Return to

July 5, 2018
Notes from the Pentagon

China electronic spying threat
Defense Secretary Jim Mattis‘ recent visit to China highlighted the security dangers posed by sophisticated Chinese electronic spying in the capital of Beijing.

Security precautions for those traveling with the defense secretary were extremely tight during his June 26-28 visit.

To prevent Chinese spying through cellphones or laptop computers, the 10 journalists traveling aboard the secretary’s Air Force E-4B nuclear command plane, a militarized Boeing 747, were prohibited from bringing any electronic devices that were taken off the aircraft during the two-day visit back onto the plane. Anything that used wireless connectivity was deemed potentially vulnerable to Chinese hacking.

Security officials were concerned that China’s formidable electronic spies would plant viruses or other malware onto the cellphones and laptops, allowing remote spying aboard the aircraft.

The concerns were magnified because the E-4B is one of the more sensitive aircraft in the military’s inventory. The jets — four are currently deployed — are critical elements of nuclear command and control systems used by commanders to communicate with their forces during a nuclear crisis or conflict.

Gaining access to the electronics or communications of the command plane could allow the Chinese military to block or disrupt nuclear commands, or spy on nuclear command-and-control methods.

The Chinese are known to be targeting the military’s nuclear command and control networks for both intelligence-gathering and future cyberwarfare attacks. One novel electronic spying tactic is to secretly plant listening devices inside electronic key cards used to open hotel room doors.

Security officials traveling with Mr. Mattis required everyone who was issued hotel key cards in Beijing to leave all of them behind before boarding the aircraft on the way out of Beijing.

Chinese intelligence and security organs employ up to 15,000 electronic spies to spy on foreigners in China. High-profile visits by foreign officials like Mr. Mattis are high-priority intelligence targets for the Chinese, who in addition to electronic spying also engage in large-scale human surveillance.

China’s main electronic spy agencies are the civilian Ministry of State Security (MSS) and the People’s Liberation Army (PLA) Strategic Support Force, a relatively new agency that combined several PLA military spy units, including the human spying service called 2PLA and the cyberspy group 3PLA. Together, the MSS and Strategic Support Force conduct aggressive high-technology intelligence-gathering both in China and abroad.

Another PLA unit known as 4PLA specializes in electronic countermeasures and radar intelligence. As reported in this space last year, the 4PLA operates an entire Beijing hotel called the Seasons Hotel for its operations.

The tight security controls are a reflection of the new electronic spying environment and China’s formidable skills at stealing secrets and other valuable information through foreigners’ electronic devices.

Chinese intelligence continues to exploit its hack of some 21 million federal records at the U.S. executive branch’s Office of Personnel Management several years ago. The OPM cyberattack compromised sensitive personal information on millions of Americans who hold security clearances.

China also hacked the health care provider Anthem and stole some 78 million records, including those of government officials.

U.S. intelligence officials believe the Chinese are using the stolen data for high-technology, artificial-intelligence-driven spying operations.

Reporters and officials who were part of the official delegation traveling with Mr. Mattis were forced to bring “burner” cellphones for travel in China. The phones were used inside China and discarded before the delegation left the country.

Any laptop computers taken by reporters off the plane had to be abandoned in China or handed off to colleagues at local news bureaus. That process worked for those covering the secretary’s first visit to China for The New York Times, The Washington Post and The Wall Street Journal.

Reporters without local bureaus in Beijing had to improvise or go without cellphone connectivity completely.

One reporter brought two laptops — one for use on stops before and after China and one for use solely in China. The laptop had to be dropped off at the reporter’s news bureau at the end of the trip.

However, getting the computer back to the United States could prove difficult since China prohibits mailing laptops over concerns about the fire risks posed by certain batteries in shipments.

Your Inside the Ring columnist took the risky step of renting a Chinese laptop — a model built by China’s Lenovo — through a hotel concierge. Lenovo computers are banned within the Pentagon over security concerns that the Chinese could use hardware contained in the laptops to send information back to China.

The first problem using the rented computer was deciphering the Chinese language. A hotel assistant helped by loading an English-language Yahoo webpage on the computer browser. From the Yahoo site, a temporary email was created for the visit and used to file stories.

One early discovery for recent visitors to Beijing was that China remains a tightly controlled information desert. Social media giants Facebook and Twitter are banned and unavailable there, as is access to Google’s signature search engine, which is blocked on most Chinese web browsers most of the time.

A radio correspondent traveling with Mr. Mattis was able to send audio files from Beijing using one of several desktop computers located in the hotel business center. The problem for the reporter was that the business center was not open 24 hours a day.

Asked about the extreme electronic precautions, a senior defense official said: “Welcome to the new security environment.”

The White House recently published a report on Chinese economic aggression against the United States that contains new details on Beijing’s spy operations.

The report, “How China’s Economic Aggression Threatens the Technologies and Intellectual Property of the United States and the World,” states that China’s Ministry of State Security employs around 40,000 intelligence officers overseas and more than 50,000 spies inside China. That 90,000 MSS spying cadre is bolstered by “tens of thousands” of Chinese military spies, the report said.

According to the report, a special Pentagon unit called the Defense Innovation Unit Experimental, or DIUx, recently concluded that “the scale of the [Chinese economic] espionage continues to increase.”

The large-scale, state-sponsored technology theft by China has overwhelmed American law enforcement agencies.

“In part, this is because U.S. companies may be unaware of theft by an insider before it is too late,” the report said. “In part, this is because some U.S. companies are unwilling to report the theft for fear of the adverse consequences that such a disclosure could entail. Even when victims report, the Chinese government is typically unwilling to cooperate, making a successful cross-border investigation difficult.”

The House intelligence authorization bill for fiscal 2019 contains provisions requiring U.S. intelligence agencies to better monitor and counter election-influence operations by Russia.

The bill that passed the House Permanent Select Committee on Intelligence this week calls for an intelligence report on Russian election meddling over the past three years, and on anticipated operations as well as U.S. counterintelligence efforts against those operations.

The report is a recognition that the Obama administration did little or nothing to counter the Russian influence campaign during the 2016 presidential election, despite intelligence agencies knowing about the secret program since 2015. The intelligence analysis report outlined in the legislation would summarize significant influence campaigns by Russian intelligence and the methods used in carrying them out.

Another section of the intelligence bill would require federal security and intelligence agencies to post on a public website “an advisory report on foreign counterintelligence and cybersecurity threats to election campaigns for federal offices.”

Another provision would require spy agencies to report to Congress on the national security risks posed by foreign investment in the United States. The measure is aimed at identifying extensive Chinese investment in the United States that Beijing is using to gain access to advanced technology.

Another section of the bill would require the creation of an Energy Infrastructure Security Center within the Energy Department to better deal with cyber and other threats to the electric grid and other critical energy infrastructure.

  • Contact Bill Gertz on Twitter via @BillGertz.

  • Return to