ESPIONAGE, the Sequel

March 1, 2007

If there ever was a Golden Age of international espionage, the Cold War era was it. The superpowers and their satellites and allies maintained enormous spying establishments, spending scores of billions of dollars to employ thousands of professional case officers, spies, and analysts and finance their advanced equipment and sophisticated infrastructure.

Even though the Cold War is over, military espionage, at least, continues to thrive. In fact, it never slackened at all. Increasingly, foreign spies are hidden among us, recruited from among the more than 30 million foreign businessmen, scientists, students, researchers, academics, and tourists entering the United States each year.

Take, for example, the case of Chi Mak, a Chinese-born electronics engineer working for a US defense contractor. According to the federal government, he was part of a family that spied together and apparently hoped to prosper together. The FBI has alleged that Mak, along with his wife and brother, can be heard on FBI wiretaps discussing ways to smuggle an encrypted computer disk to China. The disk in question, the bureau added, was loaded with sensitive technological data.

Mak, whose case was reported in some detail by Newsweek last year, has pleaded not guilty to charges that he acted as an agent for a foreign government. His case is pending, as are those of his family members.

In pressing its charges, the government claimed that the information on the disk was linked to quiet “electronic-drive” submarine propulsion systems. Access to such technology could help China achieve one of its dearest strategic goals: making US Navy operations in the Taiwan Strait so perilous that Washington would think twice about coming to the aid of Taiwan in a cross-strait conflict.

The case is notable for a number of reasons. It reveals how new tools commonly associated with the technology revolution—cell phone cameras, wireless personal digital assistants, tiny computer “thumb drives,” readily available encryption software—have made it far easier for foreign governments and companies to steal classified information.

According to the Defense Security Service, which monitors technology collection attempts for the Defense Department, the threat is growing. The most recent DSS report on technology collection trends, released in January, notes that the number of “suspicious” events is on the rise, as are the number of countries involved. DSS also notes a “dramatic increase in incidents involving government affiliated entities.”

Record Numbers

The National Counterintelligence Executive says a record 108 nations were involved in trying to steal sensitive US technologies in 2005, the last year for which full data are available.

That Chi Mak may have been spying for China is suggestive of another trend: Experts say China is far and away the most aggressive and resourceful state sponsor of technological spying. (See “The China Problem,” August 1999, p. 70.)

The FBI estimates that there are more than 3,000 Chinese “front companies” operating in the US with the express purpose of gathering intelligence and technology. Much of this is “dual use,” with both civil and military uses.

The FBI has stated publicly that the number of Chinese counterintelligence cases in Silicon Valley alone is increasing by 20 to 30 percent each year.

Globalization—characterized by the free flow of data, commodities, and people across porous national borders—has allowed these cases to become utterly commonplace. Industrial espionage and military technology theft is a thriving growth industry. Consider that, in 2005:

The FBI opened 89 economic espionage cases and was working 122 active cases at year’s end.

US Immigration and Customs Enforcement conducted more than 2,400 export investigations involving violations of the Arms Export Control Act, International Traffic in Arms Regulations, the Trading With the Enemy Act, and other laws.

According to the American Society for Industrial Security, economic and industrial espionage cost US businesses an estimated $59 billion.

DSS reported 971 suspicious contacts, an increase of nearly 43 percent from a year before, though part of this may be attributable to “greater threat awareness.”

The top five, unnamed, “collecting countries” were responsible for 57.4 percent of all technology collection activity.

State-sponsored spying activity nearly doubled from the year before, to 30.6 percent of the technology collection attempts.

Little wonder that some experts have characterized the trend as the greatest foreign intelligence challenge since the Cold War. Or as one former Russian intelligence officer commented to a reporter on the ubiquity of data theft and industrial espionage, “Everyone is stealing from everyone else.”

Foreign theft of sensitive technologies has “eroded the US military advantage by making dangerous technology available to our adversaries,” Michelle Van Cleave, the former national counterintelligence executive, testified in 2005 before Congress.

