Why is China Winning the War Against U.S. Intelligence?
China is the world’s most populous country with a population of 1,420,062,000 citizens as of early 2019. The size of their population is dwarfed, however, by the size of their government. China is known to have an overreaching democratic dictatorship government, ruled by the communist party, whose constitution guarantees them exorbitant power over its citizens, including, but not limited to, their ability to limit even the number of children allowed per family.
With a government this overreaching, you would expect the Chinese government to be very intrusive to its own citizens, as well as foreign governments, with all of the wealth necessary to build a very one of the world’s largest national security establishments. Within this apparatus are several of the world’s most powerful and secretive clandestine agencies. Namely one: The Ministry of State Security or MSS.
It’s certainly nothing new for governments around the world to feel the presence of the agency, with increasing power and efficacy, as they did with the PLA prior. Over the last decade, though, the United States has been the priority target of China’s MSS, with increased hacking, civilian spy recruitment, and even recruitment within government agencies.
In January of 2018, Jerry Chun Shing Lee, a naturalized U.S. citizen and former CIA officer, was arrested at New York’s JFK International airport. At the time, Lee was in possession of several hand-written notes containing classified information, including the locations of covert facilities and operational meeting locations,the names and phone numbers of foreign assets and covert CIA employees, and even operational notes from asset meetings. In may of this year, Lee was sentenced to 19 years in prison after being convicted of one count of conspiracy to deliver national defense information to aid a foreign government and two counts of unlawfully retaining documents related to national defense.
Lee worked for the CIA from 1994 – 2007. Lee moved to Hong Kong after leaving the CIA, where he worked for Japan Tobacco International, a company formed in 1999 when Japan Tobacco Inc. purchased the international operations of R.J. Reynolds. In 2010, while working for the firm, Lee was approached by Chinese officials and offered an undisclosed sum of money to provide U.S. intelligence information, as well as sensitive company information to Chinese authorities. Shortly afterward, the Hong Kong company for whom he worked suspected Lee of sharing information regarding the company’s investigation into counterfeiting and smuggling. A former manager of Lee’s had this to say to the South China Morning Post in 2018:
“While at the time we could not prove it, we suspected he was leaking the details of our investigations into counterfeiting and smuggling – including those conducted in cooperation with Western law enforcement agencies and targeting highly sophisticated organised crime syndicates and North Korea – to the mainland authorities. Several of the shipments of counterfeits purchased as part of the investigations were seized by the Chinese authorities or simply disappeared, and one of our contract investigators was arrested and imprisoned in China.”
After his termination from the company in 2012, Lee moved his family back to the United States. The family, while seeking permanent residence, frequented hotels in Virginia and Hawaii. Due to the association between Lee’s former employer and Western law enforcement, U.S. authorities were made aware of Lee’s dealings with Chinese authorities, which raised red flags because of Lee’s former association with the CIA.
Lee quickly came under investigation by federal law enforcement, and in time, during a search of the family’s hotel room, authorities found several day planners and a thumb drive containing sensitive and classified information that Lee had apparently compiled while still at the agency. While this is a crime on its own due to the agreement Lee had signed with the CIA upon his hire, this raised extra suspicions of federal law enforcement, the NSA, and the CIA. This is because of the time-frame between Lee moving to Hong Kong, to the time he returned to the United States – an important span of time for the United States Intelligence Community. Between 2010 – 2012, up to 20 CIA assets were imprisoned or killed by Chinese authorities, which was the worst intelligence disaster the United States had seen since the Aldrich Ames incident in the 1980s.
Problems were not over after Lee’s arrest and conviction, though. Last year, former CIA officer Kevin Mallory was arrested on charges of spying for the Chinese. Mallory was approached by a Chinese intel headhunter via LinkedIn in 2017. Chinese officials learned of Mallory’s $230,000 mortgage that was several months delinquent, along with several other delinquent bills and credit card debt. The Chinese headhunter offered to help pay off Mallory’s debt if he were to pass sensitive and classified information.
In March and April, Mallory traveled to Shanghai with the contact, Michael Yang, who claimed to work for a Chinese think tank. Mallory quickly assessed Yang to be a Chinese intelligence officer, however. At this time, Yang gave Mallory a covcom device in the form of an encrypted Samsung Galaxy smartphone to facilitate his communications with Yang. According to the FBI, Mallory used this device to transmit at least five U.S. government documents to Yang, one containing the identities of sources who had helped the U.S. government.
Mallory was sentenced in May of this year to 20 years in prison followed by five years of supervised release. Mallory’s and Lee’s sentences were not the only ones this year, though. In March of this year, former Defense Intelligence Agency officer Ron Hansen plead guilty to attempting to communicate, deliver, or transmit information involving the national defense of the United States to the People’s Republic of China.
Hansen was arrested in June of 2018 while en route to Seattle-Tacoma International Airport. He was scheduled to board a flight to China while in possession of classified military information he had planned to sell to agents of a Chinese intelligence service. As Hansen admitted, in early 2014, Chinese intelligence targeted him for recruitment, after which time he started meeting with them in China on a regular basis. During the first of these meetings, the agents outlined precisely what kind of information they would consider valuable to Chinese intelligence. Hansen then offered to deliver the information for a some of money that added up to hundreds of thousands of dollars between May 24, 2016 and June 2, 2018.
