PDA

View Full Version : Chinese intelligence and spying (catch all)



Jedburgh
07-21-2008, 02:07 PM
TimesOnline, 20 Jul 08: Gordon Brown aide a victim of honeytrap operation by Chinese agents (http://www.timesonline.co.uk/tol/news/politics/article4364353.ece)

.....Downing Street yesterday confirmed that a member of the prime minister’s office had lost a BlackBerry during an evening event on the January visit to China. However, it played down the affair, stating that an investigation had established that there was “no compromise to security”.

Last week it emerged that US intelligence and security officials were debating whether to warn business people and other travellers heading to the Beijing Olympics about the dangers posed by Chinese computer hackers.

Joel Brenner, the US government’s top counter-intelligence official, warned: “So many people are going to the Olympics and are going to get electronically undressed.”
JF's China Brief, 17 Jul 08: The Evolution of Espionage: Beijing’s Red Spider Web (http://www.jamestown.org/china_brief/article.php?articleid=2374310)

.....What we know thus far about China’s espionage activities against U.S. weapons laboratories and other technology development programs is cause enough for concern. The U.S. intelligence community’s official damage assessment of Chinese espionage targeting America’s nuclear technology secrets tells us this much:

What we know:

• China obtained by espionage classified U.S. nuclear weapons information that probably accelerated its program to develop future nuclear weapons. This collection program allowed China to focus successfully on critical paths and avoid less promising approaches to nuclear weapon designs.
• China obtained at least basic design information on several modern U.S. nuclear reentry vehicles, including the Trident II (W88).
• China also obtained information on a variety of U.S. weapon design concepts and weaponization features, including those of the neutron bomb.

What we don’t know:

• We cannot determine the full extent of weapon information obtained. For example, we do not know whether any weapon design documentation or blueprints were acquired.
• We believe it is more likely that the Chinese used U.S. design information to inform their own program than to replicate U.S. weapon designs.

Yet there is much more to China’s quest for U.S. technology. China has obtained a major advantage that the former KGB did not enjoy during the Cold War: unprecedented access to American academic institutions and industry.....

selil
07-21-2008, 02:47 PM
In a nation that is up in arms about the NSA tapping into every single conversation and data packet people are pretty sanguine about going to China. China, a totalitarian communist regime with a state owned/controlled telephone and data network with some of the most sophisticated snooping technologies on the planet. Go ahead and complain about limited snooping in the US by the NSA with over sight, and then go to China for vacation. I'll never understand.

Van
07-21-2008, 07:05 PM
Once upon a time, someone translated a Mossad mnemonic for the espionage recruiting basic approaches; it was three words (alliterative in Hebrew) and I'd swear one of them was sex...

I think the bigger story than "OMG! China does espionage!" is "Jeesh, look at the caliber of aide our senior ('our' in the NATO collective, I'm U.S. but it still applies to U.S. leadership) civilian leaders pick for themselves." The guy can't keep his britches zipped in the middle of a counter-intell threat that is off the scale. What a winner.

Is it a bad thing if I laugh my butt off when it turns out the girl was a minor and someone has some 'happy snaps'?

Jedburgh
07-21-2008, 09:05 PM
Is it a bad thing if I laugh my butt off when it turns out the girl was a minor and someone has some 'happy snaps'?
If they were going to coerce him through blackmail into a productive source, they would not have compromised him at the outset by taking his Blackberry. Poor tradecraft, and the Chinese aren't such amateurs that they'd set him up for one and ruin the effort by doing the other.

Van
07-21-2008, 09:14 PM
they'd set him up for one and ruin the effort by doing the other.

I was being facetious, but...

A multipexed operation to maximize options and create deniability and media confusion? Use a girl just under the legal age, so if the pigeon complains about the stolen gadget, they can charge the victim of an intell op with statutory rape. If he doesn't report the theft, they can go with extortion. Deniability, as they can point out that she's a minor, and they'd never use a minor like that (wink, wink, nudge, nudge). If the target tries to make a stink in the media, they make a bigger one?

But I'm just thinking out loud, and I was joking in the first place.

davidbfpo
07-21-2008, 09:22 PM
For a detailed commentary: http://www.spyblog.org.uk

Why do we assume it was the Chinese government?

davidbfpo

Jedburgh
07-21-2008, 09:37 PM
I was being facetious, but...

A multipexed operation to maximize options and create deniability and media confusion? Use a girl just under the legal age, so if the pigeon complains about the stolen gadget, they can charge the victim of an intell op with statutory rape. If he doesn't report the theft, they can go with extortion. Deniability, as they can point out that she's a minor, and they'd never use a minor like that (wink, wink, nudge, nudge). If the target tries to make a stink in the media, they make a bigger one?

But I'm just thinking out loud, and I was joking in the first place.
No, joking is fine - but I do think it is important to understand the nature of the threat, and I appreciate your throwing out the examples.

Recruiting a source - whether willingly or through coercion - is best kept as simple as possible. Complexity = risk and putting too many layers on it - especially with the risk of image blowback through the use of a minor in a sexual situation - is not something that would be used by the Chinese against a target at that level (especially just prior to the Olympics).

Deniability in this case is also simple - being rolled by a hooker is something that occurs often enough everywhere in the world for the Chinese simply to pass it off as common theft as opposed to a targeted lift.

Coercion to keep someone quiet about a theft is not that common in espionage (much more common in the criminal world). Even without the individual's confession, the outright theft of an item desired by a hostile intelligence agency would usually be noticed. Coercion is more commonly used to obtain information/items that the source has access to, and that can be obtained and delivered by the source in a manner that won't compromise his position.

Fuchs
08-31-2011, 03:55 PM
http://www.youtube.com/watch?feature=player_embedded&v=2SA4WMO3jJs

AdamG
10-12-2011, 11:50 PM
A U.S. intelligence report for the first time links China’s largest telecommunications company to Beijing’s KGB-like intelligence service and says the company recently received nearly a quarter-billion dollars from the Chinese government.

The disclosures are a setback for Huawei Technologies Co. Ltd.’s efforts to break into the U.S. telecommunications market. The company has been blocked from doing so three times by the U.S. government because of concerns about its links to the Chinese government.

http://www.washingtontimes.com/news/2011/oct/11/chinese-telecom-firm-tied-to-spy-ministry/

Ray
10-13-2011, 09:51 AM
Everything for the Chinese is fair.

