China’s Relentless Pursuit of Western Technologies

China’s Relentless Pursuit of Western Technologies

By TorchStone VP, Scott Stewart

On April 22, German authorities arrested three German citizens on charges of spying for China. The three accused, who were identified only by their first names and initials in court documents and media reports, are alleged to have worked on behalf of the Chinese Ministry of State Security (MSS) to obtain information regarding state-of-the-art technologies with military applications, as well as obtaining items such as high-tech lasers, and machine parts for marine engines for shipment to China.

The German authorities have not released all the details of the case yet, and more information will become available if the cases go to trial, however, there is enough information in the initial reports to illustrate how this case bears the distinctive fingerprints of the MSS’ relentless espionage campaign against technology targets in the West.

China’s Objectives

The Chinese Communist Party has long set its sights on surpassing the U.S. and the West in technology. It has not been shy about announcing that intent through various government initiatives such as the “Made in China 2025,” and the “Thousand Talents” programs.

The Made in China 2025 plan explicitly lists ten priority sectors the Chinese are targeting:

1. New generation information technology (includes AI, semiconductors, etc.)
2. High-end computerized machines and robots
3. Aerospace
4. Maritime equipment and high-tech ships
5. Advanced railway equipment
6. New energy and energy-saving vehicles
7. Agricultural machines
8. Energy equipment (to include nuclear technology)
9. New materials
10. Biopharma and high-tech medical devices

The plan aims to achieve the following benchmarks:

• By 2025: Boost manufacturing quality, innovation, and labor productivity; obtain an advanced level of technology integration; reduce energy and resource consumption; and develop globally competitive firms and industrial centers.
• By 2035: Reach a level of development that is on par with global industry at “an intermediate level,” improve innovation, make major technology breakthroughs, lead innovation in specific industries, and set global standards.
• By 2049: Lead global manufacturing and innovation with a competitive position in advanced technology and industrial systems.

The Chinese Communist Party has devoted a large amount of effort and resources toward obtaining the technologies required to achieve these ambitious goals. Many of their efforts are above board, such as government-funded research programs, joint ventures and partnerships, foreign acquisitions, and talent recruitment. However, the party is determined to achieve these goals by any means necessary, including espionage.

This willingness to embrace espionage is readily apparent by the fact that Chinese intelligence officers and their agents have been arrested, charged, or implicated in espionage cases in the West involving every one of these ten priority sectors. Their espionage efforts have targeted everything from microchips, and surgical robots, to hybrid corn seeds and soda can lining material.

It is no accident, then, that the recent case in Germany involves the theft of advanced maritime technology and the diversion of sensitive maritime engine components and other equipment, as they fall under one of the ten priority sectors.

Many Different Approaches

The Chinese MSS, its various regional bureaus, and their People’s Liberation Army (PLA) Intelligence counterparts have used many different tactics in their efforts to obtain the wide array of technological secrets they’ve been tasked to retrieve.

Perhaps the least risky of these tactics is cyber espionage. Hackers affiliated with one of the countless MSS or PLA advanced persistent threat (APT) groups work tirelessly to steal proprietary material from Western companies, universities, and research institutions using a variety of hacking tools.

They will also train and deploy undercover intelligence officers as students or researchers to infiltrate universities, research institutions, and companies in the West.

But the approach they took in the recent German case is another common tactic: recruit a foreign agent to obtain the information for you as they may raise less suspicion than an undercover Chinese officer.

The Little Hook

The initial reporting in the German case suggests the German agent was recruited remotely by being asked to write a research paper for an MSS officer operating under some sort of academic or commercial cover. In such cases, the prospective agent will be paid well for the initial research project and then tasked to write additional papers that will involve sensitive or proprietary subjects.

This was the approach used to recruit former CIA case officer Kevin Mallory. Mallory was approached on LinkedIn by a Chinese MSS officer posing as a think tank executive who asked him to author a paper on U.S. policy toward China. Mallory completed a few research papers and was well compensated for them—thus developing the transactional nature of the relationship. He was then invited to Shanghai, where he was formally pitched and recruited to become an agent of the MSS.

