The Diplomat author Mercy Kuo regularly engages subject-matter experts, policy practitioners, and strategic thinkers across the globe for their diverse insights into U.S. Asia policy. This conversation with Dr. Matthew Brazil – a senior analyst at BluePath Labs, senior fellow at The Jamestown Foundation and co-author of “Chinese Communist Espionage: An Intelligence Primer” (Naval Institute Press 2019) – is the 437th in “The Trans-Pacific View Insight Series.”
What are the core objectives of China’s intelligence strategy?
Under Xi Jinping, Beijing initiated a worldwide espionage and influence offensive. It seems tailored to fulfill expanding requirements generated by his aggressive policies.
First, some points about organization. The agencies employed that we most often hear about are the Ministry of State Security (MSS, 国家安全部), and the Chinese Communist Party (CCP) United Front Work Department (UFWD, 统一战线工作部). They perform HUMINT (human intelligence, or spying) and influence operations, respectively. Their work may often crisscross to the point of conflation, though how much and how often is a controversial topic. Alex Joske’s book “Spies and Lies” goes deep into this question and asserts that coordination has been on for decades.
There are also new intelligence units under the People’s Liberation Army (PLA), three of which were reorganized in April from the PLA’s former Strategic Support Force: the Information Support Force (ISF, 信息支援部队), which apparently performs signal intelligence; the Cyberspace Force (网络空间部队), which would seem to perform hacking on military targets, and the Military Space Force (军事航空部队), which may run China’s “overhead” effort, i.e., satellite reconnaissance.
In addition, the Intelligence Bureau of the Joint Staff Department (JIB, 联参谋部情报局) also conducts HUMINT. Formerly known as 2PLA, it was not a part of the SSF but was a higher-ranking department under the PLA General Staff, and so it seems to have been bureaucratically demoted.
One of them has a blog: “The Eternal Wave” (永不消逝的电波) chronicles the daily life of Chinese troops assigned to the ISF as they practice maneuvers in the field and train line forces in signal security. The blog also carries the occasional hint of “strategic” SIGINT as performed by our own National Security Agency.
These agencies may now be better supervised and coordinated than before Xi’s ascendance, but for us in the unclassified world, more data is needed to assess how intelligence requirements are generated, organized between agencies, and carried out. However, we can examine published indictments and convictions of Chinese agents abroad. Indictments from the United States are particularly useful.
On Beijing’s objectives: Statistics compiled by Nick Eftimiades indicate that in general, the acquisition of military and dual-use technology drives the largest number of China’s clandestine operations in the U.S., followed by traditional espionage to ferret out classified information. There are also significant PRC efforts to acquire commercial technologies useful to national development, but these cases seem dominated by individuals (Chinese and foreign) and Chinese companies rather than the party-state’s organs of state security.
In that context, it is important to note that corporate insider spies working on China’s behalf include European-Americans as well as Chinese people. The same is true of spies who have betrayed the U.S. government. They come in all colors.
Identify the primary methods and modes of China’s intelligence strategy.
Some core elements of China’s current intelligence strategy were laid down by the Leninist CCP under Mao Zedong. In his new book “The Sentinel State” and in his March 2024 essay in the China Leadership Monitor, Minxin Pei describes how the pre-digital people-powered surveillance by Mao’s CCP established a baseline for today’s “digital panopticon,” the Chinese version of “Ubiquitous Technical Surveillance” (UTS). Even though the rapid economic development and unprecedented mobility of the population in the 1990s and 2000s eroded the party’s previous ability to keep tabs on society, Xi Jinping revived it with AI-enabled technology that has made “real-time surveillance – long an aspiration of the Chinese police – a reality,” writes Pei.
Besides suppressing domestic dissent, the CCP’s digital panopticon makes counterespionage work far easier than before, aided by the Counterespionage Law (2014, 2023) and the Intelligence Law (2017, 2018) that require Chinese citizens and organizations to cooperate with intelligence and security authorities.
Some learned comment opines that these laws don’t really matter – that the CCP’s requirements levied on society go back to the unwritten but strict rules of Mao’s time. That is a valid point. However, these laws still accomplish two important goals for Xi’s “new era.” First, they define responsibilities of officials as well as those of the citizenry. In a system where corruption among Public Security and State Security officials is a perennial problem, these measures assist the party to maintain discipline if it discovers unwarranted persecution of individuals or illegitimate leniency owing to bribery.
Random accusations of spying began under Mao and that storied black sheep of the party, the chairman’s favorite spy chief, Kang Sheng. They are still thrown around with wild abandon. On the latter, using corrupt “connections” to get out of trouble is an even more pernicious problem in Chinese history.
Second, I noticed while working in China between 1991 and 2016 that many people who grew up in the 1990s and afterward seem to place undue faith in their rights under the PRC Constitution, underestimating the willingness and ability of the party-state to exercise arbitrary power. The intelligence laws may prove useful for the party-state to dispel such bourgeois notions.
Incidentally, the intelligence laws were passed in the context of relatively high approval ratings of the CCP’s policies during Xi’s second and third terms. That index has had its ups and downs for certain but should not be underestimated.
Turning to foreign intelligence, as China has grown stronger, so has the CCP’s instinct to control not only its domestic population but also its diaspora, and beyond that, the foreign conversation about China – goals that may seem odd to us but are as important to many authoritarian regimes as they are unique. Hence efforts that we see, perhaps coordinated by the CCP United Front Work Department, to control foreign narratives. In addition, there are widely reported operations to hack into foreign government and business databases and traditional spying.
As always, traditional spying is vital. China’s priority tasks against the U.S. and its allies appear to include information on defense plans, especially regarding Taiwan and other East Asian countries, defense technologies, Washington’s policies related to China, Taiwan, and Hong Kong, the activities of exiled dissidents, particularly Tibetans, Uyghurs, and Hong Kongers, and the names of American intelligence personnel and their assets.
