Around 2013, U.S. intelligence began noticing an alarming pattern: Undercover CIA personnel, flying into countries in Africa and Europe for sensitive work, were being rapidly and successfully identified by Chinese intelligence, according to three former U.S. officials. The surveillance by Chinese operatives began in some cases as soon as the CIA officers had cleared passport control. Sometimes, the surveillance was so overt that U.S. intelligence officials speculated that the Chinese wanted the U.S. side to know they had identified the CIA operatives, disrupting their missions; other times, however, it was much more subtle and only detected through U.S. spy agencies’ own sophisticated technical countersurveillance capabilities.
[…]
CIA officials believed the answer was likely data-driven—and related to a Chinese cyberespionage campaign devoted to stealing vast troves of sensitive personal private information, like travel and health data, as well as U.S. government personnel records. U.S. officials believed Chinese intelligence operatives had likely combed through and synthesized information from these massive, stolen caches to identify the undercover U.S. intelligence officials. It was very likely a “suave and professional utilization” of these datasets, said the same former intelligence official. This “was not random or generic,” this source said. “It’s a big-data problem.”
[…]
In 2010, a new decade was dawning, and Chinese officials were furious. The CIA, they had discovered, had systematically penetrated their government over the course of years, with U.S. assets embedded in the military, the CCP, the intelligence apparatus, and elsewhere. The anger radiated upward to “the highest levels of the Chinese government,” recalled a former senior counterintelligence executive.
Exploiting a flaw in the online system CIA operatives used to secretly communicate with their agents—a flaw first identified in Iran, which Tehran likely shared with Beijing—from 2010 to roughly 2012, Chinese intelligence officials ruthlessly uprooted the CIA’s human source network in China, imprisoning and killing dozens of people.
[…]
The anger in Beijing wasn’t just because of the penetration by the CIA but because of what it exposed about the degree of corruption in China. When the CIA recruits an asset, the further this asset rises within a county’s power structure, the better. During the Cold War it had been hard to guarantee the rise of the CIA’s Soviet agents; the very factors that made them vulnerable to recruitment—greed, ideology, blackmailable habits, and ego—often impeded their career prospects. And there was only so much that money could buy in the Soviet Union, especially with no sign of where it had come from.
But in the newly rich China of the 2000s, dirty money was flowing freely. The average income remained under 2,000 yuan a month (approximately $240 at contemporary exchange rates), but officials’ informal earnings vastly exceeded their formal salaries. An official who wasn’t participating in corruption was deemed a fool or a risk by his colleagues. Cash could buy anything, including careers, and the CIA had plenty of it.
[…]
Over the course of their investigation into the CIA’s China-based agent network, Chinese officials learned that the agency was secretly paying the “promotion fees” —in other words, the bribes—regularly required to rise up within the Chinese bureaucracy, according to four current and former officials. It was how the CIA got “disaffected people up in the ranks. But this was not done once, and wasn’t done just in the [Chinese military],” recalled a current Capitol Hill staffer. “Paying their bribes was an example of long-term thinking that was extraordinary for us,” said a former senior counterintelligence official. “Recruiting foreign military officers is nearly impossible. It was a way to exploit the corruption to our advantage.” At the time, “promotion fees” sometimes ran into the millions of dollars, according to a former senior CIA official: “It was quite amazing the level of corruption that was going on.” The compensation sometimes included paying tuition and board for children studying at expensive foreign universities, according to another CIA officer.
[…]
This was a global problem for the CCP. Corrupt officials, even if they hadn’t been recruited by the CIA while in office, also often sought refuge overseas—where they could then be tapped for information by enterprising spy services. In late 2012, party head Xi Jinping announced a new anti-corruption campaign that would lead to the prosecution of hundreds of thousands of Chinese officials. Thousands were subject to extreme coercive pressure, bordering on kidnapping, to return from living abroad. “The anti-corruption drive was about consolidating power—but also about how Americans could take advantage of [the corruption]. And that had to do with the bribe and promotion process,” said the former senior counterintelligence official.
