The Official Chinese 🇨🇳 Espionage & Cold War Thread
spectator.us
Is China the new Russia? | Spectator USA
Cockburn
6-8 minutes
Cockburn
A rapper, a Republican fundraiser, and a missing $1 billion – inside the mysteries of Chinese influence over American politics
Pras of The Fugees in 2015
The Fugees were, according to MTV, the ninth greatest hip-hop band of all time. Who can forget the immortal lyrics to their hit Ready or Not – number one in both the UK and Iceland? ‘I’ll be Nina Simone…defecating on your microphone.’ That song also has a sobering warning about the unpleasantness of prison: ‘Jail bars ain’t golden gates. Those who fake, they break. When they meet their 400-pound mate.’ (Perhaps this is the same ‘400lb person’ that Donald Trump blamed for Russia’s hacking during the US presidential election.) All this might be a bit too close to home for one of the band’s former members, Prakazrel Michel, known as ‘Pras’: He has been charged with making illegal political donations using foreign money.
Prosecutors have outlined a case that reaches into the 2016 election, though the charges against Pras go back to 2012. He is accused of giving $865,000 of overseas money to 20 ‘straw donors’ to hand on to Barack Obama’s presidential fundraising committee. He is also accused of sending more than $1 million to a different, independent campaign committee, a PAC. This money was allegedly part of $21 million illegally laundered into the US that was, in turn, a small slice of $1 billion missing from a Malaysian investment fund called 1MDB. Pras denies the charges, saying outside court in Washington DC: ‘I feel I’m totally innocent.’ The Washington Post said he was going to protest his innocence in a new rap album that will be released next month. Cockburn has his Walkman at the ready.
How does this connect to 2016 – and to China? 1MDB was run by a financier from Singapore known as Jho Low. He had a yacht with a gold plated interior, a Monet, a private jet (natch), and although he looked like a Chinese Billy Bunter – short, pudgy and bespectacled – he was seen with several Hollywood beauties. It’s claimed he gave a $9 million diamond to a model, Miranda Kerr, and tried to win the heart of Paris Hilton, the heiress. This attempt involved what newspaper reports at the time called a ‘champagne duel’ with her ex-boyfriend, a baseball player named Doug Reinhardt. The duel was supposedly fought in a Saint-Tropez nightclub, Les Caves Du Roy. Reinhart ordered four magnums of Cristal for Hilton. Not to be outdone, Low summoned a waiter and ordered the nightclub’s entire remaining stock, eight magnums. Reinhart left, humiliated.
Prosecutors in the US and Malaysia say this parade of bad taste was paid for with stolen money. The total embezzled is said to be $4.5 billion and the DoJ has brought what it says is the biggest ever action under its Kleptocracy Act Recovery Initiative. Enter Elliott Broidy, once a deputy finance chair of the RNC – and best know for having secretly paid a former Playboy model $1.6 million to have an abortion. (This financial arrangement was made by Donald Trump’s personal lawyer, Michael Cohen, so there was scurrilous gossip about who the father was.) Prosecutors says Broidy was given $8 million by Low to make the DoJ case go away – he was, allegedly, offered another $75 million if he managed to do this. It’s claimed that the middle man for this deal was Pras, the rapper.
Along with Jho Low, the former Malaysian prime minister, Najib Razak, is also accused of stealing the 1MDB money. Broidy reportedly helped Razak when he was Malyasian prime minister and visited Washington in 2017. He provided talking points for a meeting with Trump and even managed to get him a round of golf with the president. Broidy himself seemed to enjoy extraordinary access to Trump in the Oval Office. Cockburn is told that this caused unease to some in the US ‘intelligence community’ – because of the connection to Jho Low. One source now places Low in Beijing, a sign that he had the support of the Chinese state all along. There’s no confirmation that he is being helped by Beijing – and no doubt Low would deny it – though reports in the Asian media say he is in China.