They are at war!

Not physical, but benign.

They want to be Numero Uno!

It is by hook or by crook.

And by crook is the easy way out!

Kevin23
05-29-2012, 06:08 AM
I've been following on and off over the past year, developments in regards to the PRC's intelligence activities. Especially, since there has been alot of converge about the People's Republic's cyber espionage operations(breaking into secure systems & databases; attempting to put back doors into Chinese made electronic products etc).

Both successful and failed attempts to commit industrial espionage against a number of private sector companies around the globe. As well as the PRC's attempts both real and accused of trying to solicit information from foreign nationals both in mainland China it's self/in other countries, and from the large Chinese diaspora abroad.

I've heard some say that the PRC's intelligence operations against the US exceed those of Russia and even the USSR(in it's later years). I've also read that some nations that have dealings with China such as Canada have had both their prominent private and public institutions thoroughly infiltrated by Chinese intelligence.

However, despite all these instances that are cited both proven and rumored; how big a problem is Chinese espionage actually?

I mean from what I can tell it's well documented that the PRC's intel collection abilities thorough cyber, open-source, and other means appears quite extensive. Not to mention the numerous Chinese communities throughout the world which provide a good resource pool.

I'm also skeptical from all I've been hearing about in terms of the PRC's espionage efforts. Since they seem limited in their ability to infiltrate/subvert organizations. Because the Chinese diaspora and cyber intel collection amongst others only goes so far IMO.

I'd be interested in hearing the opinions of those more knowledgeable then me on this subject. So does the PRC really have that big of a global/western spy operation or is it being hyped to be something larger then it really is?

Here is an article from the Diplomat on these issues.
http://the-diplomat.com/2011/09/19/chinas-growing-spy-threat/

bourbon
05-29-2012, 07:18 PM
However, despite all these instances that are cited both proven and rumored; how big a problem is Chinese espionage actually?
Massive. The cyber-warfare issue may or may not be hyped or exaggerated; the cyber-espionage issue is not being exaggerated.

These people invent nothing these days and steal everything. It is the greatest transfer of wealth in history – the director of the NSA has said as much.


I'm also skeptical from all I've been hearing about in terms of the PRC's espionage efforts. Since they seem limited in their ability to infiltrate/subvert organizations. Because the Chinese diaspora and cyber intel collection amongst others only goes so far IMO.
Don't be. They have money and they know how to use it; the PRC money has been pumping money into our political system for years to both parties.

Cyber-espionage can go pretty damn far if you stop and think about it. We might be better off printing out every government and corporate secret that we have and just dumping it all into China, just to confuse the SOBs. The NSA has come out and said that some form of computer compromise is the new normal, and that no system is secure – even their own.

Also the US gives the nation of Israel the right to steal whatever the hell it wants in our country; and since the nation of Israel exports little of value other than military technology, Israel inevitably sells its stolen technology to China.


So does the PRC really have that big of a global/western spy operation or is it being hyped to be something larger then it really is?
I think we are only now seeing the tip of the iceberg. The full ramifications wont be seen for decades to come.

Dayuhan
05-30-2012, 12:22 AM
I'd say both real and hyped. No doubt there's a threat and an issue, but I also have little doubt that the threat has been oversensationalised. It's also fairly obvious that the same things are being done in the opposite direction, along with various other countermeasures (such as setting up defective or erroneous data for theft). The Chinese are neither omniscient not omnipotent, and the people on the other side are not entirely inept.

Given that as a general rule the most effective intel operations are the ones that remain unknown, it's very difficult to say what's bigger, better, most extensive or most effective.

bourbon
05-30-2012, 02:03 AM
I'd say both real and hyped. No doubt there's a threat and an issue, but I also have little doubt that the threat has been oversensationalised.
A previous comment of yours in a thread about cyber-espionage demonstrated that you have a poor understanding (http://council.smallwarsjournal.com/showpost.php?p=124261&postcount=3) of information security concepts. Combine that with your reflexive apologizing for China, and I’m not sure your opinion alone on this matter is worth a damn.


It's also fairly obvious that the same things are being done in the opposite direction,
So what? China hardly has significantly s&t worth stealing for commercial or military industrial purposes; they invent nothing, they innovate nothing – all they do is copy and steal.


Given that as a general rule the most effective intel operations are the ones that remain unknown, it's very difficult to say what's bigger, better, most extensive or most effective.
The operations uncovered so-far are pretty damned impressive and were pretty effective.

davidbfpo
05-30-2012, 09:32 AM
Only two small stones to throw into this pond.

I have seen a reference to more PLA officers studying at US universities than US military, less certain was this was at Ph.D. level.

Universities here found now a few years ago that virtually all Chinese technical and scientific students made incredible use of the then free university photocopiers.

bourbon
05-30-2012, 07:19 PM
Universities here found now a few years ago that virtually all Chinese technical and scientific students made incredible use of the then free university photocopiers.
Photocopiers are so last century!: http://www.theaustralian.com.au/news/world/chinese-students-steal-secrets-inventor-james-dyson/story-e6frg6so-1226028900686
(http://www.theaustralian.com.au/news/world/chinese-students-steal-secrets-inventor-james-dyson/story-e6frg6so-1226028900686)

carl
05-30-2012, 09:33 PM
Bourbon: Is the whole of this Red Chinese effort centrally coordinated or is it encouraged in a general sense or do they give out equivalents of letters of marque or what? How do they control something so big or do they even truly try?

Fuchs
05-30-2012, 10:38 PM
Massive. The cyber-warfare issue may or may not be hyped or exaggerated; the cyber-espionage issue is not being exaggerated.

These people invent nothing these days and steal everything. It is the greatest transfer of wealth in history – the director of the NSA has said as much.


Well, "nothing" is obviously an exaggeration, as is "everything".

Aside from the unnecessary exaggerations:


Let's assume you were correct about the "nothing" and "everything". We have a historical precedent for the total exploitation of a country's intellectual property: Germany 1945. All patents, all high profile blueprints - gone to the victors.
What did it mean? Actually, very little.

The real transfer was in the captured or hired technicians and scientists.
Blueprints with no or only minor captured technicians regularly led to minimal or no success.

