OTTAWA — Amidst the brewing scandal that is slowly enveloping the Harper government over the supposedly “flirtatious” emails of a Tory MP with a foreign journalist who may actually be a Chinese spy, two questions stand out.
Why hasn’t Prime Minister Stephen Harper dumped Toronto MP Bob Dechert yet from his privileged post as parliamentary secretary to the foreign affairs minister?
And if this affair isn’t stickhandled delicately, will this embarrassing episode mushroom into a much bigger problem that threatens to derail Harper’s plan to repair Canada-China relations?
Foreign policy and security experts said Wednesday that the answers aren’t clear, but at the very least, Harper should now recognize that Canada needs to reinforce its intelligence apparatus to guard against Chinese espionage.
Brock University professor Charles Burton, a former political and economic counsellor in the Canadian embassy in China from 1998 to 2000, said it’s clear the Asian economic giant will continue to conduct espionage.
Already, this has occurred in areas such as commerce, the military and the cyber sphere. Earlier this year, just a few blocks from Parliament Hill, the computer system of a key government department — the Treasury Board — was apparently infiltrated by hackers believed to be based in China.
And Burton confirmed that — while experts are now puzzling over why Dechert chose to have a very friendly relationship with Xinhua news agency’s Toronto correspondent, Shi Rong — it was clear to him as a diplomat in Beijing that he should be wary of such activities.
“Before I left, I received a briefing from the security people in Foreign Affairs talking about exactly this sort of thing. When I was a diplomat in China I was occasionally approached by young women through different means — email or instant message — suggesting that we might want to meet up. But I didn’t do that.”
Burton added that the appropriate thing for Dechert to do now would be to “step aside” while the RCMP conducts an investigation.
A key question, he said, would be whether the “young Chinese woman” was sending emails and photos of herself to the much older Dechert simply out of pure romance, or whether she “wants something from him.”
“If I got such letters, as soon as I found out the photographs were from someone from the Xinhua news agency, I would be hitting the delete button pretty quick. Mr. Dechert evidently didn’t appreciate that.”
After initially adopting a hostile approach to China five years ago, the Tory government is now pursuing a foreign policy to promote a stronger trading relationship with that country. Foreign Affairs Minister John Baird visited China recently and Harper is expected to make his second visit there this fall.
“They have to appreciate that we can’t go into it with blind or naive enthusiasm,” Burton said of the Tories.
“As we engage China more closely there’s going to be more opportunity for Chinese intelligence agencies to engage in more spying. Therefore, commensurate to strengthening our capacity to trade and investment with China, we should be strengthening our capacity to counter Chinese espionage activities.”
So far, at least, Harper and Baird are standing by Dechert — a much different approach from the quick retribution that was unleashed on then foreign affairs minister Maxime Bernier in 2008.
At that time, he resigned from cabinet after leaving sensitive NATO briefing papers at the apartment of his girlfriend, Julie Couillard, who had connections to biker gangs.
But this episode is being treated differently.
“No government likes to have to demote a secretary of state or minister if they don’t feel they are absolutely compelled to,” said security expert Wesley Wark, a visiting professor at the University of Ottawa.
“And presumably, from all that we’ve seen from the government’s response, they believe that they can weather this storm, they can pooh-pooh it and they can wait it out.”
Fen Hampson, director of the Norman Paterson School of International Affairs at Carleton University, said Dechert is “damaged goods” and will eventually be shuffled out of his post — though not necessarily now.
“His credibility has obviously been thrown into question. My observation would be they’re not going to throw him overboard today, but he might find himself swabbing decks tomorrow.”
As for the broader question — will Dechert’s actions be injurious to Canada-China relations — experts suspect Harper will do his best to prevent this from happening.
“What they’re trying to avoid is this becoming a hot button issue in which bigger questions are raised about the activities of the Chinese government, or the activities of Chinese representatives,” said Wark.
When Harper first came to power in 2006, his government was fiercely critical of the Chinese government over its human rights record. Also, then-foreign affairs minister Peter MacKay openly accused the Chinese of “economic espionage” in Canada.
Harper backed him up and said the espionage was well-documented, despite angry denials from the Chinese who complained the new Tory prime minister was endangering Canada-China relations with false accusations.
Since then, the Tories have dropped their pubic admonishments, and experts don’t believe they will come out swinging in the case of Dechert.
“The preferred method that they have learned in government is to deal with it quietly and internally,” said Wark.
“What the Harper government now realizes is that there is no point in making a public political brouhaha about Chinese espionage. It’s not going to get you anywhere. It’s not going to stop espionage and doing anything beneficial to Canada-Chinese relations.”
In the case of Dechert, there’s another reason why the Tories are reluctant to accuse the Chinese of establishing a spy operation through their journalist.
