Buzz
Over the last few decades, China has made significant strides in the field of espionage, an area where Western nations and Russia previously held dominance. Due to China’s delayed entry and its historically insular intelligence operations, the United States is only now beginning to fully grasp the threat posed by China. In fact, they are now the ones playing catch-up. As former National Counter-Intelligence Executive Michelle Van Cleave puts it, “The Chinese are the biggest problem we have with respect to the level of effort that they’re devoting against us versus the level of attention we are giving to them.”
The ramifications have been staggering. Billions of dollars in intellectual property, sensitive US government policies, and military technologies have been stolen. Since 2003, 123 Chinese agents have been identified within the United States.
So, what has made China so successful in espionage? To begin with, China's political system is more tolerant of such activities due to its single-party rule. If caught, the Chinese government can recover more easily than a liberal democracy with a free press. This allows them to take greater risks. On the other hand, the United States, typically China’s primary target, is an open society, making it remarkably easy for China to deploy spies within the US. Let’s explore how China has been infiltrating Western nations.
10. Mosaic Theory – The ‘Human Wave’
The mosaic theory describes a method of intelligence gathering where thousands of non-professionals, or a 'human wave,' are tasked with collecting small pieces of information across various sectors like business, academia, and media. This approach also includes small, seemingly harmless cyber intrusions. These gathered fragments are later assembled into a 'mosaic' by more experienced analysts. Proving this theory is challenging, as much of the gathered information doesn't qualify as espionage and thus isn’t investigated. However, if true, as some experts suggest, it means that the US and other affluent nations are filled with spies quietly collecting seemingly harmless details.
Some experts argue that this 'human wave' approach isn’t necessarily directed or managed by a central, all-powerful Chinese intelligence agency. Instead, China has created market incentives that encourage spying, fueling demands for rapid growth and technological progress. The government fosters such activities through the '863 Program,' which provides funding to Chinese companies with minimal restrictions. These firms often use this funding for corporate espionage to gain an advantage. Stratfor, a private intelligence firm, estimates that 70% of Chinese intelligence operations are not coordinated by government agencies but by various commercial organizations, scientific institutions, and media outlets. Stratfor reports, 'These entities often compete among themselves, sending agents on the same missions as part of China’s mosaic strategy for intelligence gathering.'
This long-term, patient approach can take years to produce meaningful intelligence, but it eventually yields results. During a 1999 Congressional hearing, a committee acknowledged that China had successfully obtained the designs for the WW-88 nuclear warhead over a span of two decades. A report by Senator Rudman referred to the operation as 'highly skilled in the art of seemingly harmless information gathering.' Because each individual piece of information appeared innocuous on its own, US counterintelligence found it exceptionally difficult to identify and prosecute the spies involved.
Intelligence professionals and other experts caution against over-relying on the mosaic theory, as it could lead to unwarranted mistrust of Chinese nationals and detract attention from the activities of China’s professional intelligence agencies. In fact, this might be the very purpose of the mosaic approach—to create diversion.
9. Chen Di Yu
Chen di yu, which translates to 'fish at the bottom of the ocean,' is a term used to describe what Western intelligence agencies might call a 'sleeper agent' or 'seeding operation.' The concept goes beyond this, embodying Chinese values of patience and meticulous planning. Chen di yu can refer to either Chinese-born individuals, often specifically trained for their mission, or foreign recruits who have access to sensitive information. In the first scenario, a Chinese national might emigrate to the US and devote their entire life, or at least a significant portion of it, to a single mission. They would aim to secure a position at a targeted US company or government agency, such as the CIA, and truly immerse themselves in the role for the foreseeable future.
A striking example of this is the case of Chi Mak. In 2008, Chi Mak was arrested in Los Angeles for transmitting sensitive US Navy documents—containing details on ship systems, submarines, and weaponry—to Chinese intelligence. He later admitted in court that the operation had been planned back in the 1970s, when he was trained in specific technical expertise to allow him to pursue a career within the US defense-industrial complex. In the same year, Dongfan Chung, a Boeing engineer, was arrested for stealing space shuttle and rocket documents for Chinese intelligence. He, too, had received instructions from Beijing dating as far back as 1979. There are numerous similar cases.
