Chinese intelligence activity abroad
The government of the People's Republic of China is engaged in espionage overseas, directed through diverse methods via the Ministry of State Security, the Ministry of Public Security, the United Front Work Department, People's Liberation Army via its Intelligence Bureau of the Joint Staff Department, and numerous front organizations and state-owned enterprises. It employs a variety of tactics including cyber espionage to gain access to sensitive information remotely, signals intelligence, human intelligence as well as influence operations through united front activity targeting overseas Chinese communities and associations.
The Chinese government is also engaged in industrial espionage aimed at gathering information and technology to bolster its economy, as well as transnational repression of dissidents abroad such as supporters of the Tibetan independence movement and Uyghurs as well as the Taiwan independence movement, the Hong Kong independence movement, Falun Gong, pro-democracy activists, and other critics of the Chinese Communist Party. The United States alleges that the degree of intelligence activity is unprecedented in its assertiveness and engagement in multiple host countries, particularly the United States, with economic damages estimated to run into the hundreds of billions according to the Center for Strategic and International Studies.
Modes of operation
It is believed that Chinese espionage is aimed at preserving China's national security through gaining commercial, technological, and military secrets. The carriers of China's intelligence activities are diverse. The use of non-traditional intelligence assets is codified in Chinese law. Article 14 of China's 2017 National Intelligence Law mandates that Chinese intelligence agencies "may ask relevant institutions, organizations and citizens to provide necessary support, assistance and cooperation." Honey trapping and kompromat are also common tools of Chinese intelligence services.Much of the information available to the public about the Chinese intelligence services comes from defectors, whom the PRC accuses of lying to promote an anti-PRC agenda. One known exception to this rule is the case of Katrina Leung, who was accused of starting an affair with an FBI agent to gain sensitive documents from him. A U.S. judge dismissed all charges against her due to prosecutorial misconduct.
The United States believes the Chinese military has been developing network technology in recent years to perform espionage on other nations. Several cases of computer intrusions suspected of Chinese involvement have been found in various countries, including Australia, New Zealand, Canada, France, Germany, the Netherlands, the United Kingdom, India and the United States.
In the aftermath of the Shadow Network computer espionage operation, security experts claimed "targeting Tibetan activists is a strong indicator of official Chinese government involvement" since private Chinese hackers pursue economic information only. In 2009, Canadian researchers at the Munk Center for International Studies at the University of Toronto examined the computers at the personal office of the Dalai Lama. Evidence led to the discovery of GhostNet, a large cyber-spy network. Chinese hackers had gained access to computers possessed by government and private organizations in 103 countries, although researchers say there is no conclusive evidence China's government was behind it. Computers penetrated include those of the Dalai Lama, Tibetan exiles, organizations affiliated with the Dalai Lama in India, Brussels, London and New York, embassies, foreign ministries and other government offices, and focus was believed to be on the governments of South Asian and Southeast Asian countries. The same researchers discovered a second cyberspy network in 2010. They were able to see some of the stolen documents that included classified material about Indian missile systems, security in several Indian states, confidential embassy documents about India's relationships in West Africa, Russia and the Middle East, NATO forces travel in Afghanistan, and a years worth of the Dalai Lama's personal email. The "sophisticated" hackers were linked to universities in China. Beijing again denied involvement. In 2019, Chinese hackers posing as The New York Times, Amnesty International and other organization's reporters targeted the private office of the Dalai Lama, Tibetan Parliament members, and Tibetan nongovernmental organizations, among others. Facebook and Twitter took down a large network of Chinese bots that was spreading disinformation about the 2019–20 Hong Kong protests and a months long attack on Hong Kong media companies was traced to Chinese hackers.
Facial recognition and surveillance artificial intelligence technology developed inside China to identify Uyghurs, a Muslim minority, is now used throughout China, and despite security concerns over Chinese involvement in 5G wireless networks, is manufactured and exported worldwide by state owned China National Electronics Import & Export and Huawei to many countries, including Ecuador, Zimbabwe, Uzbekistan, Pakistan, Kenya, the United Arab Emirates, Venezuela, Bolivia, Angola and Germany. American companies and universities such as MIT and Princeton are partnering with the Rockefeller Foundation and the California Public Employees' Retirement System to fund Chinese surveillance and AI start-ups such as Hikvision, SenseTime and Megvii, which sell less expensive versions of Chinese state developed artificial intelligence surveillance systems, although this is being curtailed somewhat due to the companies being declared national security threats and human rights violators by the US, and US-China trade concerns. China invests in American AI startups and is starting to overtake the US in AI investment.
In July 2020, in its annual report, Germany's domestic intelligence agency, the Federal Office for the Protection of the Constitution, warned consumers that personal data they provide to Chinese payment companies or other tech firms such as Tencent, Alibaba and others, could end up in the hands of China's government. In September 2020, a Chinese company, Shenzhen Zhenhua Data Technology came under the scanner worldwide for its big data and data mining and integration capacities and intentions related to its use. According to the information from the National Enterprise Credit Information Publicity System, which is run by State Administration for Market Regulation in China, the shareholders of Zhenhua Data Information Technology Co., Ltd. are two natural persons and one general partnership enterprise whose partners are natural persons. Wang Xuefeng, who is the chief executive and the shareholder of Zhenhua Data, has publicly boasted that he supports "hybrid warfare" through manipulation of public opinion and "psychological warfare".
Agencies
The primary agencies involved in deploying operatives overseas are the Ministry of State Security and the Intelligence Bureau of the Joint Staff Department of the Central Military Commission, both utilizing state-owned enterprises and united front groups acting as front organizations for intelligence operatives disguised as legitimate employees. The Ministry of Public Security is also involved in domestic counter-intelligence and overseas capture of fugitives, dissidents and corruption suspects through activities such as Operation Fox Hunt. The United Front Work Department is responsible for conducting political influence operations leveraging overseas Chinese diaspora and local political and economic elites while providing cover for intelligence agents.Xinhua News Agency also collects and reports information on individuals and groups of interest for intelligence purposes. Xinhua reporters file certain internal reports to CCP leadership from secure rooms in some Chinese embassies and consulates.
Advanced persistent threats
Relationship with the United Front
In 1939, Zhou Enlai espoused "nestling intelligence within the united front" while also "using the united front to push forth intelligence." According to Australian analyst Alex Joske, "the united front system provides networks, cover and institutions that intelligence agencies use for their own purposes." Joske added that "united front networks are a golden opportunity for Party's spies because they represent groups of Party-aligned individuals who are relatively receptive to clandestine recruitment."In 2023, Chen Wenqing of the CCP's Central Political and Legal Affairs Commission directed party cadres and committees at all levels to "attach great importance to, concern themselves with, and support covert front work."
Activity worldwide
Africa
Ethiopia
In January 2018, Le Monde reported that the headquarters of the African Union, which had been constructed by the China State Construction Engineering Corporation, had had its computer systems compromised between 2012 and 2017, with data from AU servers being forwarded to Shanghai. The building's computer system was subsequently removed and the AU refused a Chinese offer to configure the replacement system. Le Monde alleged that the AU had then covered up the hack to protect Chinese interests in the continent.China and the African Union have rejected the allegations. Ethiopian Prime Minister Hailemariam Desalegn rejected the French media report, saying that he doesn't believe it. Moussa Faki Mahamat, head of the African Union Commission, said the allegations in the Le Monde report were false. "These are totally false allegations and I believe that we are completely disregarding them."
In 2020, Japan's Computer Emergency Response Team reported that a suspected Chinese hacking organization, "Bronze President," had hacked and extracted footage from the AU Headquarters' security cameras.