The government of China is engaged in espionage overseas, thought to be directed primarily through the Ministry of State Security (MSS). It is suspected of employing a variety of tactics including cyber spying to gain access to sensitive information remotely and physical agents (HUMINT). China is believed to be engaged in industrial espionage aimed at gathering information to bolster its economy, as well as monitoring dissidents abroad such as supporters of the Tibetan independence movement and Falun Gong.
Contents
Method of operation
It is generally believed that Chinese intelligence agencies operate differently from other espionage organizations by employing primarily academics or students who will be in their host country only a short time, rather than spending years cultivating a few high-level sources or double agents. Much information about the Chinese intelligence services comes from defectors, whom the PRC accuses of lying to promote an anti-PRC agenda. One known exception to this rule is the case of Katrina Leung, who was accused of starting an affair with an FBI agent to gain sensitive documents from him. A U.S. judge dismissed all charges against her due to prosecutorial misconduct.
The United States believes the Chinese military has been developing network technology in recent years in order to perform espionage on other nations. Several cases of computer intrusions suspected of Chinese involvement have been found in various countries including Australia, New Zealand, Canada, France, Germany, the Netherlands, the United Kingdom, India and the United States.
In 2009, Canadian researchers say they have found evidence that Chinese hackers had gained access to computers possessed by government and private organizations in 103 countries, although researchers say there is no conclusive evidence China's government was behind it. Beijing also denied involvement. The researchers said the computers penetrated include those of the Dalai Lama and Tibetan exiles.
Objectives
It is believed that Chinese espionage is aimed at the preservation of China's national security through gaining commercial, technological, and military secrets.
Canadian businessman Joe Wang believes that threatening letters he received after broadcasting programs about alleged human rights abuses in China were from the Chinese consulate; one of the envelopes contained boric acid. In November 2005 the United States arrested four people in Los Angeles on suspicion of being involved in a Chinese spy ring.
Taiwanese-American scientist Wen Ho Lee (born in Nantou, Taiwan 21 December 1939) was accused and investigated on the grounds of espionage in 1999 but was acquitted of all charges except for mishandling classified data.
India
India has quietly informed companies to avoid using Chinese-made telecommunications equipment, fearing that it may have spy capabilities embedded within it. Also, India's intelligence service, Research and Analysis Wing (RAW) believes that China is using dozens of study centers that it has set up in Nepal near the Indian border in part for the purposes of spying on India. In August 2011 a Chinese research vessel disguised as a fishing trawler was detected off the coast of Little Andaman, collecting data in a geostrategically sensitive region.
The "Luckycat" hacking campaign that targeted Japan and Tibet also targeted India. A Trojan horse was inserted into a Microsoft Word file ostensibly about India's ballistic missile defense program, allowing for the command and control servers to connect and extract information. The attacks were subsequently traced back to a Chinese graduate student from Sichuan and the Chinese government is suspected of planning the attacks.
Japan
According to a report by Trend Micro the "Luckycat" hacker group is engaged in cyber-espionage on targets in Japan, India and Tibet. During the 2011 Tōhoku earthquake and tsunami and nuclear meltdowns at Fukushima, the hackers inserted a Trojan virus into PDF attachments to emails being circulated containing information about radiation dosage measurements. Investigation into ownership of the command and control servers by Trend Micro and The New York Times linked the malware to Gu Kaiyuan, through QQ numbers and the alias "scuhkr". Mr. Gu is a former graduate student of the Information Security Institute of Sichuan University in Chengdu and wrote his master's thesis on computer hacking. James A. Lewis of the Center for Strategic and International Studies, believes the attacks were state-sponsored.
Sri Lanka
In Sri Lanka, Jayalalithaa Jayaram – head of the All India Anna Dravida Munnetra Kazhagam – stated that Chinese laborers working in parts of the country devastated by the Sri Lankan Civil War were infiltrated with Chinese spies on surveillance missions targeted at Tamil Nadu, India.
Taiwan
The PRC and ROC regularly accuse each other of spying. Presidential aide Wang Jen-ping was found in 2009 to have sold nearly 100 confidential documents to China since 2007; Military intelligence officer Lo Chi-cheng was found to have been acting as a double agent in 2010 for China since 2007; Maj. Gen. Lo Hsien-che, electronic communications and information bureau chief during the administration of former President Chen Shui-bian, has been suspected of selling military secrets to Mainland China since 2004.
In 2007 the Ministry of Justice Investigation Bureau stated that 500 gigabyte Maxtor Basics Personal Storage 3200 hard drives produced by Seagate Technology and manufactured in Thailand may have been modified by a Chinese subcontractor and shipped with the Virus.Win32.AutoRun.ah virus. As many as 1,800 drives sold in the Netherlands and Taiwan after August 2007 were reportedly infected with the virus, which scanned for passwords for products such as World of Warcraft and QQ and uploading them to a website in Beijing.
