June 30, 2011: During the last three years, China has opened eight National Intelligence Colleges in major universities. In effect, each of these is an “Espionage Department” at these universities, where, each year, about 300 carefully selected applicants are accepted, to be trained as spies and intelligence operatives. China has found that espionage is an enormously profitable way to steal military and commercial secrets. While Chinese Cyber War operations in this area get a lot of publicity, the more conventional spying brings in a lot of stuff that is not reachable on the Internet.
One indicator of this effort is the fact that American counter-intelligence efforts are snagging more Chinese spies. But this is largely due to increased spying effort by China, rather than more success by the FBI and CIA. This use of industrial espionage has played a large part in turning China into the mightiest industrial and military power on the planet.
For over two decades, China has been attempting to do what the Soviet Union never accomplished; steal Western technology, then use it to move ahead of the West. The Soviets lacked the many essential supporting industries found in the West (most founded and run by entrepreneurs), and was never able to get all the many pieces needed to match Western technical accomplishments. Soviet copies of American computers, for example, were crude, less reliable and less powerful. Same with their jet fighters, tanks and warships.
China gets around this by making it profitable for Western firms to set up factories in China, where Chinese managers and workers can be taught how to make things right. At the same time. China allows thousands of their best students to go to the United States to study. While most of these students will stay in America, where there are better jobs and more opportunities, some will come back to China, and bring American business and technical skills with them. Finally, China energetically uses the “thousand grains of sand” approach to espionage. This involves China trying to get all Chinese going overseas, and those of Chinese ancestry living outside the motherland, to spy for China, if only a tiny bit.
This approach to espionage is nothing new. Other nations have used similar systems for centuries. What is unusual is the scale of the Chinese effort. Backing it all up is a Chinese intelligence bureaucracy back home that is huge, with nearly 100,000 people working just to keep track of the many Chinese overseas, and what they could, or should, be to trying to grab for the motherland. This is where many of the graduates of the National Intelligence College program will work.
It begins when Chinese intelligence officials examine who is going overseas, and for what purpose. Chinese citizens cannot leave the country, legally, without the state security organizations being notified. The intel people are not being asked to give permission. They are being alerted in case they want to have a talk with students, tourists or business people before they leave the country. Interviews are often held when these people come back as well.
Those who might be coming in contact with useful information are asked to remember what they saw, or bring back souvenirs. Over 100,000 Chinese students go off to foreign universities each year. Even more go abroad as tourists or on business. Most of these people were not asked to actually act as spies, but simply to share, with Chinese government officials (who are not always identified as intelligence personnel) whatever information obtained. The more ambitious of these people are getting caught and prosecuted. But the majority, who are quite casual, and, individually, bring back relatively little, are almost impossible to catch.
Like the Russians, the Chinese are also employing the traditional methods, using people with diplomatic immunity to recruit spies, and offering cash, or whatever, to get people to sell them information. This is still effective, and when combined with the “thousand grains of sand” methods, brings in lots of secrets. The final ingredient is a shadowy venture capital operation, sometimes called Project 863, that offers money for Chinese entrepreneurs who will turn the stolen technology into something real. No questions asked. If you can get back to China with the secrets, you are home free and potentially very rich.
But there are some legal problems. When the Chinese steal some technology, and produce something that the Western victims can prove was stolen (via patents and prior use of the technology), legal action can make it impossible, or very difficult, to sell anything using the stolen tech, outside of China. For that reason, the Chinese like to steal military technology. This kind of stuff rarely leaves China. And in some cases, like manufacturing technology, there’s an advantage to not selling it outside of China. Because China is still a communist dictatorship, the courts do as they are told, and they are rarely told to honor foreign patent claims.
There rarely is a dull moment in Indian politics. The latest is the hasty attempt to hush up the bugging of the finance ministry offices. Pranab Mukherjee, the finance minister himself has dismissed the episode as âbogusâ. The Intelligence Bureau (IB) says no such bugging took place. And Home minister P. Chidambaran, to whom the IB reports, says he didnât know about the bugging till he saw it in the newspapers last week. But the controversy refuses to die down.
According to The Indian Express which broke the story, on September 4, 2010, the Central Board of Direct Taxes (CBDT), an agency that reports to the Finance Ministry, brought in a team of private sleuths to conduct a security sweep of the offices to check for eavesdropping devices. They found âplantable adhesive substancesâ in 16 locations in the office of the Finance Minister, the offices of his long-time aide Omita Paul, and personal secretary Manoj Pant as well as two conference rooms. Groove marks were found on the âadhesive substancesâ, suggesting that bugging devices were planted and removed later to wipe out surveillance trail.
