Espionage involving China

[AndrewJ]

Turns out it was the right decision not to promote him.

Bosses are not likely to leak secrets, only small guys do so, because of dissatisfaction with their positions.

 

[zyklon]

Bosses are not likely to leak secrets, only small guys do so, because of dissatisfaction with their positions.

For better or worse, that's simply untrue: personnel at all levels of seniority are vulnerable to recruitment by sophisticated state actors.

HUMINT assets are generally motivated by a combination of money, ideology, compromise and/or ego. Even if someone is completely ideologically secure with "fuck you money," they may still be emotionally vulnerable in all sorts of ways, and/or accountable to or for someone easier to compromise.

Speaking of blackmail, there are even "case officers" who specialize in "recruiting" powerful, influential and/or wealthy figures. I'm sure you can think of at least one or two prominent examples.

 

[talonn]

I wonder who the buyer is ..

 

[plawolf]

I think the major red flag for me is the laxity in basic information security. I have worked in places that doesn’t do any defence or intelligence related work, and it was basically impossible to copy anything from the main secure server without IT security knowing about it.

I am hopeful that this means the data the guy was able to copy and steal wasn’t actually truly damaging. Because it would have been truly criminally incompetent to not have such basic data security measures in place for truly sensitive national security data, in which case many more heads would have rolled.

It also kinda makes sense that he only got such a paltry sum for his efforts, and also why the foreign intelligence agency basically ghosted him after the first transition. Even if he sold them everything he had, or they hacked his device and stole everything he took with him to the meet, if he had truly valuable stuff, they would not have ghosted him, and would at a minimum have kept in touch in case he managed to score anything else or had more stashed away offline back at home.

My take is that the guy did the classic marketing gimmick of making it look like he had juicy prizes to offer when he only had some basic stuff, and the foreign intelligence agency he contacted realised he was a time wasting conman after paying the fee to see what he had to offer.

He is being executed because of the way he so proactively went out of his way to betray his country, repeatedly. He wasn’t honeytrapped or approached and had a moment of weakness, he willingly and proactively went to seek out hostile foreign agents to sell out to. The stuff he sold probably is classified, but it shouldn’t be anything too critical. This was more about setting an example, which is why it’s so well publicised.

 

[Wrought]

Nothing new here, just a piece about the trajectory of Chinese cyberspace efforts.

About 20 years ago, when cyber-security firms began tracking the threat, Chinese hackers were “very, very loud”, says John Hultquist of Mandiant, “incredibly willing to set off alarms, incredibly willing to be caught”. A European official concurs. Even five years ago, she says, “Chinese cyber operators were not considered very sophisticated.” That has now changed. “The speed at which they improve always seems to come as a surprise to Westerners, even though it really shouldn’t,” says the official. “If China wants to accelerate in an area, then they will, and they have very smart people.”

Also, a note on restraint.

“What separates China from their peers like Russia, North Korea and Iran”, says Mr Hultquist, is that those states routinely cross the line from espionage to disruption, from spying and reconnaissance to outright sabotage. China has “never pulled the trigger”, he says. Even in American infrastructure networks, China has stopped short of inserting destructive code. “We can see them doing the reconnaissance. We can see them getting into place. They’re not showing us the weapon.”

Please, Log in or Register to view URLs content!

 

[Rafi]

I think the major red flag for me is the laxity in basic information security. I have worked in places that doesn’t do any defence or intelligence related work, and it was basically impossible to copy anything from the main secure server without IT security knowing about it.

I am hopeful that this means the data the guy was able to copy and steal wasn’t actually truly damaging. Because it would have been truly criminally incompetent to not have such basic data security measures in place for truly sensitive national security data, in which case many more heads would have rolled.

It also kinda makes sense that he only got such a paltry sum for his efforts, and also why the foreign intelligence agency basically ghosted him after the first transition. Even if he sold them everything he had, or they hacked his device and stole everything he took with him to the meet, if he had truly valuable stuff, they would not have ghosted him, and would at a minimum have kept in touch in case he managed to score anything else or had more stashed away offline back at home.

My take is that the guy did the classic marketing gimmick of making it look like he had juicy prizes to offer when he only had some basic stuff, and the foreign intelligence agency he contacted realised he was a time wasting conman after paying the fee to see what he had to offer.

He is being executed because of the way he so proactively went out of his way to betray his country, repeatedly. He wasn’t honeytrapped or approached and had a moment of weakness, he willingly and proactively went to seek out hostile foreign agents to sell out to. The stuff he sold probably is classified, but it shouldn’t be anything too critical. This was more about setting an example, which is why it’s so well publicised.

the Chinese are generally acknowledged to be the best of the best in Counter Intelligence work.

 

[magmunta]

4 Chinese PRC informants arrested in Taiwan. They sent some classified materials in the form of pictures to PRC. Damage to Taiwan seems limited as none of them has received more than 10 years.

Please, Log in or Register to view URLs content!