Now the Chinese Are Hacking Us Through Our Limos

Kevin Mandia, CEO of the cybersecurity company Mandiant, takes a lot of limo rides. Normally, his limo company emails him PDF copies of his invoices after every trip. Recently, though, something changed. "I’ve been receiving PDF invoices not from them, but from an [advanced hacking] group back in China; that’s awesome," said Mandia in D.C. ...

Wikimedia Commons
Wikimedia Commons
Wikimedia Commons

Kevin Mandia, CEO of the cybersecurity company Mandiant, takes a lot of limo rides. Normally, his limo company emails him PDF copies of his invoices after every trip. Recently, though, something changed.

Kevin Mandia, CEO of the cybersecurity company Mandiant, takes a lot of limo rides. Normally, his limo company emails him PDF copies of his invoices after every trip. Recently, though, something changed.

"I’ve been receiving PDF invoices not from them, but from an [advanced hacking] group back in China; that’s awesome," said Mandia in D.C. recently. He only caught the attack when the hackers sent receipts on days when he hadn’t used the car service. "I forwarded them to our security service, and they said, ‘Yup, that’s got a [malicious] payload.’"

Emailing a malicious file from a fake or hijacked email account belonging to the acquaintance of a hacker’s target is a famous cyber-espionage tactic called spearphishing.

Hackers often search Google or social media to find the names of their target’s friends and co-workers. They then create a fake email address in the name of a friend or coworker and fire off carefully written emails containing malware to their target.

Mandiant’s digital networks are routinely attacked by Chinese hackers. This is no surprise given that last February the firm published a detailed report of Chinese military intelligence groups attacking the computers of Western businesses. But what makes this attack on Mandiant different — and what makes it a warning to other American businesses — is the intimate knowledge that the hackers seemed to have about Mandia’s business. How did these Chinese hackers know which limo service the CEO uses?

"I don’t know; that makes me wonder," Mandia told Foreign Policy.

It’s not like that kind of information is just posted on Facebook. Mandia also doubts that Chinese hackers have gained access undetected to his company’s networks — and if they did, why would they send him spearphishing emails? Instead, Mandia suspects that Chinese intelligence operatives simply showed up at public events where he was speaking and took note of his limo company.

"At a lot of these presentations, I’m standing here talking, and there are 10 foreign nationals from China. It could be they saw" Mandia using the limo, he said.

This is a textbook example of how Chinese spies don’t just target American business moguls via spearphishing and other cyberattacks. Instead, they use a combination of old-fashioned espionage and hacking to target anyone they’ve got a serious interest in.

If you thought that espionage was going totally digital, think again. Modern practitioners of espionage, like warfare, are finding ways to combine centuries-old intelligence-gathering methods with digital ones, for more effective results.

John Reed is a national security reporter for Foreign Policy. He comes to FP after editing Military.com’s publication Defense Tech and working as the associate editor of DoDBuzz. Between 2007 and 2010, he covered major trends in military aviation and the defense industry around the world for Defense News and Inside the Air Force. Before moving to Washington in August 2007, Reed worked in corporate sales and business development for a Swedish IT firm, The Meltwater Group in Mountain View CA, and Philadelphia, PA. Prior to that, he worked as a reporter at the Tracy Press and the Scotts Valley Press-Banner newspapers in California. His first story as a professional reporter involved chasing escaped emus around California’s central valley with Mexican cowboys armed with lassos and local police armed with shotguns. Luckily for the giant birds, the cowboys caught them first and the emus were ok. A New England native, Reed graduated from the University of New Hampshire with a dual degree in international affairs and history.

More from Foreign Policy

Russian President Vladimir Putin and Chinese President Xi Jinping give a toast during a reception following their talks at the Kremlin in Moscow on March 21.
Russian President Vladimir Putin and Chinese President Xi Jinping give a toast during a reception following their talks at the Kremlin in Moscow on March 21.

Can Russia Get Used to Being China’s Little Brother?

The power dynamic between Beijing and Moscow has switched dramatically.

Xi and Putin shake hands while carrying red folders.
Xi and Putin shake hands while carrying red folders.

Xi and Putin Have the Most Consequential Undeclared Alliance in the World

It’s become more important than Washington’s official alliances today.

Russian President Vladimir Putin greets Kazakh President Kassym-Jomart Tokayev.
Russian President Vladimir Putin greets Kazakh President Kassym-Jomart Tokayev.

It’s a New Great Game. Again.

Across Central Asia, Russia’s brand is tainted by Ukraine, China’s got challenges, and Washington senses another opening.

Kurdish military officers take part in a graduation ceremony in Erbil, the capital of Iraq’s Kurdistan Region, on Jan. 15.
Kurdish military officers take part in a graduation ceremony in Erbil, the capital of Iraq’s Kurdistan Region, on Jan. 15.

Iraqi Kurdistan’s House of Cards Is Collapsing

The region once seemed a bright spot in the disorder unleashed by U.S. regime change. Today, things look bleak.