“They won’t say that because when you say that, you’re pretty well forced to expel them,” noted Hampson. “And they’ll do the same thing to our journalists. This is a tit for tat world and if you start pointing the finger at spies, then they will end our reciprocal arrangements to the journalists over there.”
Dechert has, in past, had the support of Harper, who he accompanied on a trip to China in 2009 — later receiving the promotion as the right-hand man to Canada’s foreign affairs minister.
But now, the leaked emails have turned him into a liability. The emails show that Dechert was writing to Shi, whose news agency is commonly regarded by experts as a intelligence-gathering operation for the Chinese government.
In the emails, written from his parliamentary office account, he describes her as “beautiful” and compliments her for how she looked in a photo “by the water with your cheeks puffed.”
Dechert, who has not spoken to the media since the emails were leaked last week, released a written statement describing the emails merely as “flirtatious” and that he merely had an innocent “friendship” with Shi.
But experts question Dechert’s political judgment in this regard.
They note that after the Bernier affair, Harper was determined to read the riot act to senior Tories so that there would not be another potential security breach.
Wark isn’t so sure it worked.
“The message should have gotten out to all cabinet ministers and all political appointees, all secretaries of state. You have security responsibilities. You have to be aware of the security landscape and who might be operating against the interests of Canada. You have to be aware that people will contact you who are not what they appear to be, including journalists from foreign countries.”
mkennedy [at] postmedia [dot] com
A number of people have asked me how I made the determination described in my Wall Street Journal editorial last Wednesday that China is one of the world’s worst state perpetrators of cyber-espionage and malicious computer hacking (See China’s Threat to World Order: Computer hacking is typical of Beijing’s disdain for global norms).
Although I have spoken with a number of American officials with access to classified information who have made this assertion with great passion, I do not have access to any of these classified documents. Instead, I have decided to lay out the evidence gleaned from public sources.
If there is more evidence making the case that China is involved in these activities on an official or quasi-official level, please add it in a reply to this blog post.
Even more importantly, if you believe that these allegations are false, I very much encourage you to make your case on this site. The evidence is laid out below. Links to the source materials referenced are embedded in the text.
Let the dialogue begin.
The case that China may be one of the world’s worst state perpetrators of cyberespionage and malicious computer hacking
Reports
- In a 2010 report to Congress, the U.S. Defense Department asserted that China is “actively pursuing cyber capabilities with a focus on the exfiltration of information, some of which could be of strategic or military utility”.
- In its 2010 report to Congress, the U.S.-China Economic and Security Review Commission stated that “China’s government, the Chinese Communist Party, and Chinese individuals and organizations continue to hack into American computer systems and networks as well as those of foreign entities and governments.”
- An October 2009 report by Northrop Grumman for the U.S.-China Economic and Security Review Commission asserted that “government efforts to recruit from among the Chinese hacker community and evidence of consulting relationships between known hackers and security services indicates some government willingness to draw from this pool of expertise.” The report revealed that “a founding member of the influential Chinese hacker group Javaphile has a formal consulting relationship with the Shanghai Public Security Bureau and researcher credentials at the information security engineering institute of one of China’s leading universities.”
- A March 2011 report by Invictis Information Security Ltd. stated that “Chinese commercial espionage is as much a state‐sponsored activity as their military and civilian operations. The Chinese government supports commercial espionage as a necessary economic activity to help create Chinese commercial advantage and strategic success in the 21st century. Beijing has at its disposal an army of computer hackers, immigrants (resident in target countries), intelligence operatives, scientists and students.”
- A 2010 restricted report from MI5’s Centre for the Protection of National Infrastructure (CPNI) reportedly detailed how China has hacked various British defense, energy, communications, and manufacturing companies.
- The United States Congressional Research Service (CRS) reported in 2001 that China was “moving aggressively toward incorporating cyber warfare into its military lexicon, organization, training, and doctrine [and] pursuing the concept of a Net Force, which would consist of a strong reserve force of computer experts trained at a number of universities, academies, and training centers.”
Statements by officials
- Former U.S. cyber-czar Richard Clarke asserted that “What’s going on is very large-scale Chinese industrial espionage… They’re stealing our intellectual property. They’re getting our research and development for pennies on the dollar”.
- In an April 15, 2011 testimony for the Oversight and Investigations Subcommittee of the Foreign Affairs Committee of the United States House of Representatives, Richard Fisher, Senior Fellow at the International Assessment and Strategy Center, asserted that “PRC uses its cyber capabilities to pursue a relentless global campaign of cyber espionage, in which every country in which the PRC has any kind of interest, is subject to continuous cyber probes seeking all manner of information of military, commercial or political value.”
- In a March 2010 testimony before the House of Representatives Committee on Foreign Affairs, Larry Wortzel, Commissioner of the U.S.-China Economic and Security Review Commission, explained that hacking by Chinese actors works to “speed the development and fielding of weapons in China, improve technology in sectors of China’s industries while saving time and money in research and development.”
