To refresh your memory, this is the post that started the PRC thing and the responses follow.
Tim Johnson
Tim,
I am anxious to see your postings about PRC/IN OPS. Someone posted an inquiry not too long ago about one of the ChiCom/IN euphuisms, but I didn't quite understand the context. One might be "fish at the bottom of the ocean" to describe what we call a "mole". Or, it could have been "collective blood guarantee", which is a form of cruel blackmail by holding an operative's family as hostage to prevent defections or even just poor performance.
Anyone seriously inteested in Chinese espionage, and the threat we face, should read "Chinese Intelligence Operations" by Nick Estimiades, who is a former DIA analyst who specializes in the Chinese intelligence services.
Another good source of information is the various works of Stanslav Lunev, who is a former colonel in the Soviet GRU and a recognized authority on the Chinese intelligence services. He graduated from the Taskent Military Academy (the equivalent of West Point), and in 1978 served in Singapore. After a short stint in Moscow, he returned to China as a GRU operative under cover as a TASS correspondent. In 1988, he was assigned to Washington, D,C., while still under cover as a TASS correspondent, however he defected to the US in 1992.
In one of his papers, Lunev related that all intelligence targeting comes from the very top of the PRC government, i.e., the Politiburo. He then went on to write, "The practical business of intelligence is conducted mainly by the Intelligence Directorates in the Ministry of State Security and the Second Directorate in the general staff of the People's Liberation Army". That, then, my friend, should give you an idea of what you and your collegues are up against.
Lunev also provided some insight as to potential targets. He wrote, "The fact is that Chinese leaders are very practical people. They cannot afford to maintain an extremely expensive intelligence bureaucracy unless it can pay for itself by boosting economic development". Those last two words should be underslined, becasue they say it all.
Lunv also claims that on any given day the PRC has at least 15,000 university students in the USA, most of whom are engaged in highly technical studies.
Yup. looks like there will be alot of work for everyone. I have not heard too much open source info about PRC SIGINT and COMINT operations in the USA, but sure would be interested in receiving any info that anyone on the mailing list might be willing to share.
Sai Chen ("Goodbye" in Chinese)
Bob
Bob,
Tim,
There are two excellent books about Industrial Espionage, and they both discuss China. They were both published in 1997, so the subject matter is up to date. They are: War by Other Means by John Fialka, and Corporate Espionage by Ira Winkler.
Visitors to one R&D facility typically visit others. By gaining exposure to multiple locations, they can overcome one location's OPSEC efforts (protection of unclassified, but critical government or proprietary info that may review more of an organization's capabilities and intentions than is prudent to do so). They do this by mentioning scraps of info that they picked up at one location to their hosts at another location. This often lowers the host's guard, because they think that if the visitors have displayed their knowledge of certain R&D efforts, "it must be okay" to further discuss these topics with them. Little by little, the visitors gather and assemble pieces of the technological jigsaw puzzle that they are trying to solve. In addition, visitors to R&D facilities are often hosted by, in this case, "overseas Chinese." These are US persons whose family came from, in this case, China, and who may still have relatives and/or emotional ties to China -- even if they are completely loyal US citizens. The visitors know how to subtley exploit these ties -- with offers of an academic sabbatical, a promise to pass gifts to their relatives still in the "old country," etc. Moreover, after such visits, there may be follow-up calls, invitations for prestigious reciprocal visits, offers to serve as informal consultants, and so on.
Things to do: provide recurring security education and briefings of all personnel at an R&D facility that is planning to host foreign nationals or send employees overseas; ensure a robust exchange of info between security officers at R&D facilties (to ensure that a consistent OPSEC plan is followed at all locations and that only specific categories and levels of info will be
shared -- even if the visitors ask probing questions and appear to be more knowledgeable about a technical topic than they should be); agreement between corporate security and management officials about these issues -- how to be gracious, but not overly informative hosts; and, regular contact before and after the visit with the R&D facility's cognizant government security and CI reps (in most cases, this would be DSS and FBI, respectively).
Hope this helps.