The intelligence types imagine Beijing covertly pulling on strings that pass through Low, to American citizens like Broidy and Pras, and onto the body politic or the media. They would not think it a coincidence, for instance, that quite out of the blue, Pras sent a proposal for a pro-Chinese piece to the US magazine Mother Jones. In what Mother Jones called ‘an unusual pitch’, Pras proposed writing a feature calling for the US to extradite a prominent Chinese dissident living in New York, Guo Wengui. He called him ‘a Chinese illegal immigrant who lied on his US visa application’. The news organization ProPublica says it has obtained details of a sealed search warrant obtained by the FBI to raid Broidy’s office in LA last summer — it says the Feds were looking for ‘records related to China and Guo Wengui’. Broidy has always denied being an unregistered foreign lobbyist. His lawyer told the Washington Post: ‘Elliott Broidy has never agreed to work for, been retained by nor been compensated by any foreign government for any interaction with the United States Government, ever. Any implication to the contrary is a lie.’
Cockburn has written about allegations of Chinese interference in US politics before. There were claims that the Chinese mounted an ‘influence operation’ against the president’s son-in-law, Jared Kushner, by trying to buy up the debt on 666 Fifth Avenue, his family’s disastrous real estate investment. A former aide to Trump told Cockburn that the Chinese official who had attempted to make the deal was jailed by the authorities in Beijing for his failure. The influence operations have continued, with the Chinese owner of a string of massage parlors in Florida selling access to Trump’s home and club there, Mar-a-Lago. Trump himself used to boast on the campaign trail about getting millions of dollars in rent from a Chinese state owned bank – a huge conflict of interest, according to the president’s critics. Beijing’s influence may be more sustained, pervasive and pernicious than Moscow’s. For those looking for another Trump conspiracy, China is the new Russia.
wsj.com
U.S. Targets Efforts by China, Others to Recruit Government Scientists
Timothy Puko and Kate O’Keeffe
10-13 minutes
The U.S. Energy Department is banning its researchers from joining Chinese talent-recruitment programs after finding personnel were recruited by foreign military-linked programs and lured with multimillion-dollar packages.
The move is the latest attempt by the Trump administration to stave off what it sees as China’s pervasive theft of U.S. science and technology, and it comes as tensions between Washington and Beijing continue to rise.
Trade talks between the U.S. and China foundered last month when the Trump administration accused China of reneging on previously negotiated agreements—an allegation Beijing denies. Both sides have raised tariffs on each other’s goods and drawn each other’s companies into the fray.
After U.S. officials cut Chinese telecommunications giant Huawei Technologies Co. off from critical U.S. suppliers, Chinese authorities summoned top U.S. tech firms includingMicrosoftCorp.andDell TechnologiesInc.to warn them about repercussions if they were to pare back business dealings in China.
President Trump called into CNBC Monday morning and said he is taking on China for the future of the country, even if it may hurt U.S. businesses in the short term. He said U.S. tariffs will force companies to leave China, giving the U.S. a competitive advantage.
China is “going to make a deal because they’re going to have to make a deal,” he said in the interview.
The Energy Department has become a major target for economic espionage, its leaders said, because it is the government’s primary scientific agency, supporting wide-ranging programs from elemental research in physical science up to work enhancing the military’s nuclear arsenal. The ban will apply to more than 100,000 people, mostly contractors, at a network of sites and labs across the country, often researching subjects considered vital to national security, including energy production, artificial intelligence and nuclear physics.
One would “almost have to be willfully blind” to ignore the threat China poses, said Dan Brouillette, U.S. deputy energy secretary, in an interview. “The threat is that they will take technology and research that is paid for by the American taxpayer that in many cases has dual-use applications” in both commerce and defense, he said.
The White House is leading an effort to protect government science programs from intellectual property theft. In May it created a joint committee including Energy Department leadership that, among other goals, intends to make recommendations that can be applied across the administration, officials said.