Requesting non-sensitive information and rewarding the prospective agent for it is useful in establishing a transactional relationship and accustoming an agent to receive and fulfill tasking requests. This gradual approach is an espionage technique called “the little hook.”

The little hook establishes what appears to be a benign relationship while compromising the recruit. As the transactional relationship develops, the intelligence office will subtly dig the hook in ever deeper, requesting increasingly more sensitive information, while thoroughly documenting each transaction. If necessary, handlers can then leverage evidence of the relationship to compel the recruit to provide more sensitive information in the future.

Another variant of this approach is where someone with access to the targeted technology is invited to come to China to speak at an academic conference. The topic of the presentation will often be vaguely related to the specific sensitive technology but will usually not involve any proprietary or classified information. In addition to paying for the speaker’s travel expenses, the speaker will be feted handsomely by his “academic hosts,” and offered a generous and unanticipated honorarium—the presentation of which will be secretly recorded on video.  The speaker may also be honey-trapped during the visit, which would also be recorded on video.

The conference visit provides a good opportunity for the intelligence officer posing as the academic host to assess the speaker as a prospective agent and work to further develop their relationship. Depending on the assessment of the target, the recruitment pitch can sometimes be made very directly, as it was in the Mallory case, or it may be more subtle if the intelligence officer judges it is better to pursue a more gradual approach.

As more details of the German agent’s recruitment become available at trial, I will be watching to see if there was also a LinkedIn angle to this case.

Busting the Myths

The German case helps to dispel several false stereotypes often associated with Chinese espionage efforts. First, Chinese espionage efforts do not just focus on recruiting ethnic Chinese or targeting individuals for recruitment using family members in China as leverage.

Certainly, they do target ethnic Chinese, and family members in China can provide a powerful incentive to cooperate with Chinese intelligence agencies. However, as the German case demonstrates, they will target anyone with access to the information or technology they are attempting to acquire, and who they assess as vulnerable to a recruitment pitch.

Secondly, many people hold to the flawed concept that certain countries are more at risk for espionage and others are somehow “safer.” Certainly, Chinese intelligence officers do enjoy a great deal of latitude when operating against espionage targets on their home turf, but they have repeatedly demonstrated that they will go wherever needed to gain access to the information they’ve been tasked to acquire. No place is beyond their reach.

Finally, in the German case, the agent who was first recruited enlisted the help of friends or associates who owned a business in Düsseldorf to gain access to additional information and materials. In this case, it is alleged the company in Düsseldorf assisted in establishing relationships with researchers and a research transfer agreement with an unnamed German University. It is not clear at what point the owners realized the first agent was working on behalf of the MSS, but since they’ve been charged, it would appear they did know.

Once an agent has provided everything of intelligence value he has access to, it is not unusual to see him attempt to keep the cash flowing by reaching out to other people for additional information. This was clearly seen in the Mallory case when he contacted friends and former colleagues who were still employed at the CIA, as well in the John Walker spy ring in which Walker recruited a friend and family members to supply him with classified information to pass to his Russian handlers.

Mitigating the Threat

One of the most effective ways to mitigate espionage threats is education. Security teams in the sectors being targeted by Chinese espionage efforts must educate their employees about little hook approaches in person and via social media sites such as LinkedIn. They should also receive training in spotting honey traps and other common tactics.

Employees with access to sensitive information and technologies should be encouraged to be careful what they post on social media sites, such as LinkedIn, about their duties and to be selective in who they connect with and communicate with on those platforms.

Employees should be warned to be wary of requests to participate in conferences or academic exchanges or to author papers on topics related to sensitive proprietary technology, processes, or data. Participation in such projects should be undertaken with a healthy dose of skepticism and only with company knowledge and clearance.

Employees should also be taught to report potential human intelligence approaches to corporate security for additional investigation and potential coordination with the appropriate law enforcement or counterintelligence agency. They should be taught exactly what to report, who to report it to, and how to report it.

They must know that they can come to corporate security without fear of consequences or ridicule to report suspected intelligence approaches. It is critically important for both the welfare of the employee and the company that employees are provided with the knowledge needed to escape the snares of the recruitment cycle.