Prime Targets

Sensitive US technologies that underpin the economy and contribute to military superiority, she said, remain prime targets of foreign intelligence services, companies, and private individuals. Such spying and theft “has undercut the competitiveness of US industry by allowing foreign firms to acquire, at little or no cost, technology that US firms spent hundreds of millions of dollars developing.”

One case began in 2004, as a seemingly innocent meeting at a Japanese trade show between two men who shared a common interest in electronic gadgets.

One was a Japanese employee of Nikon, the other a Russian working for the Russian trade representative office in Tokyo.

Over the course of subsequent dinners and drinks at various restaurants—the Russian always picked up the tab—the discussion turned to infrared sensor technologies that Nikon was working on for its cameras, but which also had applications in advanced weapons systems.

In February 2005 the Nikon employee was persuaded to give his new friend a prototype device designed to stabilize light signals in long-distance fiber-optic networks, in exchange for a few hundred dollars and some presents.

As was eventually reported in the Russian publication Defense and Security, the Tokyo police had long considered the Russian trading office a wholly owned subsidiary of Russian military intelligence. Eventually, Japanese law enforcement saw to it that the Japanese man was fired from his job and that the Russian quietly returned to Moscow.

The lines have blurred between industrial and economic espionage conducted by foreign governments and intelligence agencies, and spying instigated at the behest of private companies or individuals.

A number of foreign governments have created quasi-official organizations, such as the Russian trade office, to tap into and help direct the technology theft being conducted by the private sector.

Meanwhile, foreign intelligence services continue to aggressively conduct their own spying operations to collect technologies that commercial spies do not gather.

False Flags

Often, it is simply not clear who is behind the spying.

“In many cases, we do not know how much of a nexus there is between the private and public sectors that are targeting our technologies,” conceded Van Cleave.

“Most foreign governments that are involved do not discourage such theft and often benefit from [it],” she testified. “It’s clear, however, that the major threat countries continue to employ state organs—including their intelligence services—as well as commercial enterprises, particularly when seeking the most sensitive and difficult-to-acquire technologies.”

The leading state sponsors are an open secret and include India, Pakistan, Iran, Japan, France, and Israel.

By nearly all accounts, however, the top two “threat nations” are in a class by themselves. Thus, US intelligence officers and investigators spend much of their counterintelligence energies looking particularly into the activities of China and Russia.

But for an investigation by the Japanese magazine Shukan Bunshun, the suicide of a Japanese consul in Shanghai in 2004 might have been attributed to loneliness or thwarted career ambitions. Instead, the investigation revealed that the Japanese official was in a relationship with a hostess in a karaoke bar. Chinese intelligence officers reportedly threatened to make the relationship public unless the man divulged the secrets of Tokyo’s diplomatic encryption system.

The Japanese consul hanged himself instead.

The case reveals why many experts believe industrial espionage and technical data theft have become a quasi-official part of Beijing’s foreign and industrial policy, dating back to the 1980s and the “863 Program” launched by former leader Deng Xiaoping. Designed to put China on a fast track to technological equality with the developed nations, the 863 Program focused on achieving breakthroughs and shortcuts across a wide spectrum of military and industrial technologies.

Once critical technologies—or entire weapons systems—were acquired, Chinese engineers and scientists adapted them quickly to existing weapons and systems through reverse engineering.

The 863 Program helps explain why China today has more than 700 multinational R&D centers versus less than 50 just nine years ago, as Newsweek reported. The program also indicates why the United States and many allies are investigating and prosecuting dozens of cases of sensitive technology and banned items being smuggled to China, from night vision systems to seismic imaging equipment.

Without citing specific nations, the Defense Security Service notes that the “apparent across-the-board surge in activity” from the East Asia-Pacific region “will continue … as gaps in technological capability become apparent in their weapons development processes. Lasers and optics technology and aeronautics appear to be priority technology targets for this region.”