As of Monday, the Energy Department is requiring all personnel and nearly all contractors to disclose connections to foreign-government programs designed to recruit scientists, researchers and entrepreneurs, according to a new order that implements a plan reported by The Wall Street Journal in February. Employees working with any programs deemed to be sensitive from a national-security perspective will have to sever those ties or resign from the department, according to the document and department officials.
The department has found that foreign talent programs have offered scientists in its national lab system hundreds of thousands of dollars—in some cases millions of dollars—to conduct research. In some instances, Energy Department laboratory personnel have been recruited by foreign military-affiliated talent programs, Mr. Brouillette said.
Dan Brouillette, U.S. deputy energy secretary, says the White House has created a joint committee with Energy Department leadership that plans to make recommendations that can be applied across the administration.Photo: F. Carter Smith/Bloomberg News
While Energy Department counterintelligence personnel will develop a comprehensive list of recruitment programs that will be covered by the order, China and iterations of its Thousand Talents Plan are already squarely in the department’s sights, officials said. The order also prohibits countries considered to be adversaries, currently Russia, Iran and North Korea in addition to China, from using talent programs to pay or otherwise lure scientists in the U.S. to help develop technology, officials said.
China’s Thousand Talents websites name more than 300 U.S. government researchers who have accepted the program’s money, James Mulvenon, general manager at U.S. defense contractor SOS International LLC, told the Senate Judiciary Committee at a December hearing. The Chinese government targets a mix of Americans and foreign nationals, and doesn’t limit recruitment efforts to people of Chinese ethnicity.
Share Your Thoughts
When you think of national security threats facing the U.S. government, where would you rank rising tension with China, especially the competition in science and technology? Join the conversation below.
Participants in such programs “travel from the U.S. at Chinese government expense, divulge technical knowledge through scripted venues, are briefed on China’s technology interests, return to their U.S. “base” for more information, and repeat the process,” Mr. Mulvenon told senators.
The threat is now growing, according to U.S. officials, as other countries hostile to the U.S. seek to emulate China’s success to nurture their own programs to bolster scientific developments.
China has denied orchestrating a systematic plan to steal U.S. technology. “China places a high priority on protecting intellectual-property rights and improving its business operating environment,” the Commerce Ministry told the Journal last year.
The Chinese Embassy in Washington didn’t respond to a request for comment.
The administration’s effort to stave off intellectual property theft by China has also led to similar steps at other agencies. The National Institutes of Health last summer urged more than 10,000 research entities to discern whether federal grant recipients had properly reported affiliations with foreign governments or entities. The National Science Foundation has commissioned a review of how to better balance open science with national security, and it is trying to improve its disclosure process for outside affiliations, including support from foreign governments.
Mr. Brouillette said the new policy is necessary because the Energy Department didn’t previously require all employees and contractors to disclose their participation in foreign government programs. Its rules didn’t make “crystal clear” in every situation that it was illegal or improper to participate, especially for contractors, and codifying the department’s policy provides the legal standing to enforce a ban in future, Mr. Brouillette added.
“It gives us the ability to go after folks, if you will,” he said.
The department oversees 17 national laboratories. They employ about 15,000 federal workers and another 100,000 contractors. It is also home to the National Nuclear Security Administration, a semiautonomous agency in charge of maintaining the U.S. nuclear weapons stockpile.
Closing the loophole at the Energy Department is critical not only to protecting its own research but to preventing the threat from metastasizing if scientists build on experiences at multiple agencies, said Mr. Brouillette.
“You can conduct genetic-type research at NIH, for instance, and then work your way into a DOE laboratory where we’re doing similar work and then potentially work your way into a defense laboratory that does similar work, and you can theoretically combine all those experiences and put those things together in a way that creates a threat,” he said.
Once Energy Department scientists pledge to quit problematic foreign talent programs, it would be up to counterintelligence officials to determine whether the scientists continue to present a security risk, said Mr. Brouillette. Disclosure of participation also wouldn’t necessarily prevent a possible prosecution of the scientist later on, he said. At the same time, lying could also lead to charges.