The German economy had to be rebuilt, but lack of intellectual property was not among the big problems. Not a single major industry collapsed for this reason. The only key industry that shrank badly was the aviation industry, and that had obvious different reasons in both West and East.


The real challenge is to make good and timely use of documents, not to get them in the first place.


Besides; the U.S. isn't that innovative, either.
The majority of American innovation announcements I know were no innovations, but rather revivals of failed ideas or revivals of European innovations. Now imagine how many of the others were no innovations either and I just didn't know their roots!
There's a lot of show aptitude involved that deceives many people.

Dayuhan
05-31-2012, 02:57 AM
Combine that with your reflexive apologizing for China, and I’m not sure your opinion alone on this matter is worth a damn.

Since when did failure to panic constitute an apology? Given the nature of the subject, I doubt that any of us is in a position to accurately assess the threat level, and if we were we would not be allowed to post on the subject.

What I said was that threats don't have to be real or hyped, they can also be real and hyped. Virtually all real threats we face are over-hyped, often by people in some way invested in trying to sell us their particular "solution" to whatever threat is in question. That "solution" may be an ideology, a policy, a product, or any number of other things, but if someone needs to invoke fear in order to sell it, there's a good chance that they think the suspension of rational thought is a necessary element of making the sale. Fear is right up there with greed as a marketing strategy.

As a general rule, whenever you read something written by someone who wants you to be afraid, it's time to start taking out grains of salt. That doesn't mean there are no threats, it means that the threats are almost invariably less than what they are hyped up to be.


So what? China hardly has significantly s&t worth stealing for commercial or military industrial purposes; they invent nothing, they innovate nothing – all they do is copy and steal.

Strange how people so incapable of innovation seem, at least according to some, to be so remarkably capable of inventing ways to steal information. How did a bunch of bonehead copycats morph into the omniscient, omnipresent, omnipotent masters of the information universe before whom we must tremble in fear?

Our espionage efforts, cyber or otherwise, don't have to be aimed at stealing their innovations. We'd have our own set of goals, like getting a handle on what they've got, where they got it, what they've done with it, and to what extent what they've done with it actually works. Obviously whatever information is gained from these efforts is not being made public.

We know that they spy on us. We also know that we spy on them. We also know that they will be trying to fool us by leaking wrong information to confuse our spying efforts, and that we are doing the same. It's actually a bit reassuring that we don't hear much, if anything, about the efforts on our side. If they were in the headlines, that would be evidence of failure.


The operations uncovered so-far are pretty damned impressive and were pretty effective.

It would be more impressive if they hadn't been uncovered. Is it not an axiom in the intel world that failure is public and success remains unknown?

carl
05-31-2012, 03:50 AM
Since when did failure to panic constitute an apology? Given the nature of the subject, I doubt that any of us is in a position to accurately assess the threat level, and if we were we would not be allowed to post on the subject.

That is an all purpose good for whatever ails you argument, I don't know and I know that you don't know because if you did you couldn't say but you did so you don't so what I say is just as good as what you say.

And to answer your question, since legitimate concern became hysteria and panic.

Dayuhan
05-31-2012, 08:10 AM
That is an all purpose good for whatever ails you argument, I don't know and I know that you don't know because if you did you couldn't say but you did so you don't so what I say is just as good as what you say.

I can't begin to unravel all that, but I doubt that anyone here is in a position to accurately assess the respective extent and effectiveness of US and Chinese cyperespionage efforts.


And to answer your question, since legitimate concern became hysteria and panic.

When we paint the other guys as giants and ourselves as midgets, when we claim that they know everything about our capabilities and intentions and we know nothing of theirs, when we claim that everything they do works and everything we do fails, when we look at them as an inevitably rising economic powerhouse and ourselves as a terminally declining has-been, when we base our fears on speculative projections of what somebody might be able to do in a few decades... then we go beyond legitimate concern and into the realm of hysteria, panic, and overhyped threats perceptions.

davidbfpo
05-31-2012, 11:48 AM
hat tip to the Lowy Institute e-briefing for a pointer to a Jamestown Foundation report on Taiwan's intelligence chief's public parliamentary hearing; which ends with this flip side of Chinese espionage:
...the Taiwanese record of espionage against China suggests Tsai’s remarks should be taken seriously. In his well-publicized leaked remarks last year, PLA Major General Jin Yi’nan identified several major Taiwanese spy cases, including the party secretary of China’s National Nuclear Corporation (“General’s Spy Comments Reveal More Than Just Espionage,” China Brief, September 2, 2011). A few years previously, Taiwanese intelligence also developed a spy ring at the PLA Air Force Command Academy, including the school president and other members of its leadership (Global Times, February 14, 2011). These Taiwanese successes indicate that, regardless of Taiwan’s own counterintelligence problems, the island’s intelligence services continually have developed high-level sources in Chinese military circles that could inform Tsai’s annual reports to the Legislative Yuan.

Link:http://www.jamestown.org/programs/chinabrief/single/?tx_ttnews%5Btt_news%5D=39420&tx_ttnews%5BbackPid%5D=25&cHash=d76b6a4409571f5330b703805948196e

slapout9
05-31-2012, 06:42 PM
On Economic Espionage.......notice it begins with the Cold War is not over!! I agree 100% which all this business spying goes with basic Commie Take Over Theroy from the 50's and 60's. But all the left over Hippies are know in senior leadership postions. Just as Lenin dreamed we will be weakened to such a point where the final takeover violence will be minimal. They know how to attack on a Systems Level.....more Deadly Than War.


http://www.fbi.gov/about-us/investigate/counterintelligence/economic-espionage

carl
06-01-2012, 03:10 AM
When we paint the other guys as giants and ourselves as midgets, when we claim that they know everything about our capabilities and intentions and we know nothing of theirs, when we claim that everything they do works and everything we do fails, when we look at them as an inevitably rising economic powerhouse and ourselves as a terminally declining has-been, when we base our fears on speculative projections of what somebody might be able to do in a few decades... then we go beyond legitimate concern and into the realm of hysteria, panic, and overhyped threats perceptions.

I'll tell you what. I'll answer to hysterically panic stricken if you'll answer to complacent appeaser. Deal?