Too “Remarkable”

In a report, the House of Representatives listed 16 “remarkable” Chinese technological breakthroughs that suggest industrial espionage, from supercomputers and advanced communications systems to satellites and nanotechnology.

The 863 Program also helps explain how China was able to rapidly field leap-ahead weapons systems that seemed to clone the Tomahawk cruise missile and the Aegis seaborne radar system.

“I think you see [signs of Chinese industrial espionage] in cases where something that would normally take 10 years to develop takes them two or three,” said David W. Szady, then chief of FBI counterintelligence operations, in 2005 to the Calgary Herald.

DSS provided a telling case study of how this technology theft can work, citing an example involving a Near Eastern nation. An employee of a Near East defense firm, working on a joint program with a US defense contractor, connected his computer to the US contractor’s classified test network, ostensibly to “control the test of an expendable torpedo decoy.”

The network was also being used to test a “US designed, classified, and export-controlled second generation torpedo defense suite.” When the test cycle was complete, the foreign employee left with his computer. Within months, his firm “announced its second generation torpedo defense suite, with similar characteristics and capabilities” as the classified US system.

Even in the shadowy world of espionage, signs of China’s massive collection effort surface with regularity. In 2006, a Taiwan citizen pleaded guilty to spying for China, after he was caught in the US trying to illegally acquire and export cruise missiles and spare parts for fighter aircraft.

In 2005, a Chinese case officer who had worked for more than 10 years in European universities and companies defected to Belgium’s state security services, revealing a network of hundreds of Chinese industrial spies spread across Europe.

Among the companies targeted by this network was the French communications firm Alcatel, as reported by the Calgary Herald. Alcatel is a prime contractor for the Galileo satellite communications system that Europeans hope will one day rival the Global Positioning System.

A Western intelligence officer quoted in the article said that China was eventually brought into the project because its successful spying made efforts to keep it at arm’s length “futile.”

Likewise, there is ample evidence that Washington’s old adversary Moscow remains hyperactive in the fields of industrial espionage and sensitive data theft.

In one case, British defense contractor BAE Systems learned in 2002 that one of its employees was passing stealth cruise missile secrets to the Russians. Former BAE engineer Ian Parr is now serving 10 years for spying.

Dipping Into the Diaspora

A favored tactic of Russian intelligence, according to a number of reports, is to entice or coerce members of the huge Russian diaspora around the world to act as agents.

“In the Soviet period, the Kremlin treated Russian refugees as traitors and enemies, but now it is turning them into a fifth column,” according to Konstantin Preobrazhensky, a former lieutenant colonel in Russian intelligence, quoted in Scotland’s Sunday Herald. Intelligence officers “attract Russians overseas by appealing to their patriotism.”

The Defense Security Service says information technologies top the list of desired capabilities, as they are the foundation of virtually all modern civilian and military processes. Examples include pursuit of Ka-band satellite communications systems, electronic warfare simulation systems, and tactical radios.

Next on the “most wanted” list are lasers and optics. The equipment sought in 2005 included night vision systems and laser range-finders.

Aeronautics, the key to the United States’ vaunted airpower advantage, is the third-most pursued category of technology. Collection events included attempts to obtain military aircraft engines, tactical unmanned aerial vehicles, and missile-launch warning systems.

Other technologies pursued by foreign entities included target tracking systems, anti-tank guided missiles, and radar cross-section modeling software—in short, a laundry list of the most advanced US military technologies.

“These technologies are frequently cutting edge and provide the collector the advantage of saving time and costs associated with indigenous development of new technologies,” DSS reported.

The methods that foreign intelligence services and foreign industrial competitors devise to acquire sensitive technologies are as numerous and ingenious as the targeted technologies themselves.

In the age of globalization, US officials worry first that foreign countries or their industrial subsidiaries seeking sensitive technologies will simply buy US companies.

The acquisition of fiber-optic network provider Global Crossing by a Singapore company, and the sale of IBM’s personal computer division to Lenovo, China’s largest computer maker, are two sales that raised eyebrows in Congress.

