author photo
By Bruce Sussman
Fri | Sep 20, 2019 | 11:50 AM PDT

We've written pretty extensively about how certain countries are using cyber against us.

Cyber Attack Motivations: Russia vs. China is a good example of this.

And now it sounds like spies from China, in particular, are using cyberspace and social media to connect with people who have information the Chinese want.

And it is working.

Chinese: recruiting Americans to spy through LinkedIn

NPR has a good read on this right now, where they talked to the head of the Justice Department's National Security Division, John Demers.

"The Chinese," Demers told NPR, "are our No. 1 intelligence threat."

"We had, last year, three traditional espionage cases all involving ex-intelligence community officers going at the same time—that's unprecedented," Demers said.

Demers described a pattern that has emerged in the way Chinese intelligence officers try to recruit Americans.

It's risky for them to operate inside the United States—where they could be interdicted by the FBI—so instead they often initiate contact over the Internet via LinkedIn or other social media.

China's spies aren't reaching out willy-nilly. They do their research online to identify the information they want and the people who might have access to it.

And LinkedIn users, often trolling for new jobs, openly advertise their status as employees or former employees of agencies of interest—with access to material that the Chinese want."

Are the Chinese trying to steal intellectual property this way?

The Justice Department's John Demers was talking about recruiting those with access to United States intelligence secrets. However, based on what we know about Chinese cyberattack motivations, you have to wonder if they're using the same method to recruit employees at U.S. companies.

"When it comes to China, their main focus is really an economic focus. They're interested in going after intellectual property. They want to understand how things work and how they can make it or do it themselves," Col. Cedric Leighton, U.S. Air Force (Ret.) told us at SecureWorld.

"For example, if an oil and gas company is starting to explore in a certain area of the world and the Chinese national gas company is also interested in that, they will go in and go through computer files of the U.S. company to find out exactly what his happening, what their geologic readings are, what their geological assessments are and they will use those same assessments to underbid their U.S. competitor.

They can do things like go in and copy the plans for a fighter jet. The F-22 and F-35 were both copied by the Chinese… that's why you get aircraft like the Chinese J-20 which look remarkably similar to some of the latest U.S. aircraft like the F-35."

[RELATED: 8 Steps Huawei Took to Steal IP from T-Mobile and Cover It Up]

All of this brings up a question worth thinking about:

What do you have, what can you access, or who do you know that the Chinese might want to reach? 

It's something to consider before you click "accept" on that next LinkedIn request from someone you do not know.

[RELATED: Insider Threats at AT&T Wireless Activated by Cybercriminals]

Comments