China Stole Data For Years, But Learning How To Read It Is What Changed The Global Spy Game

Photo by Guang Niu/Getty Images)

Virginia Kruta Associate Editor
Font Size:

Chinese intelligence operators have been stealing data from the United States and other nations for years, but it was learning how to interpret that data that truly changed the global spy game.

The change was first noticed by American intelligence agencies around 2013, when Chinese agents suddenly and effectively began identifying and surveilling U.S. intelligence assets and members of their families as they traveled abroad — sometimes from the time they cleared passport control. (RELATED: How The Chinese Use Honeypots In Spy Operations)

According to a report from ForeignPolicy.com, the CIA had developed a strategy for recruiting assets within the Chinese Communist Party and even the military by exploiting the corruption and pay-for-play dynamic that was built into the system. Since promotions and careers were often bought and sold for cash — and officials who did not engage in those corrupt dealings were considered weak – it became standard procedure for the CIA to effectively buy promotions for their own assets as they climbed the ladder.

But between 2010 and 2012, Chinese intelligence officials were made aware of the scope of the U.S.’s  infiltration. Using a flaw in the CIA’s communication networks, China was able to root out the embedded assets and sources, killing dozens and imprisoning more. The flaw China exploited was discovered in Tehran — and it is believed that Iranian officials shared that information with Beijing.

“Our mistakes showed them what their problems were,” a former CIA executive told Foreign Policy. Chinese officials used that information to take a hardline stance on the corruption that had been rampant within the Chinese Communist Party.

Ousting corrupt officials created a new set of problems for the Chinese government as many fled the country to live abroad, making themselves prime targets for any international actor looking for inside information. Many were forced to return to China and thousands were prosecuted on charges of bribery and corruption.

When Edward Snowden leaked data revealing just how deeply the National Security Agency had penetrated their servers, the Chinese again took notice and began to use data they had collected over time to predict patterns of behavior.

In addition to finding the assets who were already in place, Chinese intelligence officials were able to use that mined data to follow behavior and travel patterns and to learn what the CIA looked for in a source. They learned who might be targeted to become a potential source — and why.

Chinese hackers were able to breach the U.S. Office of Personnel Management (OPM) in 2012 (the government did not acknowledge this breach until three years later), at which point they gained access to the personal data of over 20 million current and former U.S. officials and their family members — including highly sensitive details that could make or break attempts to qualify for security clearances.

“The concern just wasn’t that [the OPM hack] would curtail info inside China,” a former senior national security official explained to Foreign Policy. “The U.S. and China bump up against each other around the world. It opened up a global Pandora’s box of problems.” (RELATED: ‘You Can’t Find One That Wasn’t Dating A Chinese Spy?’: Trey Gowdy Rips Pelosi Over Swalwell’s Intel Committee Seat)

And the Chinese were not the only international actors to connect the dots and uproot CIA assets. Around the same time, Moscow reportedly traced payroll discrepancies to ferret out undercover CIA operators at the U.S. Embassy there.

In under a decade, the Chinese were able to dismantle the CIA’s spy network while still implementing their own efforts to rebuild a successful spy network of their own, reportedly using students to infiltrate college campuses and target rising political figures.