- In a March 2010 testimony to the Senate Armed Services Committee, Director of National Intelligence James Clapper asserted that, when it comes to cyberwarfare, “The Chinese have made a substantial investment in this area. They have a very large organization devoted to it… this is just another way in which they glean information about us and collect on us for technology purposes, so it’s a very formidable concern.”
- In a June 13, 2007 testimony before the House of Representatives Committee on Armed Services, then Deputy Undersecretary for Defense for Asian and Pacific Security Affairs, Richard Lawless, asserted that the Chinese are “leveraging information technology expertise available in China’s booming economy to make significant strides in cyberwarfare.”
- In 2007, Jonathan Evans, the Director‐General of the UK Security Service, MI5, stated that the Chinese “continue to devote considerable time and energy trying to steal our sensitive technology on civilian and military projects and trying to obtain political and economic intelligence at our expense.”
- In August 2007, German Chancellor Angela Merkel reportedly confronted Chinese Premier Wen Jiabao after Chinese hackers attacked computers in her office and other German government ministries.
Operation Shady RAT
- In response to questions as to whether China was behind the recent, high-level hacking campaign known as ‘Operation Shady RAT’, Vice President of Threat Research at cybersecurity firm McAfee Dmitri Alperovitch, responded: “If others want to draw that conclusion, I certainly wouldn’t discourage them.”
- Center for Strategic and International Studies (CSIS) cyber security expert James A. Lewis, stated that “the most likely candidate [as perpetrator of ‘Operation Shady RAT’ is China.”
- Among the 72 hacking targets in 14 countries in ‘Operation Shady RAT’ was the International Olympic Committee and several national Olympic Committees — all breached in the months leading up to the 2008 Beijing Olympics. Three targeted entities were located in Taiwan and 49 were located in the United States. None of the victims were located in China (with the exception of a U.S. News Organization’s Hong Kong Bureau).
- Remote administration tool (RAT) malware was also used in the ‘Night Dragon’ attacks in 2011, which McAfee had concluded came from China.
Night Dragon
- In February 2011, a report from McAfee concluded that the cyber-attack known as ‘Night Dragon’ against major Western energy firms had originated “primarily in China,” effectively tracing it back to Chinese IP addresses in Beijing. Command and control was found to be based in Heze City, the malware tools used were regularly offered for download by Chinese hacker websites, and the hackers appeared to work on regular weekdays, nine-to-five Beijing time-zone schedule.
Operation Aurora
- In Jan 2010, Google openly accused China of stealing some of the company’s source code via an attacked dubbed ‘Operation Aurora’. Servers at two schools in China, Jiaotong University in Shanghai and Lanxiang Vocational School in Shandong Province, were determined to have been used in the attack. Lanxiang was founded with military support and continues training many of the military’s computer scientists. After being briefed by Google on ‘Operation Aurora’, Secretary of State Hillary Clinton issued a statement saying, “We look to the Chinese government for an explanation.”
- A report by Verisign iDefense, a security-intelligence service based in Virginia, reportedly determined that ‘Aurora’ was directed by “agents of the Chinese state or proxies thereof.”
RSA Attacks
- The command-and-control servers used in the March 2011 attacks on RSA — the security division of high-tech company EMC Corp. — were traced to networks in Beijing and Shanghai. The location of the servers was identified due to use of the malware tool “HTran,” which Chinese backers are known to bundle with their code. EMC’s products are used to protect high-level computer networks throughout the U.S. government as well as large corporations and defense contractors.
Other attacks
- In June 2011, Google announced it had thwarted an attempt from China to steal the Gmail passwords of senior U.S. government officials. Google said the attacks originated in Jinan, China, one of seven regional command centers for the Chinese military.
- On April 8, 2010, state-owned China Telecom rerouted U.S. and other foreign Internet traffic, causing 15 percent of the all internet traffic to travel through Chinese servers for nearly 20 minutes. The long-term impact of this rerouting remains unknown.
- In April 2009, hackers broke into the Pentagon’s Joint Strike Fighter project — an attack that former U.S. officials attributed to China after it was traced back to Chinese IP addresses.
- According to Senior Fellow at the International Assessment and Strategy Center, Richard Fisher, Chinese hackers attacked computer systems at the U.S. Naval War College, National Defense University, and the U.S Army’s Fort Hood throughout 2006.
- The 2005 ‘Titan Rain’ cyber-espionage ring, responsible for breaking into a number of U.S. military and defense contractor computer systems, was traced back to three Chinese routers in China’s Guangdong Province.
Jamie Metzl is Executive Vice President of Asia Society and a former official in the U.S. National Security Council, State Department, and Senate Foreign Relations Committee. The views expressed here are his own.
Primary research conducted by Johan Kharabi, Asia Society
This post has been modified since its original publication.