As mentioned earlier, China does not restrict its operations to Chinese nationals. In one instance, Chinese intelligence approached and recruited Glenn Shriver, a US college student, while he was studying abroad in China. Shriver was offered tens of thousands of dollars to apply to the US State Department and CIA, although he was not accepted into either. He was arrested in 2010. In response, the FBI even produced an instructional video to educate US exchange students in China on how to recognize the recruitment methods and techniques employed by Chinese intelligence.
8. Corporate Espionage
As early as 1998, US businesses identified China as the leading economic and espionage threat in a Fortune survey. The situation has only worsened in recent years.
The Chinese government applies significant pressure on both private and state-owned companies to compete globally. While China’s professional intelligence agencies, the Ministry of State Security (MSS) and the Military Intelligence Department (MID), focus on stealing military and political secrets, the government turns a blind eye to economic espionage, even providing funding for such activities. The 863 Program, previously mentioned, is an example of seemingly harmless funding being used to steal intellectual property.
There are countless instances of corporate espionage originating from China. In January 2016, 60 Minutes aired a story about a Chinese state-owned wind turbine company that bribed an employee at American Superconductor to obtain proprietary source code. This nearly drove American Superconductor out of business, costing billions of dollars in sales. Worse still, when the company executives attempted to sue the culprits for $1.2 billion, Chinese hackers were found to be infiltrating the company’s files to uncover their legal strategy.
A particularly audacious tactic used by the Chinese is purchasing US companies with access to advanced technology. China National Aero-Technology Import & Export Corp. (CATIC) and Huawei are examples of this strategy, with CATIC maintaining direct connections to the People’s Liberation Army (PLA). In 1990, CATIC acquired US defense technology firm Mamco Manufacturing, and Huawei has attempted to acquire US tech companies such as 3com and Symantec. Concerns have been raised by members of Congress regarding Huawei’s continued efforts to dominate the US telecommunication sector, particularly due to the company’s close ties with the Chinese government, which could enable exploitation of US networks. Additionally, China has been known to purchase front companies in the US to illegally export US technology back to China. The FBI has estimated that over 3,000 companies have served as fronts for Chinese spies.
Economic espionage is carried out by both the Chinese government and private actors, though the latter is more prevalent. According to a list of Chinese economic espionage cases released by the FBI, only four out of 29 individuals successfully prosecuted for economic espionage-related crimes between 2008 and 2010 were associated with Chinese intelligence agencies. One of the most proficient hacking units, known as Unit 61398, is part of the PLA and specializes in attacking US businesses across all industries. US security firm Mandiant recently exposed their operations in a shocking report.
Academics and scholars can engage in activities that are highly suitable for espionage. They have the freedom to move between academic institutions and research circles, travel frequently, and even interact with government officials under the pretense of conducting research. Chinese intelligence officers are aware of this and have infiltrated academic circles to access potential recruits in the US. In some instances, a Chinese academic or scientist, often affiliated with the Chinese Student and Scholar Association, is enlisted to identify potential targets. Once a researcher, academic, or journalist is identified, they may receive invitations to conferences or universities in China, which are often under the control of the MSS or MID. From that point, Chinese agents begin building relationships with the target, offering incentives to maintain contact. Over time, the target is asked for increasingly sensitive information. If the process is carried out properly, the target is typically unaware they are engaging in espionage.
Recall the case of Chi Mak? His investigation led the FBI to one of his professionally trained handlers, Pu Pei Liang, who was employed at the University of Guangzhou in China. His position allowed him to travel unnoticed to the US to meet with Chi Mak. Many other known Chinese spies also have academic or research backgrounds, such as Peter Lee, Gwo-Bao Min, Bo Jiang, Hua Jun Zhao, and others.
The connections between Chinese intelligence operations and academia run deep, as those who engage in scholarly pursuits are often seen as ideal targets for recruitment. The blending of academic research with intelligence work makes it difficult for the average person to distinguish between genuine research and espionage activities. Chinese agents exploit this overlap to gather sensitive information without drawing attention.