I guess my first comment is why worry just about the PRC?? Hell, they are a known, problem.. How about the rest of the countries on the list?? How about the rest just in the current top five. Russia, France, England, and Canada.. Scary, ain't it.. At least with the PRC you know what to expect. Here are a few things that we ran into. I'm sure each person that has been involved in this type of problem and have their own ideas and horror stories. Some seem stupid, cheap, and James Bondish but they are still happening.
Miniature video and/or still cameras built into or housed in just about anything imaginable.
Miniature recorders.
Depending on the type of facility, they have been know to dip their ties, shirt sleeves, or jacket sleeves or anything that they were carrying into chemical solutions, take them off after leaving the facility, and having the solution analyzed by their personnel.
They have been know to immediately after leaving the facility, take their shoes off, and have the dirt scraped and analyzed that was on the bottom of their shoes.
They will bump or rub up against something and have that piece of clothing analyzed.
You cannot leave anything visible that you do not want them to have. Put it away, cover it up, lock it up, or just arrange the tour in such a way that you only let them see exactly what it is you want them to see.
Ensure that you have guards along every part of the tour. They have a habit of getting separated from the tours and wandering where ever they want.
Ensure that you have more than one person escorting any group. They must watch constantly.
Be very wary of any conversations that the escorting personnel have with the tour personnel. We always made sure that the escorts had mineature recorders of their own and that they were on any time that they were near the tour personnel.
We have always been too open and proud of our accomplishments, especially our scientific types. Unfortunately, that has caused us to lose just about everything that we develop.
The PRC can cause you to violate export control laws. Not everything they see is exprortable. You must have a Dept of Commerence ECCN or an export liscense for every equipment item or process they are allowed to see. Check with your local DOC or State Dept for ITAR items.
Please make this non attributable. Thanks! I can attest to the continued interest by the Feds in visits by PRC to my facilities. We must abide by all the export license/ITAR requirements yet allow necessary access for current and future business needs. A delicate balance! Reality is that US firms must be competitive in China if they want to be truly international businesses. As the saying goes, if we don't, someone else will. None of this should be done at the risk of any technology that would harm our national security.
On another matter, this was furnished bu (who else), Bob.
Tim,
Here is a repeat of the info I had sent earlier which you sent off into the ether somewhere.
What I had sent was that a squeaky clean former Mexican police commandant (they DO exist) friend and associate of mine came across a 10 Gig device some years ago. It used a Gunnplexer made by Microwave Associates here in the USA. Although I had said it operated on 10 Gigs, that is approximate because the output frequency was rather unstable due to poor regulation of the bias voltage. The modulation, however, was fine.
There are some radio amateur operators who operate in this region of the spectrum. The antenna on the device found in Mexico was obviously homemade and consisted of copper sheeting that was bent and soldered to make a small horn antenna. Gunnplexters are very economical and
readily availabe through used radio-electronics parts stores and some military surplus outlets.
I had also mentioned that while attending a LatAm corporate security meeting several years ago, two Brits (one of whom was former GCHQ) mentioned having discovered a device operating on/about 40 Gigs in Holland while on assigment there. Unfortunately, I was unable to
obtain much more information on that device.
In conclusion, I speculated that perhaps one reason we hear so little about finding devices operating in the IBL (Itty-Bitty Lamda), i.e., Giga-Hertz, range is that they have been overlooked during surveys. Of course, appropriate surveys would require proper equipment with the extended range. Furthermore, very narrowly focused radiation patterns only exacerbates the problem of discovery unless one is fortunate enough to find some echos bouncing around.
Nowadays, there is so much new stuff popping up every day that one really has to be on his or her toes just to be aware of what to anticipate and then look for. Does anyone even want to touch the subjects of Surface Mount Technolgy (SMT) or etched minature antennas?
Happy Hunting,
Bob
I've taken the liberty of mixing two different discussions, one on the PRC and one on signals that someone asked about.
I'd like more feedback on both items as either directly or indirectly, both apply to most of you in the corporate sector.
Tim
The following article is a good primer on the threat... Fortune Magazine (3/31/98) - China's Spies Target Corporate America