Hong Kong
According to Falun Gong media The Epoch Times and Pan-democracy political groups, China has been sending spies into Hong Kong harassing dissents and Falun Gong practitioners. In 2012, according to Oriental Daily, a Chinese security ministry official has been arrested in Hong Kong for suspicion of acting as a double agent for the United States.
Belgium
Belgian Justice Minister Jo Vandeurzen accused the Chinese government of electronic espionage against the government of Belgium, while Foreign Minister Karel De Gucht informed the Belgian Federal Parliament that his ministry was hacked by Chinese agents. The espionage is possibly linked to Belgium hosting the headquarters of NATO and the European Union.
The Katholieke Universiteit Leuven in Leuven was also believed to be the center for a group of Chinese students in Europe conducting industrial espionage, operating under a front organization called The Chinese Students' and Scholars' Association of Leuven. In 2005 a leading figure of the Association defected to Belgium, providing information to the Sûreté de l’Etat on hundreds of spies engaged in economic espionage across Europe. The group had no obvious links to Chinese diplomats and was focused on getting moles into laboratories and universities in the Netherlands, Britain, Germany, France and Belgium. The People's Daily, an organ of the Central Committee of the Communist Party of China, dismissed the reports as fabrications triggered by fears of China's economic development.
France
There have been several incidents of suspected Chinese spies in France. This includes Shi Pei Pu, a Chinese opera singer from Beijing who convinced a French diplomat that he was a woman, and spied on France.
French media also portrayed Li Li Whuang (李李), a 22-year-old Chinese intern at car parts maker Valeo, as an industrial spy. Both the French prosecution and Valeo refuted media claims of spying and the case was later considered to be a psychosis. Li Li was ultimately convicted of violating the confidentiality clause of her contract and served two months in prison, but was allowed to continue her doctoral studies at the University of Technology of Compiègne.
Germany
Germany suspects China of spying both on German corporations and on Uyghur expatriates living in the country.
The Federal Ministry of the Interior estimates that Chinese economic espionage could be costing Germany between 20 and 50 billions euros annually. Spies are reportedly targeting mid- and small-scale companies that do not have as strong security regimens as larger corporations. Berthold Stoppelkamp, head of the Working Group for Economic Security (ASW), stated that German companies had a poor security culture making espionage easier, exacerbated by the absence of a "strong, centralized" police command. Walter Opfermann, a counter-intelligence expert for the state of Baden-Württemberg, claimed that China is using extremely sophisticated electronic attacks capable of endangering portions of critical German infrastructure, having gathered sensitive information through techniques such as phone hacking and Trojan emails.
Between August and September 2007 Chinese hackers have been suspected of using Trojan horse spyware on various government computers, including those of the Chancellory, the Ministry of Economics and Technology, and the Ministry of Education and Research. Germans officials believe Trojan viruses were inserted in Microsoft Word and PowerPoint files, and approximately 160 gigabytes of data were siphoned to Canton, Lanzhou and Beijing via South Korea, on instructions from the People's Liberation Army.
In 2011, a 64-year-old German man was charged with spying on Uighurs in Munich between April 2008 and October 2009. Munich is a center for expatriate Uyghurs, and in November 2009 members of the Federal Criminal Police Office arrested four Chinese nationals on charges of spying on Uyghurs. In 2007 Chinese diplomat Ji Wumin left Germany after being observed meeting with individuals engaged in surveillance of Munich Uyghurs, and German investigators suspect China is coordinating espionage activities out of its Munich consulate in the Neuhausen district.
Poland
In May 2009, Stefan Zielonka, a Polish cipher officer working for the Military Information Services, disappeared. He is suspected of providing the Chinese or Russian governments with Polish and NATO cryptography information. Zielonka's body was later retrieved from the Vistula river, although investigators remain uncertain as to whether Zielonka was attempting to defect or commit suicide, or whether the body retrieved actually was Zielonka's.
Russia
In December 2007, Igor Reshetin, the Chief Executive of Tsniimash-Export, and three researchers were sentenced to prison for passing on dual-purpose technology to the Chinese. Analysts speculated that the leaked technology could help China develop improved missiles and accelerate the Chinese space program. In September 2010, the Russian Federal Security Service detained two scientists working at the Baltic State Technical University in Saint Petersburg. The two are charged with passing on classified information to China, possibly through the Harbin Engineering University.
Sweden
Babur Maihesuti, a Chinese Uighur who became a Swedish citizen was arrested for spying on the Uighur refugee communities in Sweden, Norway, Germany and the United States, and ultimately sentenced for illegal espionage activity.
United Kingdom
UK officials, including experts at its MI5 intelligence agency, are fearful that China could shut down businesses in the nation with Chinese cyber attacks and spy equipment embedded in computer and telecommunications equipment.