Dayuhan
06-01-2012, 06:12 AM
If complacency is the absence of fear, I'll wear that label. It's not a definition I'd use, but some might. Where have I ever advocated appeasement?

I personally think the US education system is a greater threat to American security than Beijing and Goldman Sachs combined, but I guess we all have to be hysterical and panic-stricken over something. I mean, think about it... you live in a country where astrologers outnumber astronomers 100 to 1, and you're worried about the Chinese?

carl
06-01-2012, 06:51 AM
Ok. I sense there's room for a deal here.

You'll be complacent but not an appeaser and I'll be just hysterical but not panic-stricken. How about that?

Dayuhan
06-01-2012, 11:03 AM
If I confess to complacency, may I be excused from tearing my hair and rending my garment? I've no great stock of hair to begin with, and garments get more expensive by the day... plus they're all made in China, so I couldn't replace it without subsidizing the evil ones.

Firn
06-01-2012, 11:50 AM
My brother who made his engineering Bachelor in Munich told me that his institute of the TU (technical university) had no troubles to find internships for their students but for the Chinese. It seems as if certain things, especially espionage happened rarely with other nationalities but relative often with the latter.

Jedburgh
06-01-2012, 01:48 PM
Defense Security Service: Targeting US Technologies: A Trend Analysis of Reporting From the Defense Industry (http://www.dss.mil/counterintel/2011-unclassified-trends.pdf)

....Overall, the majority of collection attempts in FY10 originated from the East Asia and the Pacific region; commercial entities were the most active collector affiliation category for the second year in a row; targeting of information systems (IS) technology more than doubled from FY09; and collectors continued to most commonly use requests for information (RFIs) to elicit information from cleared contractors.

Even as the total suspicious contact reports from industry more than doubled from FY09 to FY10, the East Asian and Pacific region accounted for an even larger percentage of the total in FY10, increasing from 36 percent to 43 percent. East Asia and the Pacific accounted for as much of the total as the next three regions combined. Despite the dramatic increase in the number of reported cases attributed to the second most active region, the Near East, its share of the total actually declined slightly, due to the even greater increase in incidents attributable to East Asia and the Pacific.

As with the East Asia and the Pacific and Near East regions, Europe and Eurasia’s reported collection attempts more than doubled from last year, causing it to displace South and Central Asia as the third most active collector region. Together, East Asia and the Pacific, the Near East, and Europe and Eurasia accounted for over three-quarters of the world-wide total reported collection attempts against the U.S. cleared industrial base.....

Ken White
06-01-2012, 02:08 PM
I personally think the US education system is a greater threat to American security than Beijing and Goldman Sachs combined, but I guess we all have to be hysterical and panic-stricken over something. I mean, think about it... you live in a country where astrologers outnumber astronomers 100 to 1, and you're worried about the Chinese?All three parts; the first point quite accurately and sadly :( , the last hilariously :D .

Shame that hysteria and panic isn't directed at the pathetic state of our education system which promotes a tendency toward those failings as well as an obsessive desire for safety and comfort couched as risk or harm avoidance. :rolleyes:

davidbfpo
06-01-2012, 02:09 PM
This is rather balanced piece of advocacy on the threat from PRC cyber activity, from April 2012 by Jason Healey, Director of the Cyber Statecraft Initiative at the Atlantic Council of the United States (so a 'Beltway Pundit').

In brief a major challenge to the economic sustainability and health of governments and businesses alike.


The threat of Chinese espionage is so critical that the commander of our military cyber defenses has called it the “the biggest transfer of wealth through theft and piracy in the history of mankind.” But the threat is not bad enough to go on the record about the threat, to take risks to share needed information, or even to be willing to tell the Chinese to back off.

These are the government’s Three Silences. Added together I fear they are driving us to defeat.

First: Silence about the threat we face....Second: Silence about practical information which could help the private sector....This leads us to the last silence: Silence to the Chinese about our increasing fury.... By refusing to speak, either to our own people or to the Chinese, we are fighting on an asymmetric battlefield of our adversary’s own choosing. Going public, through naming and shaming those involved, is a winning strategy.

Link:http://www.acus.org/new_atlanticist/governments-three-cyber-silences (http://www.acus.org/new_atlanticist/governments-three-cyber-silences)

Jedburgh
06-01-2012, 03:10 PM
This is rather balanced piece of advocacy on the threat from PRC cyber activity, from April 2012 by Jason Healey, Director of the Cyber Statecraft Initiative at the Atlantic Council...
Balanced? I don't read it as such. Hell, he even advocates a position where if an incident even appears as if it came from China, then we don't bother trying to track it - just hold the Chinese government accountable, regardless. And Healey's piece focuses only on the Chinese, which, although China may be the origin of the majority of cyber espionage, the threat is active in all corners of the world.

However, I do agree with Healey about declassification of malware signatures for private sector security. Overclassification is a serious obstacle to efficiency in too many key areas - a problem clearly identified post-911, but still nowhere near adequately addressed.

But back to the issue - Any realistic and practical advocate of cyber-defense should be stressing the growing potential global threat, not scare-mongering against one particular actor - especially when that characterization builds the perception that China is the sole threat. The threat is real, and although espionage originating from China makes up the largest proportion (Russia is a major, sophisticated player as well), that does not excuse minimizing or ignoring the global nature of cyber espionage. And the global threat will only expand and build with the growth and development of technological capabilities - in effect, the cyber threat is the 21st century's arms race, but with a potentially unlimited number of state and non-state players.

Fortunately, those at the dirty-boots level of cyber defense (who are never actually in a position to get their boots dirty) have been well aware of the growing nature of the threat for a long time, and have been actively engaged in the evolutionary and innovative development of counter-measures for just as long. The mouthpieces at the national public level are simply players engaged in what is to be a bureaucratic spillage of blood over securing future funding, as we approach a defense drawdown and cuts that may resemble the immediate post-Cold War era.

AdamG
06-01-2012, 04:27 PM
1. File under "Quid Pro Quo, Clarice".
2. SWJ needs a "This Thread Useless Without Pics" smiley.


http://www.bbc.co.uk/news/world-asia-china-18299065


Hong Kong-based Oriental Daily quotes the monthly New Way as saying on 25 May that the official "fell into a pretty woman trap" set up by the CIA.

