People enjoy reading spy novels for understandable reasons: exotic locations, everyday people who are actually secret agents, a gallery of rogues, and healthy doses of sex and violence help the plot move along nicely and divert us from the mundanity of our 21st century domesticated existence. While the settings are different now--Cold War cloak-and-dagger has given way to terrorists hellbent on realizing radical their visions and computer geeks using tools of the digital age for surreptitious information gathering--the interplay of, yes, spy versus spy remains the focal point of interest. Oftentimes these sorts of activities have an "everybody does it, so why can't we?" feel in real life: Israel-based operators, for instance, have often targeted erstwhile "friends."
A few days ago, we had the widely reported story of Google indirectly accusing the PRC of staging phishing attacks on the accounts of human rights dissidents. Sometime ago, foreign students the PRC sends out by platoons like those at my alma mater have been portrayed as spies for the Communist Party. I bring these up because we once again have another story of industrial espionage courtesy of the London Times that appears straight out of a John la Carre or Frederick Forsyth espionage thriller:
A few days ago, we had the widely reported story of Google indirectly accusing the PRC of staging phishing attacks on the accounts of human rights dissidents. Sometime ago, foreign students the PRC sends out by platoons like those at my alma mater have been portrayed as spies for the Communist Party. I bring these up because we once again have another story of industrial espionage courtesy of the London Times that appears straight out of a John la Carre or Frederick Forsyth espionage thriller:
The security service MI5 has accused China of bugging and burgling UK business executives and setting up “honeytraps” in a bid to blackmail them into betraying sensitive commercial secrets. A leaked MI5 document says that undercover intelligence officers from the People’s Liberation Army and the Ministry of Public Security have also approached UK businessmen at trade fairs and exhibitions with the offer of “gifts” and “lavish hospitality”.And then there are the "honeytraps":
The gifts — cameras and memory sticks — have been found to contain electronic Trojan bugs which provide the Chinese with remote access to users’ computers. MI5 says the Chinese government “represents one of the most significant espionage threats to the UK” because of its use of these methods, as well as widespread electronic hacking. Written by MI5’s Centre for the Protection of National Infrastructure, the 14-page “restricted” report describes how China has attacked UK defence, energy, communications and manufacturing companies in a concerted hacking campaign.
It claims China has also gone much further, targeting the computer networks and email accounts of public relations companies and international law firms. “Any UK company might be at risk if it holds information which would benefit the Chinese,” the report says. The explicit nature of the MI5 warning is likely to strain diplomatic ties between London and Beijing...
China has occasionally attempted sexual entrapment to target senior British political figures. Two years ago an aide to Gordon Brown had his BlackBerry phone stolen after being picked up by a Chinese woman who had approached him in a Shanghai hotel disco. [I venture that they were playing "Blame It On the Boogie" at the Banana Club in Beijing while the deal was going down. Maybe I ought to write a novel of my own (or need medication ASAP).]It goes without saying that providing cybersecurity is a likely growth industry to both government and private sector clients holding information that may be of use for intelligence or commercial purposes. All the same, you must question how many of these sorts of activities can be attributed to limits placed by Western countries on "dual-use" exports to the PRC. I am inclined to think there's some truth here even if some claims appear pretty far-fetched. Won't bog-standard antivirus pick up funny stuff on a USB stick, f'rinstance? The Chinese will of course deny everything. Alas, when pressed, their response will likely be...Don't blame it on the sunshine, don't blame it on the moonlight, don't blame it on the good times--blame it on the boogie.
The report says the practice has now extended to commercial espionage. It says Chinese agents are trying to cultivate “long-term relationships” with the employees of key British companies: “An undercover intelligence officer may try to develop a friendship or business relationship, often using lavish hospitality and flattery. “Chinese intelligence services have also been known to exploit vulnerabilities such as sexual relationships and illegal activities to pressurise individuals to co-operate with them.”
The warning to British businessmen adds: “Hotel rooms in major Chinese cities, such as Beijing and Shanghai, which are frequented by foreigners, are likely to be bugged ... hotel rooms have been searched while the occupants are out of the room.” It warns that British executives are being targeted in China and in other countries. “During conferences or visits to Chinese companies you may be given gifts such as USB devices or cameras. There have been cases where these ‘gifts’ have contained Trojan devices and other types of malware.”
China has repeatedly denied spying on Britain and the West. Its London embassy did not comment. In 2007 Jonathan Evans, the director-general of MI5, had written privately to 300 chief executives of banks and other businesses warning them that their IT systems were under attack from “Chinese state organisations”. There have been unconfirmed reports that China has tried to hack into computers belonging to the Foreign Office, nine other Whitehall departments and parliament.