevin Mandia, CEO of the cybersecurity company Mandiant, takes a lot of limo rides. Normally, his limo company emails him PDF copies of his invoices after every trip. Recently, though, something changed. "I’ve been receiving PDF invoices not from them, but from an [advanced hacking] group back in China; that’s awesome," said Mandia in D.C. ...

By , a former national security reporter for Foreign Policy.
Wikimedia Commons
Wikimedia Commons
Wikimedia Commons

Kevin Mandia, CEO of the cybersecurity company Mandiant, takes a lot of limo rides. Normally, his limo company emails him PDF copies of his invoices after every trip. Recently, though, something changed.

Kevin Mandia, CEO of the cybersecurity company Mandiant, takes a lot of limo rides. Normally, his limo company emails him PDF copies of his invoices after every trip. Recently, though, something changed.

"I’ve been receiving PDF invoices not from them, but from an [advanced hacking] group back in China; that’s awesome," said Mandia in D.C. recently. He only caught the attack when the hackers sent receipts on days when he hadn’t used the car service. "I forwarded them to our security service, and they said, ‘Yup, that’s got a [malicious] payload.’"

Emailing a malicious file from a fake or hijacked email account belonging to the acquaintance of a hacker’s target is a famous cyber-espionage tactic called spearphishing.

Hackers often search Google or social media to find the names of their target’s friends and co-workers. They then create a fake email address in the name of a friend or coworker and fire off carefully written emails containing malware to their target.

Mandiant’s digital networks are routinely attacked by Chinese hackers. This is no surprise given that last February the firm published a detailed report of Chinese military intelligence groups attacking the computers of Western businesses. But what makes this attack on Mandiant different — and what makes it a warning to other American businesses — is the intimate knowledge that the hackers seemed to have about Mandia’s business. How did these Chinese hackers know which limo service the CEO uses?

"I don’t know; that makes me wonder," Mandia told Foreign Policy.

It’s not like that kind of information is just posted on Facebook. Mandia also doubts that Chinese hackers have gained access undetected to his company’s networks — and if they did, why would they send him spearphishing emails? Instead, Mandia suspects that Chinese intelligence operatives simply showed up at public events where he was speaking and took note of his limo company.

"At a lot of these presentations, I’m standing here talking, and there are 10 foreign nationals from China. It could be they saw" Mandia using the limo, he said.

This is a textbook example of how Chinese spies don’t just target American business moguls via spearphishing and other cyberattacks. Instead, they use a combination of old-fashioned espionage and hacking to target anyone they’ve got a serious interest in.

If you thought that espionage was going totally digital, think again. Modern practitioners of espionage, like warfare, are finding ways to combine centuries-old intelligence-gathering methods with digital ones, for more effective results.

John Reed is a former national security reporter for Foreign Policy.

More from Foreign Policy

Children are hooked up to IV drips on the stairs at a children's hospital in Beijing.
Children are hooked up to IV drips on the stairs at a children's hospital in Beijing.

Chinese Hospitals Are Housing Another Deadly Outbreak

Authorities are covering up the spread of antibiotic-resistant pneumonia.

Henry Kissinger during an interview in Washington in August 1980.
Henry Kissinger during an interview in Washington in August 1980.

Henry Kissinger, Colossus on the World Stage

The late statesman was a master of realpolitik—whom some regarded as a war criminal.

A Ukrainian soldier in helmet and fatigues holds a cell phone and looks up at the night sky as an explosion lights up the horizon behind him.
A Ukrainian soldier in helmet and fatigues holds a cell phone and looks up at the night sky as an explosion lights up the horizon behind him.

The West’s False Choice in Ukraine

The crossroads is not between war and compromise, but between victory and defeat.

Illustrated portraits of Reps. MIke Gallagher, right, and Raja Krishnamoorthi
Illustrated portraits of Reps. MIke Gallagher, right, and Raja Krishnamoorthi

The Masterminds

Washington wants to get tough on China, and the leaders of the House China Committee are in the driver’s seat.