Three days later, Mukherjee wrote to the Prime Minister asking him to launch a âsecret probeâ into the âserious breach of securityâ. He said no âlive microphoneâ or recording devices were found but it could have âwider ramificationsâ. The Prime Minister then directly tasked the then IB chief, Rajiv Mathur, to probe Mukherjeeâs complaint rather than passing it on to Chidambaram. The IB conducted its investigations and reported that there was no breach of security. A Home Ministry official told The Economic Times, “The IB probe concluded that the adhesive may just be chewing gum left behind by careless visitors or maintenance staff. The matter was subsequently treated as closed around six months back.” But why would any visitor or cleaning staff discard chewing gum or adhesives in a ministerâs high-security office?
The corridors of power are rife with conspiracy theories. Leading the suspect list is Mukherjeeâs political opponents.
Observers point to the simmering mistrust within the higher echelons of government. Given that Mukherjee wields a great degree of influence within the UPA, and is a strong contender for prime ministership after Manmohan Singh, perhaps someone within the Congress party wanted to keep a tab on him or pull him down a notch or two. Itâs not the first time that such cloak and dagger activities have come to light. In May 2010, Outlook magazine reported how senior leaders like Sharad Pawar and Digvijay Singh had been illegally tapped. Sources told the Outlook that during the July 2008 no-confidence motion on the Indo-US nuclear deal, bugging devices were used extensively to listen in on the conversations of opposition leaders. Years ago, Zail Singh, former president of India felt that the Rashtrapati Bhawan was tapped. He told Vir Sanghvi, well known columnist and former editor, Hindustan Times, that he made it a point to discuss sensitive matters in the garden. Key officials and journalists are on the governmentâs watch list and their cell phones are allegedly tapped regularly.
Another theory doing the rounds is that a business house had engineered the bugging. Sources told The Times of India, “There are many private sector players who could be interested. If they were aware of a particular meeting on a subject crucial to their bottom line, then a corporate could take such a risk,” he said. So if a corporate house was to “buy off a lower level staff”, these transmitters could be smuggled in. “And the easiest way to plant them is using adhesives,” he adds. But why would businessmen adopt such risky options when they can easily find out what they want through their informants in the ministry or political cronies?
Yet another theory is the involvement of the foreign hand. Agencies seeking policy-related information critical for their governments to gain advantage from Indian deals or projects could have planted the bugs. For instance, there have been periodic reports of attempts from China to access classified information. Last year, Chinese hackers tried taking over websites and email accounts of government officials. Sounds a bit farfetched though!
But thereâs not enough evidence to conclusively prove any of the conspiracy theories.
Asked if Mukherjeeâs office bugged, B. Raman, a former senior RAW official, told the Outlook magazine, âCircumstantially yes if one takes into account the important position occupied by him in the Cabinet, his important role involving sensitive discussions in his office on many sensitive issues of a political nature and the suspicion that there are question marks over his head in the Congress leadership. Technically, it would depend on where the adhesive material was found. If it was found at places easily visible to the naked eye, then the allegations may not be correct. If the adhesive was found at places not easily visible to the naked eye, the allegation will acquire some credibility.â
Had the bugging device been found, there would have been valid ground for the charges. With just âadhesivesâ stuck in 16 locations, thereâs no way the bugging can be proved or traced. A retired senior official known for his expertise in technical intelligence told The Times of India that as a snooping operation, it was poorly done. “There are far more sophisticated ways of monitoring,” he said. For instance, the telephone could have been converted into a transmitter, using laser beams. Solar-charged transmitters could have been planted in photo-frames etc. âAdhesives are used to stick transmitters that secretly record voice in a premise. It is then transmitted to a recorder kept at a distance. If this was the case in Mukherjee’s office, he may have been either a victim of a one-off snooping for a few hours, or sustained snooping over a long period of time,â the official added.
The speculation will continue. And weâll likely never know the truth.
BERLIN – A German chemicals company said Monday its managers have started keeping their mobile phones in biscuit tins during meetings in order to guard against industrial espionage.
“Experts have told us that mobile phones are being eavesdropped on more and more, even when they are switched off,” Alexandra Boy, spokeswoman for Essen-based speciality chemicals maker Evonik, told AFP.
“The measure applies mostly when sensitive issues are being discussed, for the most part in research and development,” she said, confirming a report in business weekly Wirtschaftswoche.
Biscuit tins have a so-called Farraday cage effect, she said, blocking out electromagnetic radiation and therefore stopping people hacking into mobile phones, not only for calls but also to get hold of emails.
The firm, with 34,000 employees and sales of 13 billion euros (S$22.8 billion), is not alone in wanting to defend itself against what experts warn are increasingly sophisticated methods of industrial espionage.
This month the German government opened a new national centre in Bonn to coordinate efforts not only to protect firms from espionage but also state infrastructure from cyber attacks.
One of the worldâs best-paid businesswomen hired private investigators to bug her estranged husbandâs ÂŁ2âmillion home, according to papers lodged at the High Court.
Elena Ambrosiadou is being sued for spying and harassment by Dr Martin Coward. The pair, who separated in 2009, founded Ikos, one of Europeâs biggest hedge funds.