The 2013 leaks from Edward Snowden, which revealed the NSA’s deep penetration of the telecommunications company Huawei’s China-based servers, also jarred Chinese officials, according to a former senior intelligence analyst.
[…]
By about 2010, two former CIA officials recalled, the Chinese security services had instituted a sophisticated travel intelligence program, developing databases that tracked flights and passenger lists for espionage purposes. “We looked at it very carefully,” said the former senior CIA official. China’s spies “were actively using that for counterintelligence and offensive intelligence. The capability was there and was being utilized.” China had also stepped up its hacking efforts targeting biometric and passenger data from transit hubs, former intelligence officials say—including a successful hack by Chinese intelligence of biometric data from Bangkok’s international airport.
To be sure, China had stolen plenty of data before discovering how deeply infiltrated it was by U.S. intelligence agencies. However, the shake-up between 2010 and 2012 gave Beijing an impetus not only to go after bigger, riskier targets, but also to put together the infrastructure needed to process the purloined information. It was around this time, said a former senior NSA official, that Chinese intelligence agencies transitioned from merely being able to steal large datasets en masse to actually rapidly sifting through information from within them for use. U.S. officials also began to observe that intelligence facilities within China were being physically co-located near language and data processing centers, said this person.
For U.S. intelligence personnel, these new capabilities made China’s successful hack of the U.S. Office of Personnel Management (OPM) that much more chilling. During the OPM breach, Chinese hackers stole detailed, often highly sensitive personnel data from 21.5 million current and former U.S. officials, their spouses, and job applicants, including health, residency, employment, fingerprint, and financial data. In some cases, details from background investigations tied to the granting of security clearances—investigations that can delve deeply into individuals’ mental health records, their sexual histories and proclivities, and whether a person’s relatives abroad may be subject to government blackmail—were stolen as well. Though the United States did not disclose the breach until 2015, U.S. intelligence officials became aware of the initial OPM hack in 2012, said the former counterintelligence executive. (It’s not clear precisely when the compromise actually happened.)
[…]
For some at the CIA, recalled Gail Helt, a former CIA China analyst, the reaction to the OPM breach was, “Oh my God, what is this going to mean for everybody who had ever traveled to China? But also what is it going to mean for people who we had formally recruited, people who might be suspected of talking to us, people who had family members there? And what will this mean for agency efforts to recruit people in the future? It was terrifying. Absolutely terrifying.” Many feared the aftershocks would be widespread. “The concern just wasn’t that [the OPM hack] would curtail info inside China,” said a former senior national security official. “The U.S. and China bump up against each other around the world. It opened up a global Pandora’s box of problems.”
[…]
. During this same period, U.S. officials concluded that Russian intelligence officials, likely exploiting a difference in payroll payments between real State Department employees and undercover CIA officers, had identified some of the CIA personnel working at the U.S. Embassy in Moscow. Officials thought that this insight may have come from data derived from the OPM hack, provided by the Chinese to their Russian counterparts. U.S. officials also wondered whether the OPM hack could be related to an uptick in attempted recruitments by Chinese intelligence of Chinese American translators working for U.S. intelligence agencies when they visited family in China. “We also thought they were trying to get Mandarin speakers to apply for jobs as translators” within the U.S. intelligence community, recalled the former senior counterintelligence official. U.S. officials believed that Chinese intelligence was giving their agents “instructions on how to pass a polygraph.”
But after the OPM breach, anomalies began to multiply. In 2012, senior U.S. spy hunters began to puzzle over some “head-scratchers”: In a few cases, spouses of U.S. officials whose sensitive work should have been difficult to discern were being approached by Chinese and Russian intelligence operatives abroad, according to the former counterintelligence executive. In one case, Chinese operatives tried to harass and entrap a U.S. official’s wife while she accompanied her children on a school field trip to China. “The MO is that, usually at the end of the trip, the lightbulb goes on [and the foreign intelligence service identifies potential persons of interest]. But these were from day one, from the airport onward,” the former official said.
[…]
forum.xda-developers.com