In Chinese Spy Ops, Something Old, Something New

Indictments reveal how Beijing mixes traditional spycraft with cyberespionage to steal U.S. technology.

A person walks past a 12-story building alleged in a report on Feb. 19, 2013, by the internet security firm Mandiant as the home of a Chinese military-led hacking group after the firm reportedly traced a host of cyberattacks to the building in Shanghai's northern suburb of Gaoqiao. (Peter Parks/AFP/Getty Images)
A person walks past a 12-story building alleged in a report on Feb. 19, 2013, by the internet security firm Mandiant as the home of a Chinese military-led hacking group after the firm reportedly traced a host of cyberattacks to the building in Shanghai's northern suburb of Gaoqiao. (Peter Parks/AFP/Getty Images)

For years, U.S. intelligence officials have warned about the hacking threat posed by Chinese operatives using sophisticated technology to steal American intellectual property.

But a series of recent indictments targeting Chinese agents highlight something else: Alongside technology, Beijing is also using old-school methods of human intelligence to pilfer the items it needs.

On Tuesday, U.S. prosecutors charged two officers of the Ministry of State Security—China’s main spy agency—and a team of hackers with attempting to steal advanced jet-engine technology being developed jointly by an American company and a French one.

As part of the operation, the spy agency developed malware that would infiltrate the French company’s servers. But to install the software on the computer system, the agency resorted to an older bit of spycraft. It recruited an employee of the company, named in the indictment as Tian Xi, who implanted malware dubbed Sakula using a USB stick.

The development of an advanced domestic jet-engine industry represents a key goal for Beijing, which is looking to surpass Western high-tech manufacturing companies as part of its “Made in China 2025” initiative. To do so, the Chinese Communist Party has embarked on an aggressive espionage campaign aimed at boosting domestic companies working on everything from jet engines to semiconductors.

The ability to operate effectively in both old and new forms of espionage is what makes the Chinese spy agencies so formidable, according to analysts.  

“When China identifies a target, especially the chip industry that is seen as critical to the next generation of technological innovation, it will try cyber, bribery, insider theft, recruitment until something works,” said Adam Segal, who directs the Digital and Cyberspace Policy Program at the Council on Foreign Relations.

The Trump administration has stepped up efforts on multiple fronts to confront China. It has slapped tariffs on some $250 billion in Chinese goods and has signed into law the Foreign Investment Risk Review Modernization Act, which will increase scrutiny on Chinese investments in the United States and allow the government to block a wider range of transactions.

On Thursday, U.S. Attorney General Jeff Sessions announced the formation of a new task force to combat efforts by China to steal American corporate secrets.

“Chinese economic espionage against the United States has been increasing—and it has been increasing rapidly,” Sessions said at a press conference in Washington. “We are here today to say: enough is enough. We’re not going to take it anymore.”

Sessions made the announcement as he unveiled yet another indictment involving Chinese economic espionage. This one alleges that a Taiwanese semiconductor company and its Chinese partner conspired to steal semiconductor technology from Micron, an Idaho-based semiconductor manufacturer.

As with the earlier indictment, this one also illustrates how Chinese operatives leverage traditional techniques of intelligence gathering to acquire business secrets.

According to the document, officials from the Taiwanese semiconductor company United Microelectronics Corporation recruited Micron executives to steal company trade secrets associated with the production of semiconductors. The Taiwanese company then hired the officials, who brought Micron’s technology with them.

The indictment alleges that the Taiwanese company entered into a cooperation agreement with Jinhua, a state-owned Chinese company, to provide that technology to Beijing.

Other recent targets of Chinese economic espionage include military-grade high-speed computer chips, a foam with both military and commercial applications, and rice seeds engineered for use in medical applications.

A majority of economic espionage cases prosecuted by the U.S. Department of Justice involve “the marriage of cyber and human operations,” said Priscilla Moriuchi, a former National Security Agency official and the director of strategic threat development at the cybersecurity firm Recorded Future. “From a historic perspective, that is how China has preferred to do things.”

In 2011, Chinese operatives recruited an Austrian employee of American Superconductor, which makes software that runs wind turbines, to hand over the company’s source code to Sinovel, its Chinese partner, in exchange for $1.7 million. American Superconductor sued Sinovel, and Chinese operatives immediately tried to hack the U.S. company and steal its legal strategy.

But even as these recruitment remains a staple of Chinese spy operations, the hacking activity has intensified. According to a report published this year by the cybersecurity firm Crowdstrike, in the first six months of 2018, China was as the most prolific nation-state hacker among the countries tracked by the firm. Its targets included companies in the biotech, defense, mining, pharmaceutical, professional services, and transportation sectors.

Experts point out that digital technology has made espionage much easier. “Kim Philby [a British intelligence agent who spied for the Soviet Union in the last century] had to sneak files out of MI6 in a briefcase,” said Phillip Hallam-Baker, the principal scientist at Comodo Cybersecurity.

“A truckload of printed paper contains about 1 gigabyte of data. A single thumb drive can contain 250 truckloads. A residential internet connection can transfer a truckload of data in eight seconds.”

 Twitter: @EliasGroll