Dr Coward claims in papers obtained from the court that Miss Ambrosiadou hired a private detective agency called Kroll Associates to plant secret surveillance devices last December at his house in Steyning, West Sussex.
Separated: Martin Coward and Elena Ambrosiadou founded Ikos, one of Europeâs biggest hedge funds
He alleges that Kroll employees entered his property illegally and left bugsand video cameras in the kitchen and the fireplace of his study.
He claims that they also planted a GPS tracking device in his car. The court document also alleges that Dr Coward was covertly followed by detectives from another agency who photographed his meetings with people in Monaco and Cyprus.
Dr Coward, regarded as one of the worldâs greatest financial mathematicians, is suing his estranged wife for breaching his privacy and his human rights, which guarantee him a right to a private life.
He is also seeking an injunction against Miss Ambrosiadou and Kroll Associates âto prevent any further similar activityâ.
Greek-born Miss Ambrosiadou, 51, and Dr Coward amassed a ÂŁ200âmillion fortune through the hedge fund they jointly founded in 1993. She took a salary of ÂŁ16âmillion in 2004 as the chief executive of Ikos, and last year spent ÂŁ60âmillion on the Maltese Falcon, the worldâs largest private sailing yacht.
Last week The Mail on Sunday revealed how Miss Ambrosiadou hired a glamorous undercover agent called Laura Merts, 37, to spy on her former portfolio manager, Tobin Gover, and to extract âconfidential and private information about himâ.
Mr Gover was among 12 Ikos employees who were mysteriously sacked in 2008 while Dr Coward was on a skiing holiday. Miss Ambrosiadou has agreed to pay Mr Gover âsubstantialâ damages.
After the sackings, Ikos was hit by scandals and setbacks. In late 2009, Dr Coward, who was chief investment officer, resigned, saying he wanted to set up his own hedge fund. The couple also separated shortly afterwards.
The court papers claim that the bugs in Dr Cowardâs home ârecorded a long conversation between the claimant [Dr Coward] and his mother in the study, in which they discussed a number of highly private, confidential and sensitive issues, including issues concerning the claimantâs business plans, investments and tax affairsâ.
Dr Coward also claims that his estranged wife hired another agency to spy on his movements between November and December 2009 in Monaco. Dr Coward lives in the principality with his 24-year-old Brazilian girlfriend.
He claims he was also subjected to a more intensive surveillance when in Limassol, Cyprus.
Last night a spokesman for Dr Coward refused to comment.
Miss Ambrosiadouâs lawyers said there has been no finding of wrong-doing against her and she denies any allegations of unlawful conduct.
An Ikos spokesman said: âWe are not going to debate an ongoing situation through the media. There are a number of outstanding criminal cases to be dealt with.â
The network of defense contractor Lockheed-Martin was attacked using counterfeit electronic keys. Since the RSA Security network was hacked and the keys to its SecurID tokens were compromised a few months ago, the world has been waiting for the proverbial other shoe to drop. Well, it dropped.
In an analysis of the breach at RSA Security, NSS Labs predicted, “This was a strategic move to grab the virtual keys to RSA’s customers–who are the most security conscious in the world. One or several RSA clients are likely the ultimate target of this attack. Military, financial, governmental, and other organizations with critical intellectual property, plans and finances are at risk.”
Cyber attacks have evolved into precision tools for corporate and government espionage.Since the compromise of the SecurID keys, there have been malware and phishing campaigns probing for specific data connecting RSA tokens to the end-user, suggesting that those attacks were being conducted by the original RSA Security attackers with a goal in mind.
Most crimes are crimes of opportunity, and most crimes of opportunity can be avoided. Stay in populated, well-lit areas, and you’re relatively safe. Walk down dark, deserted alleys and your odds of getting mugged go up. Lock your car doors and keep valuable hidden, and you probably won’t get things stolen. Leave your car unlocked with your iPad sitting on the passenger seat and it probably won’t be there when you get back.
However, avoiding a targeted attack–a stalker dedicated to trailing you specifically–is much more difficult. The attack against RSA Security does not appear to have been a random crime of opportunity, but rather a targeted attack calculated with the goal of acquiring the keys necessary to tackle larger prey like Lockheed-Martin.
I am sure that Lockheed-Martin and the United States government have information security experts much smarter than me investigating these incidents and connecting the dots, but it certainly seems at face value like either a state-sponsored attack, or an attack by well-funded hackers with the intent to market whatever information can be extracted internationally to other governments.
Thankfully, Lockheed-Martin detected the attack and acted quickly to thwart it. A spokesperson for Lockheed-Martin reports that no customer, program, or employee data has been compromised as a result of this attack.
But, the entire incident–starting from the RSA Security attack and compromise of the SecurID tokens, and ending at Lockheed-Martin–illustrates that malware and cyber-crime are becoming more insidious. Malware has evolved from a trivial, script-kiddie nuisance, to a professional crime syndicate, and now into a tool for precision corporate and government espionage.