After the two were photographed in secret liaisons, he was blackmailed and agreed to supply secret information to the US, the reports say.

"The destruction has been massive," a source told Reuters.

carl
06-01-2012, 05:45 PM
Jed:

I don't know that much about how this stuff works exactly which is why I am asking. There was a post over at Information Dissemination a few weeks ago and the author advocated allowing individual targets, companies basically, to take active measures (trons dueling trons kind of) to defend themselves if they are the target of cyber attacks or spying. From the tone of the post this does not happen now. What do you think of that? Are they permitted or encouraged fry an attackers machine now and if they aren't, should they be?

Jedburgh
06-01-2012, 07:28 PM
Jed:

I don't know that much about how this stuff works exactly which is why I am asking. There was a post over at Information Dissemination a few weeks ago and the author advocated allowing individual targets, companies basically, to take active measures (trons dueling trons kind of) to defend themselves if they are the target of cyber attacks or spying. From the tone of the post this does not happen now. What do you think of that? Are they permitted or encouraged fry an attackers machine now and if they aren't, should they be?
I'm no expert on current corporate countermeasures either, but as far as I know its as you stated: US corporations are tightly focused on defensive measures, but they tend to be passive (at least with those that will discuss or publish security countermeasures in anything resembling a public venue appear to be that way). Some that would like to take active measures are deterred by concerns about legal liabilities resulting from the potential impacts of active measures along the lines of the counterattack type that you suggest - with liability being a constant concern of corporate lawyers in any case.

Sam may have better knowledge of current private sector defensive actions, if he wants to jump in.

Also, there is a government-private sector information sharing entity that has been in existence for a few years now, the Domestic Security Alliance Council (http://www.dsac.gov/Pages/index.aspx), which is intended to facilitate the sharing of critical information between corporations and the FBI and DHS. A substantial part of that is focused on the cyber threat. I'm not saying its really effective, but its there and can be leveraged by the private sector.

And Dayuhan and Ken's remarks about education are also important in the context of an evolving long-term cyber threat - for at least the past two years there have been intermittent reports about the number of computer science grads being too small to meet economic demands, which may or may not also factor in cyber security demands. Hell, just last month the University of Florida was about to eliminate its Computer Science department - while increasing the athletic budget by around $2 million - until a huge outcry resulted in the reversal of that decision. But it remains clear that focus is lacking too many institutions of higher education, let alone our weak and damaged primary education system.

Ray
06-03-2012, 06:14 PM
If I were to endorse Chinese activities without giving the rationale, I would have no fear.

Fear arises only if one does not endorse the happenings that create the fear!

An ostrich with its head in the sand, has no fear!

Dayuhan
06-04-2012, 01:21 AM
Has anyone here "endorsed Chinese activities"?

Rational assessment of threat needn't produce fear. There's room for disagreement on the extent and nature of threat, but reasonable disagreement is not advanced by panic or hysteria.

Jedburgh
06-05-2012, 02:34 AM
...reasonable disagreement is not advanced by panic or hysteria.
But well-crafted and focused panic and hysteria are excellent tools for building project support and raising funds.

Ray
06-05-2012, 08:23 AM
A moral panic is caused when an issue threatens the perceived social and the world order.

Dayuhan
06-05-2012, 09:21 AM
A moral panic is caused when an issue threatens the perceived social and the world order.

Panic is also often caused when an issue is perceived to threaten that order. The question in that case is whether or not that perception is reasonable. Jedburgh says it well:


well-crafted and focused panic and hysteria are excellent tools for building project support and raising funds.

When somebody wants us to be afraid, there's a very good chance that they're trying to sell something. Always good to take a deep breath and calmly assess the extent to which the alleged issue actually does threaten the social and world order, or any fraction of that order.

Ray
06-05-2012, 06:34 PM
When some one tries to sell aggressive intent as a peaceful one, then that does indicate an agenda/ collaborator!

http://online.wsj.com/article/SB10001424052702303918204577446202239267134.html?m od=googlenews_wsj

Good reasons to be circumspect.

Reactions would hardly be termed as panic to those who are interested in ensuring their national interests is not sold off by peaceniks!

Dayuhan
06-06-2012, 01:04 AM
Overselling a threat can also be collaboration with an agenda, willing or unwilling. Whose national interests, if anyone's, are being "sold off by peaceniks"?

AdamG
05-29-2015, 06:58 PM
Academia can usually be relied upon to have a passive disloyalty to the Republic, but Professor Xiaoxing Xi was fairly assertive.


The chairman of Temple University's physics department was charged Thursday in an alleged scheme to provide sensitive U.S. defense technology to entities in China, including its government.

Federal prosecutors allege Xiaoxing Xi, a world-renowned expert in the field of superconductivity, sought prestigious appointments in China in exchange for sharing information on a device invented by a private company in the United States.

Xi, a 47-year-old naturalized U.S. citizen who lives in Penn Valley, made his initial appearance in U.S. District Court on Thursday on four counts of wire fraud and was released on a $100,000 bond. He had not retained a lawyer and did not return calls for comment.

http://articles.philly.com/2015-05-23/news/62510083_1_court-filings-china-device



Hackers apparently based in China have had access to Pennsylvania State University’s engineering school computers for over two years, the university disclosed on Friday after a lengthy analysis by federal and private investigators.

The breach potentially has exposed research pertaining to technology for the U.S. Defense Department.

The university said it would take the affected computer network offline for several days to root out the hackers.
http://www.wsj.com/articles/penn-states-engineering-school-computers-hacked-1431804110

From 2014 -


A prominent Beijing scholar who recently fled to the United States has warned that China was sending "spies" to American universities, and urged US institutions to tread carefully on academic co-operation.

Xia Yeliang is one of the original signatories of Charter 08, a petition for reform whose Nobel Prize-winning lead author Liu Xiaobo is in prison.

Xia, an economist, was fired in October from Peking University. In his first public event since moving to the US last month, Xia said on Thursday he was mindful of the 1950s McCarthy era, when smears of alleged communist sympathies hit the reputations of Americans in government, entertainment and academia.