In addition, the hacking operations of the MSS and of PLA intelligence agencies have focused on harvesting massive databases from targets such as the U.S. Office of Personnel Management, credit agencies, airlines, and hotel chains.
Reporting in Europe for my upcoming book indicates that Beijing has similar priorities for their foreign intelligence operations there. Matters like NATO plans regarding China and the Arctic, European policies toward China and the acquisition of defense and dual-use technology, and the activities of dissidents and emigres. Relevant examples include the Gerli Mutso case in Estonia, implicating the PLA Intelligence Bureau; the Jian Guo case in Germany concerning European policy and defense shipments; and the Dorjee Gyantsan case in Sweden, involving the MSS.
A memorable MSS penetration of France’s foreign intelligence agency is chronicled in the book “Trahisons à la DGSE” by Antoine Izambard and Franck Renaud, which is highly recommended.
Taiwan itself has been a priority CCP espionage target since the 1949 Communist victory. CCP intelligence and influence cases there are many and various. Such cases seem less publicized in other parts of Asia but have occasionally emerged: allegations of a Chinese agent inside the Japanese police agency charged with counterespionage investigations; a 2020-2021 hacking of Japan’s Defense Ministry; a 2021 hacking of Indonesian government agencies including its intelligence organization, the BIN. Singapore is subject to focused influence operations by Beijing, though it is relatively resilient against them as its government strives to avoid being drawn into the U.S.-China rivalry.
It must be said that China’s newly developed abilities to engage in UTS are a problem not just for people inside the PRC’s borders, but abroad as well. Measures such as use of secure message platforms, multi-factor authentication beyond SMS, employment of VPNs and password managers, regular change of passphrases, and engaging in timely software updates are just some of the measures that we should all pursue.
Explain the relationship between China’s intelligence apparatus and its military-civil fusion strategy.
My colleague at BluePath Labs, Dr. Eric Hundman, points out that the connections between China’s military-civil fusion strategy and its intelligence apparatus mostly appear to be indirect, but are apparent. For instance, the CCP Central Military Commission hosts competitions in cooperation with private companies to encourage the development of military- and military intelligence-related technology. Eric adds, “Some of the high-level priority areas for MCF – such as building up talent in cyberspace operations – also clearly implicate intelligence operations.”
The civilian and military sides of China’s national key lab system freely share data to the point where the distinction between them is “mostly meaningless” according to Matt Bruzzese, also of BluePath Labs. Matt adds that military-civil fusion could take the form of breaking down barriers between the MSS and PLA on one hand and civilian organizations like the Ministry of Education on the other – something we can see in China’s highly successful Thousand Talents Program, which attracts Overseas Chinese and foreign scientists of interest.
A prominent example of the MSS working to acquire advanced dual-use technology was the 2018 operation by MSS officer Xu Yanjun to acquire General Electric jet engine technologies. Such efforts aim to advance China’s ability to project power beyond its shores and reduce reliance on foreign suppliers.
What is the role of hackers in China’s intelligence system?
Hacking has been important since about 2005. China rapidly developed its hacking capabilities, first in military organizations such as PLA “Unit 61398,” based in Shanghai. In subsequent years, so-called “patriotic hackers” began organizing to conduct volunteer operations attacking China’s perceived opponents.
The exact timeline is not easy to pin down, but the evidence I’ve reviewed indicates that hackers began working for State Security front companies in the late 2010s, possibly formed to distance that ministry from these operations and perhaps to allow for faster hiring – avoiding time-consuming security clearance procedures. Hackers also organized their own for-profit companies that sought contracts with their local Public Security and State Security entities. It was a movement that was slow at first but picked up at the end of the decade as intelligence requirements probably increased under Xi.
The hacking operations of the MSS and of PLA intelligence agencies have in part focused on harvesting massive databases from targets such as the U.S. Office of Personnel Management, credit agencies, airlines, and hotel chains.
At least one hacking contractor, iS00N (安洵信息) working for Public Security and State Security entities at the provincial and municipal levels, is focused on a surprisingly wide variety of targets in Southeast Asia and beyond, including databases of airlines used by Uyghur emigres, various foreign police agencies, NATO headquarters, government and NGO organizations in the U.K., and many more. Leaked files from iS00N revealed some unusual insights into the PRC’s intelligence operations, highlighting an intensified global security offensive as well as employee dissatisfaction of those earning only low pay.
The fact that China’s national police are now gathering massive amounts of intelligence overseas – previously thought to be the turf of the MSS and the PLA’s agencies – is notable. It is no surprise that the Chinese Communist Party is worried to the point of paranoia about events and opinions abroad. It has long been said that the CCP is focused less on what we call “national security” than on the party’s own security and its position in society, which it rolls together as “state security.” Therefore, they overreact to even minor efforts to organize resistance, even those that exist solely in their fevered imaginations.
Assess the influence and impact of China’s intelligence strategy on the U.S. and Western democratic societies and industries.
The overwhelming nature of Beijing’s efforts is one of its most salient features, and as many have opined, the annual losses to industry in the U.S. and elsewhere is in the billions.
In scope and intensity, Beijing’s worldwide espionage and influence offensive goes well beyond what we have previously faced from Russia and other adversaries. Our response must also go beyond routine counterespionage. We need more people trained in the Chinese language and that great nation’s culture: not only in our military and foreign service, both of which do a good job. Our law enforcement and industrial security professionals also need such training, not least to avoid chasing after innocent people who happen to be of Chinese ethnicity.
In the U.S. that requires substantial funding, and Congress needs to switch from their usual sound bite blame gaming to step up with legislation and funding to move us forward.