While Hansen previously had clearance for highly classified information, after leaving the agency, however, he lost his clearance, as most do. Hansen used his relationship with a DIA case officer who still worked for the agency, and acted as a conduit between the officer and Chinese intelligence representatives. Hansen advised the case officer how to record and transmit classified information in a manner that would avoid detection, and also advised the case officer how to hide and launder any financial compensation received for the information.
Unknown to Hansen at the time, the case officer reported Hansen’s behavior to higher-ups within the DIA, and not long after, agreed to act as a confidential source for the FBI during the investigation into Hansen. Hansen met with the case officer on June 2, 2018, and was handed documents containing sensitive and highly classified information related to national security and regional U.S. military readiness. As mentioned before, he was arrested later on that day, and the information never made it to his Chinese intelligence contacts.
Three arrests of former CIA and DIA officers in one year for violations of the espionage act is certainly an alarming uptick. There has also been a large increase in Chinese hacking. According to CrowdStrike co-founder Dmitri Alperovitch, “We have seen [the Ministry of State Security], over the years, break into corporate organizations. They were always better technically than the PLA (People’s Liberation Army).” He continued about the recent increase in MSS hacking, “We’re seeing, on a weekly basis, intrusions into U.S. and other Western companies from Chinese actors.” This is, of course, in violation of the 2015 agreement between the U.S. and China, not to conduct cyber-enabled spying or intellectual property theft.
There has also been an uptick in the amount of non-government employees, foreign visitors, foreign nationals, and U.S. citizens accused of spying. In March of this year, Chinese businesswoman Yujing Zhang unlawfully made her way into Mar-A-Lago – President Trump’s Florida resort – carrying multiple electronics in her purse, such as encrypted thumb drives, allegedly with the intent of collecting sensitive information about President Trump and other government matters through resort computers. Zhang was not convicted of spying, as prosecutors could not prove her intent, but she was convicted of trespassing and lying to federal agents, after changing her story about why she was at the resort several times. Zhang has since been reported after receiving time served on an eight-month sentence of incarceration.
As recently as September of this year, two Chinese diplomats were expelled to the Chinese Embassy in Washington after trespassing onto a sensitive military base in Virginia. This is the first incident of its kind since 1987. It is believed by officials that at least one of the two diplomats was an intelligence officer working under diplomatic cover. The diplomats, accompanied by their wives attempted entry at the base’s checkpoint. Due to lack of clearance, they were instructed to enter, turn around, and leave, but the diplomats ignored instructions and continued onto the base. They were then pursued by military personnel, but continued to evade authorities until their path was blocked by firetrucks. Due to diplomatic immunity, charges were not filed, but the individuals have officially been expelled to their embassy. Steps were also taken to vastly increase restrictions on Chinese diplomats in October. Chinese diplomats must now provide previous notice before meeting with state or local officials, and before visiting educational and research institutions. China has since claimed the incident was a misunderstanding, and the expulsion of the diplomats is a mistake on behalf of the U.S.
Also in September, naturalized U.S. citizen and California resident, Xuehua Peng was taken into custody after an FBI sting that lasted more than two years. Peng, who went by Edward, was charged with acting as an illegal agent of a foreign government. Peng allegedly worked as an intermediary passing classified information and collecting payments between intelligence agents. Peng used a classical spy tactic known as dead-drops – a tactic where information, money or other products are left at one of multiple predetermined locations which are usually marked by something as a signal, such as a chalk line or discreet symbol of some kind. The agent that communicated with Peng on behalf of the MSS was a double agent working for the FBI, and collected evidence on Peng for over two years. Peng has not yet been convicted, but the officials allege the evidence collected by the FBI during the investigation is irrefutable.
These are only a few cases from 2019 alone, and one must wonder, as President Trump’s trade war with China continues to escalate, how far will China go to spy on U.S. and other Western companies and governments. Even if China and the U.S. have reached a small deal providing some relief on Chinese tariffs, we remain economic competitors on the global scale, and who knows what sanctions may happen as a result of China’s current crackdown on Hong Kong. In a time when Russia is running vast networks of disinformation campaigns and pumping millions of illegal dollars into political campaigns, the uptick in Chinese spying is more than alarming.
Additional Reading: https://www.justice.gov/opa/pr/former-cia-officer-sentenced-prison-espionage https://www.justice.gov/opa/pr/former-intelligence-officer-convicted-attempted-espionage-sentenced-10-years-federal-prison https://www.justice.gov/usao-edva/pr/former-cia-officer-pleads-guilty-conspiracy-commit-espionage https://www.cyberscoop.com/ministry-of-state-security-china-hacking-department-of-justice-indictment/ https://www.cyberscoop.com/ministry-of-state-security-china-hacking-department-of-justice-indictment/ https://abcnews.go.com/US/fbi-employee-arrested-allegedly-acting-secret-chinese-agent/story?id=41045611
The Seventh Floor 