In February 2018, a Chinese-American oceanographer pleaded guilty in federal court to illegally accepting a salary from a Chinese talent program while he was employed by the National Oceanic and Atmospheric Administration.
Last month, a former Energy Department scientist at the Los Alamos National Laboratory, which does nuclear-weapons research, was indicted on a charge of making false statements about his alleged involvement with a Chinese talent-recruitment program. The scientist, who is Indian-American, has pleaded not guilty.
Advocacy groups are warning against a witch hunt against scientists of Chinese descent. In a letter to Mr. Trump dated June 4, the Committee of Concerned Scientists—a nonprofit group that advocates for scientific freedom—alleged that the U.S. government was waging a “campaign of intimidation of ethnic Chinese scientists” and called for it to “make a public statement assuring them that they will be treated as equal valuable members of the American society.”
Mr. Brouillette said that concerns about racial profiling were political and that the department’s policy was a common-sense approach to protecting U.S.-funded research. He said that all employees, regardless of ethnicity or national origin, would be required to disclose any connections to foreign governments. He also said that, in consultation with lab directors, the department had decided to tailor the policy to apply only to talent-recruitment programs targeting research and that it wouldn’t affect cooperative programs or MOUs with friendly countries.
Write to Timothy Puko at tim.puko@wsj.comand Kate O’Keeffe at kathryn.okeeffe@wsj.com
Last edited:
88m3
Fast Money & Foreign Objects
Bloomberg
12 hrs ·
The FBI and the NIH are targeting ethnic Chinese scientists, including U.S. citizens.
About this website
BLOOMBERG.COM
The U.S. Is Purging Chinese Cancer Researchers From Top Institutions
Here’s the first account of what happened to Xifeng Wu.
12 hrs ·
The FBI and the NIH are targeting ethnic Chinese scientists, including U.S. citizens.
About this website
BLOOMBERG.COM
The U.S. Is Purging Chinese Cancer Researchers From Top Institutions
Here’s the first account of what happened to Xifeng Wu.
reuters.com
Exclusive: China hacked eight major computer services firms in...
Jack Stubbs
4-5 minutes
LONDON (Reuters) - Hackers working for China’s Ministry of State Security broke into networks of eight of the world’s biggest technology service providers in an effort to steal commercial secrets from their clients, according to sources familiar with the attacks.
FILE PHOTO - A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration
Reuters today reported extensive new details about the global hacking campaign, known as Cloud Hopper and attributed to China by the United States and its Western allies.
Read the full report here:
here
A U.S. indictment in December outlined an elaborate operation to steal Western intellectual property in order to advance China’s economic interests but stopped short of naming victim companies. A Reuters report at the time identified two: Hewlett Packard Enterprise and IBM.
Now, Reuters has found that at least six other technology service providers were compromised: Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology, HPE’s spun-off services arm.
Reuters has also identified more than a dozen victims who were clients of the service providers. That list includes Swedish telecoms giant Ericsson, U.S. Navy shipbuilder Huntington Ingalls Industries and travel reservation system Sabre.
HPE said it worked “diligently for our customers to mitigate this attack and protect their information.” DXC said it had “robust security measures in place” to protect itself and clients, neither of which have “experienced a material impact” due to Cloud Hopper.
NTT Data, Dimension Data, Tata Consultancy Services, Fujitsu and IBM declined to comment. IBM has previously said it has no evidence sensitive corporate data was compromised by the attacks.
Sabre said it had disclosed a cybersecurity incident in 2015 and an investigation concluded no traveler data was accessed. A Huntington Ingalls spokeswoman said the company is “confident that there was no breach of any HII data” via HPE or DXC.
Ericsson said it does not comment on specific cybersecurity incidents. “While there have been attacks on our enterprise network, we have found no evidence in any of our extensive investigations that Ericsson’s infrastructure has ever been used as part of a successful attack on one of our customers,” a spokesman said.