But Xia, who has been a visiting scholar at several US universities, said he was aware of "real spies" sent by Beijing to the US to carry out surveillance under the guise of academic exchange.
http://www.scmp.com/news/china/article/1437005/expelled-peking-university-professor-warns-us-universities-over-educating

From 2012 -


While overshadowed by espionage against corporations, efforts by foreign countries to penetrate universities have increased in the past five years, Figliuzzi said. The FBI and academia, which have often been at loggerheads, are working together to combat the threat, he said.

Attempts by countries in East Asia, including China, to obtain classified or proprietary information by “academic solicitation,” such as requests to review academic papers or study with professors, jumped eightfold in 2010 from a year earlier, according to a 2011 U.S. Defense Department report. Such approaches from the Middle East doubled, it said.

http://www.bloomberg.com/news/articles/2012-04-08/american-universities-infected-by-foreign-spies-detected-by-fbi

davidbfpo
08-21-2015, 04:53 PM
Hat tip to WoTR for an extensive commentary, with links, by a SME and starts with - even after the OPM "hack":
Discussion of China’s intelligence threat often seems over-hyped if not disconnected from reality. Apart from cyber intrusions, little evidence suggests Chinese intelligence deserves the credit for quality that it has received.
Link:http://warontherocks.com/2015/08/a-guide-to-chinese-intelligence-operations/?

A month ago the author wrote on the OPM matter:http://warontherocks.com/2015/07/chinas-new-intelligence-war-against-the-united-states/

AdamG
10-28-2015, 09:36 PM
WASHINGTON (Sputnik) — The US Department of Homeland Security (DHS) foiled the plan and also prevented the two Chinese partners from trying to acquire engines used in other US fighter jets, according to US federal court documents opened last week quoted in a report by Defense News.
The court documents allege that AFM Microelectronics Corporation Vice President Wenxia “Wency” Man, based in San Diego, and Xinsheng Zhang, described in the documents as an official arms dealer for the Beijing government, tried to buy and then export the engines to China.
General Atomics MQ-9 Reaper unmanned aircraft taxis at the Naval Air Station in Corpus Christi, Texas.
They targeted the General Atomics MQ-9 Reaper unmanned aerial vehicle and the Pratt & Whitney F135 engine used on the F-35 stealth fighter.


Read more: http://sputniknews.com/military/20151029/1029254803/us-china-spying-drone-jet-engine.html#ixzz3pturPLtI



A woman accused of trying to send an unmanned Hellfire missile-firing drone and jet fighter engines to China via South Florida, pleaded not guilty to federal charges of illegal military weapons brokering Friday in Fort Lauderdale.

Prosecutors say Wenxia Man, aka Wency, 44, was working with a man she called a "technology spy" who procures information from Russia and other nations "so that China can obtain sophisticated technology without having to conduct its own research."

The so-called "technology spy," Xinsheng Zhang, was indicted on related charges in South Florida but authorities said he is in China and has not yet been arrested.

http://www.sun-sentinel.com/local/broward/fl-defense-drone-china-20151023-story.html

davidbfpo
02-03-2016, 01:41 PM
From Bill Gertz, on a unheard website for me. Opens with:
A defector from China has revealed some of the innermost secrets of the Chinese government and military, including details of its nuclear command and control system, according to American intelligence officials.
Businessman Ling Wancheng disappeared from public view in California last year shortly after his brother, Ling Jihua, a former high-ranking official in the Communist Party, was arrested in China on corruption charges.
A 'Snowden' in reverse:
The defection was triggered by the arrest of Ling’s brother, Ling Jihua, a former presidential aide who secretly obtained some 2,700 internal documents from a special Communist Party unit he headed until 2012.Link:http://freebeacon.com/national-security/chinese-defector-reveals-beijings-secrets/

davidbfpo
04-11-2016, 04:17 PM
A "breaking" story this weekend by John Schindler, as the USN revealed an officer had been in military custody for eight months, charged with espionage whilst serving in ELINT P-3 Orions. The article is critical of the USN following other incidents (IIRC some have appeared on SWC before):http://observer.com/2016/04/amid-shocking-chinese-spy-case-our-navy-can-no-longer-be-trusted/

AdamG
03-30-2017, 12:27 PM
Was that wrong? Should she have not done that? (https://www.youtube.com/watch?v=Td67kYY9mdQ)




A us diplomat who allegedly took tens of thousands of dollars in cash and gifts from chinese intelligence agents was charged on wednesday with lying to investigators over the contacts.
The case was announced days before the first summit between chinese president xi jinping and his us counterpart donald trump in florida next week, but chinese analysts said the prosecution was unlikely to affect the meeting.
The department of justice said candace marie claiborne, 60, knew that the two chinese men she had regular contact with while working for the us state department in china and other countries were from the chinese security services and that the money they gave her was in exchange for us secrets.
She took cash and an iphone for herself, but most of the funds went to an unidentified man half her age with whom she lived in beijing and shanghai.

http://www.scmp.com/news/china/article/2083335/us-diplomat-arrested-getting-cash-and-gifts-chinese-intelligence-agents

davidbfpo
05-20-2017, 08:37 PM
A NYT report that starts with:
The Chinese government systematically dismantled C.I.A. (http://topics.nytimes.com/top/reference/timestopics/organizations/c/central_intelligence_agency/index.html?inline=nyt-org) spying operations in the country starting in 2010, killing or imprisoning more than a dozen sources over two years and crippling intelligence gathering there for years afterward.Link:https://mobile.nytimes.com/2017/05/20/world/asia/china-cia-spies-espionage.html

Bill Moore
05-20-2017, 09:44 PM
A NYT report that starts with:Link:https://mobile.nytimes.com/2017/05/20/world/asia/china-cia-spies-espionage.html


Those who rejected the mole theory attributed the losses to sloppy American tradecraft at a time when the Chinese were becoming better at monitoring American espionage activities in the country. Some F.B.I. agents became convinced that C.I.A. handlers in Beijing too often traveled the same routes to the same meeting points, which would have helped China’s vast surveillance network identify the spies in its midst.

There are a number of possibilities on how the agents were compromised as the article points out. Espionage has always been a hazardous line of work, and it is even more so in the age of transparency. Also an age when we're overly forgiving of those who leak classified information, or in the case of former Secretary of State Clinton and others who maintain classified e-mails on unsecure systems. There are a lot of pieces to the puzzle that are now publically available.