Chinese intelligence has a long history of targeting academic institutions to find individuals who can be persuaded to provide sensitive information. By offering incentives like travel opportunities, conference invitations, or promising academic collaborations, agents build trust with their targets. This careful cultivation of relationships ensures that the target remains unaware of the espionage taking place.
While posing as a journalist to collect intelligence is typically a breach of espionage ethics, it is a practice that is generally prohibited in the US, requiring rare and specific presidential approval. In contrast, China does not follow the same constraints as Western intelligence agencies and is indifferent to the reputation of its journalists.
Historically, China has utilized the New China News Agency, now Xinhua, as a primary cover for espionage activities. This is due to the fact that journalists have the ability to operate openly, ask probing questions, and investigate people, places, and governments without raising suspicion. Such a role is seen as an ideal 'cover' in the world of espionage. While countries like the US avoid using the press in this way out of respect for press freedom, China has no such qualms, as 'freedom of the press' holds little significance in its political landscape.
Xinhua's role extends beyond providing cover for espionage. It also functions as an open-source intelligence agency, gathering and translating foreign news to create specialized publications for senior government officials. Of course, this part of Xinhua's operations is not illegal.
In 2005, former Chinese diplomat Chen Yonglin revealed the covert activities of Xinhua. He accused Chinese journalists of reporting directly to the Ministry of State Security (MSS) or the Military Intelligence Department (MID), with a clear and covert mission. This mission was not limited to gathering intelligence, but also involved spreading Communist Party propaganda and news coverage aligned with party interests.
China's use of Xinhua as both a cover for espionage and as a tool for intelligence gathering is an integral part of its strategy. The agency’s dual role, operating openly in the media world while also covertly pushing state-sponsored agendas, reveals the extent to which China's intelligence operations have infiltrated the media landscape.
In 2012, Canadian journalist Mark Bourrie revealed similar practices from his time working with Xinhua. Bourrie recounted, “They tried to get me [ . . .] to write a report for the Chinese government on the Dalai Lama using my press credentials as a way of gaining access that I wouldn't otherwise have. [ . . .] We were there under false pretenses, pretending to be journalists but acting as government agents.”
Diplomatic cover has long been a favored tactic among global intelligence agencies, and China is no exception. Posing as diplomats provides the opportunity to interact with policymakers, military figures, and business leaders. This makes it easier to form relationships and identify potential targets for recruitment.
This strategy has been in use for decades. For example, in 1987, two Chinese military attaches were expelled after attempting to buy classified information from an NSA employee, who also served as an FBI double agent. In 2006, Ronald Montaperto, a senior analyst at the US Defense Intelligence Agency, was caught passing information to Chinese military attaches during routine liaison meetings. Additionally, in 2011, Russian authorities arrested Tun Sheniyun, who was working as a translator for Chinese diplomats and attempting to steal information on the S-300 anti-aircraft system.
In 2012, Japanese authorities accused Li Chunguang, a first secretary at the Chinese embassy in Tokyo, of attempting to acquire classified military documents related to technology. This incident highlights the ongoing use of diplomatic cover by Chinese operatives to engage in espionage activities.
China has also used its diplomatic influence to sway political outcomes in the United States, a practice referred to in intelligence circles as 'covert action.' During the 1996 election period, Beijing is accused of channeling millions of dollars into Democratic political campaigns. This operation, which US intelligence estimates cost about $1 million, was approved at the highest levels of the Chinese government and managed by the Ministry of State Security (MSS). The goal was to secure more favorable political treatment for China.
4. College Students
Chinese intelligence agencies make use of the roughly 15,000 Chinese students who travel to the US annually. These students are debriefed when they return to China, providing details about specific academic fields and research. The main goal, however, is to keep these students in the US, supporting their careers in specialized fields. Over time, these individuals, many of whom are amateurs, have spread across various US industries, sending back small but valuable pieces of information.