The Chinese government has consistently denied all accusations of involvement in hacking. The Chinese Foreign Ministry said Beijing opposed cyber-enabled industrial espionage. “The Chinese government has never in any form participated in or supported any person to carry out the theft of commercial secrets,” it said in a statement to Reuters.
The Cloud Hopper attacks carry worrying lessons for government officials and technology companies struggling to manage security threats.
Chinese hackers, including a group known as APT10, were able to continue the attacks in the face of a counter-offensive by top security specialists and despite a 2015 U.S.-China pact to refrain from economic espionage.
Reuters was unable to detail the full extent of the damage done by the hacking and many victims are unable to tell exactly what was stolen. Yet senior Western intelligence officials say the toll was high.
“This was a sustained series of attacks with a devastating impact,” said Robert Hannigan, former director of Britain’s GCHQ signals intelligence agency and now European chairman at cybersecurity firm BlueVoyant.
Additional reporting by Gao Liangping, Cate Cadell and Ben Blanchard in Beijing. Editing by Ronnie Greene and Jonathan Weber
Global Telecom Carriers Attacked by Suspected Chinese Hackers
Global Telecom Carriers Attacked by Suspected Chinese Hackers
Attack targeted 20 people believed to have ties to China across Asia, Europe, Africa and Middle East, according to a cybersecurity firm report
The cyberoffensive casts a spotlight back on a Chinese group called APT 10. U.S. federal prosecutors charged two Chinese nationals in December for alleged work tied to APT 10 targeting U.S. businesses and government agencies. Photo: Manuel Balce Ceneta/Associated Press
By
Timothy W. Martin and
Eva Dou
Updated June 24, 2019 10:02 pm ET
Hackers believed to be backed by China’s government have infiltrated the cellular networks of at least 10 global carriers, swiping users’ whereabouts, text-messaging records and call logs, according to a new report, amid growing scrutiny of Beijing’s cyberoffensives.
The multiyear campaign, which is continuing, targeted 20 military officials, dissidents, spies and law enforcement—all believed to be tied to China—and spanned Asia, Europe, Africa and the Middle East, says Cybereason Inc., a Boston-based cybersecurity firm that first identified the attacks. The tracked activity in the report occurred in 2018.
The cyberoffensive casts a spotlight back on a Chinese group called APT 10; two of its alleged members were indicted by the U.S. Department of Justice in December for broad-ranging hacks against Western businesses and government agencies. Cybereason said the digital fingerprints left in the telecom hacks pointed to APT 10, or a threat actor sharing its methods.
Dialed-In Attack
Suspected Chinese hackers infiltrated the mobile networks of at least 10 global telecom operators.
How the hack took place
Hackers
Suspected Chinese hackers use "spear phishing" and other tactics to infiltrate telecom companies.
Access to servers
Steal log-in credentials and identify accounts with access to servers containing the call-data records.
Disguise as employees
Create admin accounts and use VPNs, moves that make them appear as legitimate telecom employees.
Access data records
Obtain phone records with users' locations and logs of call and text history.
Tracking
This data can give a window into the target individual's daily commute and circle of contacts.
Source: Cybereason
Cybereason Chief Executive Lior Div gave a weekend, in-person briefing about the hack to more than two dozen other global carriers. For the firms already affected, the response has been disbelief and anger, Mr. Div said.
“We never heard of this kind of mass-scale espionage ability to track any person across different countries,” Mr. Div said.
The Wall Street Journal was unable to independently confirm the report. Cybereason, which is run by former Israeli counterintelligence members, declined to name the individuals or the telecom firms, citing privacy concerns.
China has consistently denied perpetrating cyberattacks, calling itself a victim of hacks by the U.S. and other countries. China’s Foreign Ministry didn’t immediately respond to a faxed request for comment. The Ministry of State Security wasn’t reachable for comment.