I pulled the above quote from the article to also point out that I believe tradecraft skills probably have eroded over recent years due to the massive human intelligence requirement to support the war on terror. This may have created an erosion in tradecraft skills for at least two reasons. Mass production of case officers, and then conducting operations against relatively unsophisticated opposition (Jihadists). Not all were unsophisticated, but the most of the operations in Iraq and Afghanistan were, but even there shortcuts resulted in CIA agents getting killed.

Operating against a state actor like China and Russia is a very different and much more challenging challenge. The hard lessons of tradecraft developed over years need to be followed, regardless of how inconvenient they may be.

davidbfpo
04-13-2018, 06:05 PM
A report by Bill Gertz, ex-WaPo, which uses Congressional testimony as the foundation. Two small quotes:
Gone was any dedicated strategic [counterintelligence] program, while elite pockets of proactive capabilities died of neglect....We know surprisingly little about adversary intelligence services relative to the harm they can do.
Link:http://freebeacon.com/national-security/chinese-spies-engaged-massive-theft-u-s-technology/

davidbfpo
05-27-2018, 03:52 PM
A story that may re-appear one day meantime. Was this discretion or secrecy:
The suspects were charged in December, but this has only now come to light.
Link:http://www.bbc.co.uk/news/world-europe-44250720

davidbfpo
05-28-2018, 09:55 AM
This does make one wonder and with my emphasis dded in bold:
A FORMER French intelligence agent facing treason charges was reportedly ensnared by a Chinese “honeytrap” when he began an affair with an interpreter in Beijing, it emerged yesterday.The retired spy, named as Henri M, 71, and another former operative, Pierre-Marie H, 66, are accused of passing “information detrimental to fundamental national interests” to a foreign power.
According to a report in Le Journal du Dimanche newspaper, Henri M fell for a woman who worked as an interpreter for the French ambassador in Beijing after he was posted there in 1997 as station chief for France’s DGSE foreign intelligence service. Security sources confirmed the report.

The interpreter, who has not been named, was reportedly suspected of being an informant. Pierre Morel, the ambassador, became concerned about the relationship and asked for Henri M to be recalled to France in 1998.
Link:https://digitaledition.telegraph.co.uk/editions/edition_wn5YC_2018-05-28/data/496616/index.html? (https://digitaledition.telegraph.co.uk/editions/edition_wn5YC_2018-05-28/data/496616/index.html?share=1&WT.mc_id=tmgapp_inar_share&utm_source=tmgapp&utm_medium=inar&utm_content=share&utm_campaign=tmgapp_inar_share&Expires=1529881200&Signature=WEE1rd4PnsZuHLdrh~xLqpIncjqE0JMcavlG~ghm 98gtZ~Vpr9bq1YFncpZiSoXmZQkhk-dW9VYbhAuZAEUOauEbbyNA9hOdfpVFqV3jJU44B2XkvSKJGT1G qj7jXWfkF54okdP8isnpso1E9dwYFq69Lw1izvydidQJaOR8V-vM6VGfIjc9O1Nt0OQsJhuFJs9l~MYCxu0QS7dC2HugYKYw~qj9 H5vekYYiQym8lehotvheuiwIt6GmkGVs5xuQHq1N3V2B0-ROtrARMiqiKNSNc7eUHq65z3nTd3nhMUnXfu8lg6u6z0c8130M GMCuJtGZkyqkWyJNHI4LI2oVRA__&Key-Pair-Id=APKAJLCEPDGCTPVKXNOA)

davidbfpo
06-05-2018, 06:44 PM
An official DoJ press release on 4th June 2018, that starts with:
Ron Rockwell Hansen, 58, a resident of Syracuse, Utah, and a former Defense Intelligence Agency (DIA) officer, was arrested Saturday afternoon on federal charges including the attempted transmission of national defense information to the People’s Republic of China. The FBI agents took Hansen into custody while he was on his way to Seattle-Tacoma International Airport in Seattle to board a connecting flight to China.....From May of 2013 to the date of the complaint, Hansen received not less than $800,000 in funds originating from China.
Link:https://www.justice.gov/opa/pr/former-defense-intelligence-officer-arrested-attempted-espionage

AdamG
06-08-2018, 07:55 PM
Chinese government hackers have compromised the computers of a Navy contractor, stealing massive amounts of highly sensitive data related to undersea warfare — including secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, according to American officials.
The breaches occurred in January and February, the officials said, speaking on the condition of anonymity to discuss an ongoing investigation. The hackers targeted a contractor who works for the Naval Undersea Warfare Center, a military organization headquartered in Newport, R.I., that conducts research and development for submarines and underwater weaponry.
https://www.washingtonpost.com/world/national-security/china-hacked-a-navy-contractor-and-secured-a-trove-of-highly-sensitive-data-on-submarine-warfare/2018/06/08/6cc396fa-68e6-11e8-bea7-c8eb28bc52b1_story.html

davidbfpo
06-09-2018, 10:10 AM
Unable to find a previous post on this case, anyway the DoJ statement starts with:
Today, a federal jury convicted Kevin Patrick Mallory, 61, a former Central Intelligence Agency case officer of Leesburg, Virginia, on espionage charges related to his transmission of classified documents to an agent of the People’s Republic of China.
Link:https://www.justice.gov/opa/pr/jury-convicts-former-cia-officer-espionage

Reading between the lines it appears Mr Mallory retained classified documents after leaving government service, which ended his security clearance, in October 2012. In March and April 2017 he traveled to Shanghai to offer his services. I use 'appears' as he was also a contractor.