Canada
Newspapers have estimated that China may have up to 1000 spies in Canada. The head of the Canadian Security Intelligence Service Richard Fadden in a television interview was assumed to have implied that various Canadian politicians at provincial and municipal levels had ties to Chinese intelligence. In an interview, he claimed that some politicians were under the influence of a foreign government, but he withdrew the statement a few days later. It was assumed by Chinese groups in Canada, and others, that he was referring to China because in the same interview he stressed the high level of Chinese spying in Canada, however Fadden did not say specifically which country these politicians were under the influence of. His statement was withdrawn a few days later.
In 2012 Mark Bourrie, an Ottawa-based freelance journalist, stated that the State Council-run Xinhua News Agency asked him to collect information on the Dalai Lama through their Ottawa bureau chief, Dacheng Zhang, by exploiting his journalistic access to the Parliament of Canada. Bourrie stated that he was asked to write for Xinhua in 2009 and sought advice from the Canadian Security Intelligence Service (CSIS), but was ignored. Bourrie was asked to collected information on the Sixth World Parliamentarians' Convention on Tibet at the Ottawa Convention Centre, although Xinhua had no intention of writing a story on the proceedings. Bourrie stated that at that point "We were there under false pretenses, pretending to be journalists but acting as government agents." Xinhua collects extensive information on Tibetan and Falun Gong dissidents in Canada, and is accused of being engaged in espionage by Chinese defector Chen Yonglin and Reporters Without Borders.
United States
China is suspected of having a long history of espionage in the United States against military and industrial secrets, often resorting to direct espionage, exploitation of commercial entities, and a network of scientific, academic, and business contacts. Several U.S. citizens have been convicted for spying for China. Naturalized citizen Dongfan Chung, an engineer working with Boeing, was the first person convicted under the Economic Espionage Act of 1996. Chung is suspected of having passed on classified information on designs including the Delta IV rocket, F-15 Eagle, B-52 Stratofortress and the CH-46 and CH-47 helicopters.
China’s espionage and cyber attacks against the US government and business organizations are a major concern, according to the seventh annual report (issued Sept 2009) to the US Congress of the U.S.-China Economic and Security Review Commission. "Although attribution is a problem in cyber attacks, the scale and coordination of the attacks strongly indicates Chinese state involvement," said commission vice chairman Larry Wortzel. "In addition to harming U.S. interests, Chinese human and cyber espionage activities provide China with a method for leaping forward in economic, technological, and military development." The report cited that the number of cyber attacks from China against the US Department of Defense computer systems had grown from 43,880 in 2007 to 54,640 in 2008, a nearly 20 percent increase. Reuters reported that the Commission found that the Chinese government has placed many of its computer network responsibilities under the direction of the People's Liberation Army, and was using the data mostly for military purposes. In response, China slammed the report as "full of prejudice," and warning it could damage China-US relations. "We advise this so-called commission not to always view China through tinted glasses," Foreign Ministry spokesman Qin Gang said.
In 2008 the Chinese government was accused of secretly copying information from the laptop of Commerce Secretary Carlos Gutierrez during a trade mission to Beijing in order to gain information on American corporations. The allegations were subsequently dismissed by Qin Gang, a spokesman for the Ministry of Foreign Affairs of the People's Republic of China.
In response to these and other reports of cyberattacks by China against the United States, Amitai Etzioni of the Institute for Communitarian Policy Studies has suggested that China and the United States should agree to a policy of mutually assured restraint with respect to cyberspace. This would involve allowing both states to take the measures they deem necessary for their self-defense while simultaneously agreeing to refrain from taking offensive steps; it would also entail vetting these commitments.
Australia
Australia believes that Chinese have been spying on Australian businesses. A male Chinese student from Fujian was granted a protection visa by the Refugee Review Tribunal of Australia after revealing that he had been instructed to spy on Australian targets in exchange for an overseas scholarship, reporting to the Ministry of State Security. Reported targets included Chinese students with anti-Communist sentiments and Falun Gong practitioners.
Nicola Roxon, the Attorney-General of Australia, blocked the Shenzhen-based corporation Huawei from seeking a supply contract for the National Broadband Network, on the advice of the Australian Security Intelligence Organisation. The Australian government feared Huawei would provide backdoor access for Chinese cyber espionage.
The Chinese government is suspected of orchestrating an attack on the email network used by the Parliament of Australia, allowing unauthorized access to thousands of emails and compromising the computers of several senior Australian politicians including Prime Minister Julia Gillard, Foreign Minister Kevin Rudd, and Minister of Defense Stephen Smith.
South America
Experts believe that China has recently increased its spy capabilities in South America, perhaps with help from the Cuban government.
Peru
The computer security firm ESET reported that tens of thousands of blueprints were stolen from Peruvian corporations through malware, which were traced to Chinese e-mail accounts. This was done through an AutoCAD worm called ACAD/Medre.A, written in AutoLISP, which located AutoCAD files, at which point they were sent to QQ and 163.com email accounts in China. ESET researcher Righard Zwienenberg claimed this was Chinese industrial espionage. The virus was mostly localized to Peru but spread to a few neighboring countries before being contained.