Recruits are often contacted even before they arrive in the US, either through coercion by the Chinese government or by appealing to their sense of Chinese national identity. According to Lu Dong, a former Chinese agent turned vocal critic of the regime, most of these low-level operations are run by organizations such as the United Front Work Department and the Overseas Chinese Affairs Office, rather than by professional agencies like the MSS or MID. Due to the sheer number of potential spies and the relatively harmless nature of the information gathered (typically corporate secrets), these operations are difficult to track or identify, especially with limited resources.
3. Little Blue Men
One of the most audacious moves by China in the past decade has been its creation of artificial islands in the South China Sea. This aggressive act has raised alarms across Pacific nations, which view it as an unlawful land grab, while the United States expresses concerns over potential threats to international shipping routes.
Even more intriguing is China's approach to defending its claims—fishing boats. Since 1949, the People's Liberation Army (PLA) has integrated ordinary fishermen into a 'maritime militia.' Some analysts have referred to them as 'the little blue men,' drawing a parallel to the 'little green men' involved in Russia's annexation of Crimea. These vessels serve as barriers to foreign ships, hindering attempts to approach the islands or gather intelligence. Not only do these boats conduct irregular warfare, but they are also capable of collecting intelligence with greater effectiveness than a large, obvious Chinese Navy ship. These boats may be equipped with sophisticated surveillance gear, and under international maritime law, foreign ships have limited recourse.
2. Your Hotel Room
These days, both private businesses and government entities whose staff frequently travel through China are prepared for the worst in terms of personal privacy. Hidden listening devices in hotel rooms, key-logger malware installed when guests aren't looking, and even physical surveillance teams are all plausible scenarios, according to experts.
While ordinary tourists might not face significant concerns, numerous companies have strict security protocols when sending employees to China. Workers are often instructed to leave their personal devices behind and bring only fresh, disposable laptops and phones. In some cases, businesses even destroy these devices once the employee returns from China. Employees are trained to disable cameras and microphones, remove batteries from phones, and save passwords to USB drives to ensure they can be pasted rather than typed. Chinese hackers are believed to be so skilled at implanting key-loggers that entering passwords directly should be avoided. Hotels frequently used by foreigners are known to have listening devices and cameras in guest rooms.
The collected data may later be leveraged for blackmail, pressuring victims to act as spies for the Chinese. A shocking example occurred in 2015 when 20 foreign tourists were detained by Chinese authorities for 'watching terror videos' in their hotel room. This raises an important question: How did the authorities become aware of what was happening inside the room?
1. Cyber Attacks
Cyber attacks are among the most widely reported crimes linked to China. The NSA disclosed that China had breached major US corporations and government agencies nearly 700 times over five years. Despite promises from Chinese President Xi Jinping that such incidents would cease, the attacks have not diminished. Cybersecurity firm CrowdStrike tracked seven cyber intrusions traced to China in the first three weeks following the agreement. Many of these cyberattacks may not have been directly ordered by the state, as Chinese businesses often face intense pressure to succeed globally and may resort to corporate espionage to stay competitive.
Operation Iron Tiger is a particularly disturbing case involving a Chinese hacking group, known as 'Threat Group 3390' or 'Emissary Panda.' While it doesn't seem to be directly linked to the government, the group has infiltrated various industries, including defense contractors, intelligence agencies, and private companies in sectors like energy, aerospace, telecommunications, and nuclear engineering. This group has stolen massive amounts of data—possibly trillions of bytes—and may sell the information to the highest bidder among Chinese tech firms.
Even Lenovo, the well-known Chinese computer brand, has been caught multiple times installing spyware on its devices. As concerns rise, security experts are increasingly worried that such malware might be introduced during the manufacturing process on the factory floor, especially as more computer hardware is produced in East Asia.
The Chinese government is not entirely blameless in this situation. Recently, Mandiant uncovered a secret cyber unit within the Chinese military. This unit, identified as Unit 61398, specializes in online espionage, particularly targeting US tech companies. It is believed that this group might have been responsible for the 2008 breach of the Department of Defense's (DoD) systems, where a compromised USB drive delivered malware to networks run by US Central Command. As a result, the DoD has since banned the use of USB drives on its computers.