China’s acquisition of IBM’s personal computers division could transfer advanced technology and corporate assets to the Chinese government, said a 2005 letter to the Treasury Department signed by, among others, Rep. Duncan Hunter (R-Calif.), then House Armed Services Committee chairman.

The transaction could also “result in certain US government contracts with or involving [personal computers] being fulfilled or participated in by the Chinese government.”

Easy Exploitations

Authorities also worry that joint ventures and overseas subcontractor relationships between US industries and foreign partners are easily exploited by industrial spies. US firms frequently transfer secret data to foreign subcontractors, only to find out later that the work and information were then outsourced to third-party subcontractors of suspect reputation.

The National Counterintelligence Executive’s annual report to Congress noted that in late 2004 a US software manufacturer reported that portions of its source code and the confidential design documents of one of its key products had been stolen from a recently opened research and development center in Mumbai, India. Despite successfully detecting the theft, the company had little legal recourse to stop further dissemination of the information.

Businessmen traveling abroad are also seen as prime espionage targets, and they are vulnerable to having their laptops, mobile phones, and Blackberrys stolen or bugged.

In one such instance, a Canadian aerospace company in negotiations for a sale to a foreign company found out that its technological secrets were being stolen by a snooping switchboard operator in an overseas hotel. The potential “buyer” was scamming the Canadian company, trying to steal its technology from the intercepted phone calls and faxes.

Attempts on classified or restricted technology range from the mundane to the sinister. The most popular method, for instance, is for spies to contact companies by e-mail, fax, or phone call, simply requesting sensitive information under the guise of a “sale” or “research.” The hope is to find a company or individual naive about export controls.

Other attempts are far more nefarious. An organized campaign by professional hackers linked to China called “Titan Rain” attempted to steal data from numerous defense companies and agencies through cyber-assault.

According to DSS, “The potential gain from even one successful computer intrusion makes [hacking] an attractive, relatively low-risk option,” and “the risk to sensitive information on US computer systems will increase.”

In another case cited by DSS, a US contractor received an e-mail from a doctoral student requesting information on an “ultraviolet missile warning system.”

The student claimed he was working on a research project assigned by his professor, and indeed such requests from university students to industry are a fairly commonplace part of the free exchange of information among researchers.

In this case, however, executives noticed that the e-mail came from a commercial Internet provider instead of the “.edu” that signifies educational institutions. Their suspicions were also aroused by the fact that the request was for information on a specific system rather than on a field of general scientific research.

30 Percent Factor

That case illustrates the vulnerability of the vast educational and research system to espionage. As noted by the NCIE’s report to Congress in 2005, almost 30 percent of the science and engineering faculty employed by US universities and colleges are foreign born. More than 40 percent of the Ph.D.s awarded in science, engineering, and mathematics went to foreign citizens in 2004.

“The sheer size of the population and the access that some have to key R&D projects make it inevitable that this group will serve as an important funnel abroad for technologies.”

Take the Chinese student who attended Iowa State and the one at Penn State, both of whom were cited in a Defense Department report in 2003. According to the report and a follow-on investigation by the Washington Times, the two students transferred top-secret data on a special metal to a company with close ties to a foreign military. The metal is used in naval and aerospace sensors and weapons.

As the Pentagon report noted, the nature of the convoluted transaction was typical of the shady world of industrial and economic espionage.

Although “one of the Chinese students admitted sending this information to [China’s People’s Liberation Army], … usually the connections between academic, commercial, and military organizations are not so clear cut,” the report summarized.

Finally, some of the collection efforts would be right at home in the finest spy novels and movies. DSS notes that on one occasion, a film processing company contacted the FBI after it developed film showing “classified images of satellites and their blueprints.” It was “determined that the pictures were taken from an adjacent office’s window.”

James Kitfield is the defense correspondent for National Journal in Washington, D.C. His most recent article for Air Force Magazine, “The American Theater,” appeared in the December 2006 issue.