More details:https://www.lawfareblog.com/accused-spy-kevin-mallory-goes-trial

davidbfpo
07-13-2018, 06:50 PM
A puzzling explanation of how China's agencies intervened to advance economic interests when a multinational tried to assert itself over selling iron ore.
A "taster":
In the summer of 2012, MI5 Director-General Jonathan Evans gave a rare public lecture in London’s financial district to warn about the “astonishing” level of state-sponsored online spying. One attack, he said, had cost a British company an estimated £800 million ($1.3 billion) in lost revenue, “not just through intellectual property loss but also from commercial disadvantage in contractual negotiations.”Evans didn’t identify the company or the attacker, but in 2015 the journalist Gordon Corera reported in his book Intercept that the spy chief had been talking about Rio Tinto and China.
Link:https://www.bloomberg.com/news/features/2018-07-13/did-china-hack-rio-tinto-to-gain-a-billion-dollar-advantage

AdamG
10-11-2018, 07:18 PM
Yanjun Xu, a senior officer with China’s Ministry of State Security, is accused of seeking to steal trade secrets from leading defence aviation firms, top Justice Department officials said
https://www.scmp.com/news/china/politics/article/2167973/chinese-spy-charged-stealing-us-aviation-secrets-and-extradited

AdamG
10-26-2018, 04:04 PM
China is aggressively seeking to dominate the Internet of Things and plans to use access to billions of networked electronic devices for intelligence-gathering, sabotage, and business purposes, according to a forthcoming congressional report.

China for nearly a decade has been investing heavily in the emerging technology on the Internet of Things (IoT) and has made outpacing similar U.S. efforts one of the ruling Communist Party of China's highest strategic goals.

https://freebeacon.com/national-security/china-targets-control-internet-things-spying-business/


A major concern outlined in the report is China's efforts to uncover vulnerabilities in IoT systems that can be used by Beijing for strategic objectives in both peacetime and war, the report said.

"Aside from industrial control systems, unauthorized access to health care devices could kill patients and exploitation of smart car vulnerabilities could kill drivers and pedestrians alike, among other examples of possible misuse of data and devices that could have dire consequences," the report warns.

"The future destructive potential of unauthorized access to IoT devices appears potentially limitless."

The IoT is an ill-defined term for a global information and communication infrastructure. It is made up of linked devices ranging from biomedical devices for monitoring patients to self-driving cars to critical infrastructure.

The universe of IoT devices includes billions of electronic systems such as, video cameras, smart phones and smart watches, and industrial control systems used in electric grids.

Chinese IoT objectives include building "smart cities" that monitor public utilities, flows of people and traffic, underground pipelines, and air and water quality, the report said.

Other Chinese IoT plans include advanced remote industrial controls; medical IoTs; smart homes equipped with remote controls for appliances and security systems; and smart cars linking vehicle sensors to drivers, roads, cloud services, and other electronic devices.

https://upload.wikimedia.org/wikipedia/en/0/03/Aybabtu.png

AdamG
10-31-2018, 01:51 PM
WASHINGTON — Federal authorities charged two Chinese intelligence officers and a team of hackers Tuesday with stealing U.S. and French airplane technology over a five-year period.

The intelligence officers, Zha Rong and Chai Meng, worked for the Jiangsu Province Ministry of State Security in Nanjing, a local foreign intelligence arm of China's Ministry of State Security.

From January 2010 to May 2015, according to the indictment, the officers and their hackers stole technology for a turbofan jet engine used in U.S. and European commercial airliners. The engine was being developed through a partnership between a French company with an office in Jiangsu Province and a U.S. company.

https://www.nbcnews.com/news/china/feds-charge-chinese-intelligence-officers-stealing-u-s-plane-technology-n926396

davidbfpo
12-19-2018, 06:59 PM
A BBC News special by Gordon Corera; which I note opens with:
The US has launched a crackdown on Chinese attempts to steal secrets. American officials say the Chinese state is boosting its own companies. But in the UK there's no equivalent crackdown.
Link:https://www.bbc.co.uk/news/resources/idt-sh/Looking_for_Chinas_spies

A reasonable overview. I would argue that if the UK has been some poor in responding to Russian activity, why would we treat differently?

AdamG
12-23-2018, 04:00 AM
Currently under house arrest and awaiting extradition to the US, she will face charges that her company violated US sanctions by doing business with Iran and committed bank fraud by disguising the payments it received in return.

But to say that she is the CFO of Huawei doesn’t begin to explain her importance — or China’s reaction.

It turns out that “Princess” Meng, as she is called, is Communist royalty. Her grandfather was a close comrade of Chairman Mao during the Chinese Civil War, who went on to become vice governor of China’s largest province.

She is also the daughter of Huawei’s Founder and Chairman, Ren Zhengfei. Daddy is grooming her to succeed him when he retires.

In other words, Meng is the heiress apparent of China’s largest and most advanced hi-tech company, and one which plays a key role in China’s grand strategy of global domination.

Huawei is a leader in 5G technology and, earlier this year, surpassed Apple to become the second largest smartphone maker in the world behind Samsung.

But Huawei is much more than an innocent manufacturer of smartphones.

It is a spy agency of the Chinese Communist Party.

How do we know?

Because the party has repeatedly said so.

https://www.foxnews.com/tech/how-arrest-of-chinese-princess-exposes-regimes-world-domination-plot

davidbfpo
12-26-2018, 11:44 AM
A 'Sixty Minutes' report on Chinese spying, based on the conviction of an ex-CIA officer Kevin Mallory (awaiting sentencing). With a couple of interviews and some of the evidence produced. A DoJ official:
So MSS is the principal intelligence agency of the Chinese government. And in rough terms it is like the CIA and the FBI put together.Their capabilities are world-class. They have cyber capabilities, they have expertise in turning people into cooperators. And they have all of the tools and expertise of a very capable intelligence organization.
Link:https://www.cbsnews.com/news/chinese-spy-how-a-former-cia-officer-was-caught-betraying-his-country-60-minutes/
(https://www.cbsnews.com/news/chinese-spy-how-a-former-cia-officer-was-caught-betraying-his-country-60-minutes/)
The DoJ indictment is available on:https://www.justice.gov/opa/press-release/file/975671/download



(https://www.cbsnews.com/news/chinese-spy-how-a-former-cia-officer-was-caught-betraying-his-country-60-minutes/)

AdamG
01-16-2019, 02:26 AM
Double-tapping this cautionary tale.

US officials say China is trying to influence US policymakers, steal secrets and spy on the US government. But how? The story of Kevin Mallory, a man who seemed to lead a typical suburban life in Virginia, provides the answer.
https://www.bbc.com/news/world-us-canada-46557096

davidbfpo
05-02-2019, 09:31 AM
Does this help to explain the collapse and deaths of a CIA Humint network in China?
Link:https://www.bbc.co.uk/news/world-us-canada-48130068