The identities of the 20 individuals allegedly targeted by China couldn’t be learned. The country often tracks overseas political dissidents and other persons of interest digitally and in person, according to cybersecurity experts and human-right activists.
The hacking campaign—which Cybereason calls “Operation Soft Cell”—represents one of the most far-reaching recent offenses against a telecom industry under pressure, Mr. Div said. Some three of every 10 global carriers have had sensitive information stolen from hacking attacks, according to a 2018 report by EfficientIP, a Philadelphia-based cybersecurity firm.
Operation Soft Cell gave hackers access to the carriers’ entire active directory, an exposure of hundreds of millions of users, Cybereason said. The hackers created high-privileged accounts that allowed them to roam through the telecoms’ systems, appearing as if they were legitimate employees.
The work of nation-state groups like APT 10 tend to be covert and focus on gathering intelligence—a contrast with organized crime rings that shut down websites or pilfer networks seeking monetizable assets, such as bank accounts or credit-card data.
“Nation-state groups are no doubt the top of the food chain,” said Larry Lunetta, a vice president of security solutions marketing at Aruba, a part of Hewlett Packard Enterprise Co. “The behaviors they exhibit generally would never have been seen before or may not look different to normal activity.”
The rollout of next-generation 5G networks globally has stoked national-security fears that the new technology could be vulnerable to hacking. Operation Soft Cell largely unfolded on existing 4G LTE networks, though the incident reveals fresh vulnerabilities.
The campaign used APT 10-linked procedures and techniques, including a web shell used to steal credentials and a remote-access tool, said Amit Serper, Cybereason’s head of security research.
Cybereason said it couldn't be ruled out that a non-Chinese actor mirrored the attacks to appear as if it were APT 10, as part of a misdirection. But the servers, domains and internet-protocol addresses came from China, Hong Kong or Taiwan, Mr. Div said. “All the indications are directed to China,” he said.
Cybereason Chief Executive Lior Div. Photo: Kiyoshi Ota/Bloomberg News
The APT 10 group, also known as cloudhopper, is believed by cybersecurity experts to be backed by China’s government based on its history of going after data that is strategic and not immediately monetizable. The group has been less visibly active this year following the Justice Department indictments, though is likely still around, said Ben Read, senior manager of cyber espionage analysis at FireEye Intelligence.
“They’re one of the most active China groups we track,” Mr. Read said.
China-based hackers have consistently targeted U.S. businesses over the years, although the frequency of attacks declined after a 2015 cease-fire on economic espionage signed by President Obama and President Xi Jinping.
Other countries, including Australia, Japan and the United Kingdom, have accused China of attempting to hack their government agencies and local companies.
Cybereason says Operation Soft Cell didn’t involve real-time snooping, meaning hackers weren’t listening in on calls or reading text messages.
Instead, the hackers obtained all-data records that reveal where individuals go and whom they contact—invaluable information for foreign intelligence agencies eager to learn a person’s daily commute or their confidantes.
“They owned the entire network,” Mr. Serper said.
With precise movements, the hackers breached telecom companies’ networks through traditional spear phishing emails and other tactics, Cybreason says.
Related Coverage
- • U.S. Charges China Intelligence Officers Over Hacking Companies and Agencies (Dec. 20, 2018)
- • How China Allegedly Hacked America and Its Allies (Dec. 20, 2018)
- • U.S. Considers Requiring 5G Equipment for Domestic Use Be Made Outside China (June 23, 2019)
Cybereason discovered the hacks by sniffing out unusual network traffic between a computer and the call-data record databases. The researchers detected activity dating as far back as 2012.
Some telecom firms have alerted users of the breach, per local regulations, though it is unclear if all of them have, Mr. Div said.
Write to Timothy W. Martin at timothy.martin@wsj.com and Eva Dou at eva.dou@wsj.com
Isaiah Bradley
Banned
If he's lax about China now, how will he be as a President negotiating new trade deals while addressing these hacks? I ain't trying to find out
