As Australia launches probe, skeptics cast doubts on Chinese defector’s spy claims

Wang LiqiangAs the Australian government has launched an official investigation into the claims made by a self-styled Chinese intelligence defector, some skeptics have begun to cast doubts about his revelations. The claims of Wang “William” Liqiang have dominated news headlines in Australia for over a week. The 26-year-old from China’s eastern Fujian province reportedly defected to Australia in October, while visiting his wife and newborn son in Sydney. He is currently reported to be in a safe house belonging to the Australian Security Intelligence Organization (ASIO).

The Australian spy agency confirmed last week that Mr. Wang had provided a 17-page sworn statement, in which he detailed his work as an undercover intelligence officer for Chinese military intelligence. He is also said to have shared the identities of senior Chinese intelligence officers in Taiwan and Hong Kong, and to have explained how they plan to carry out espionage operations on behalf of Bejing. Some media reports claimed that Mr. Wang had shared details about deep-cover Chinese intelligence networks in Australia. The Australian government said on Tuesday that an official investigation had been launched into Mr. Wang’s claims.

But some skeptics in Australia and elsewhere have begun to raise doubts about the Chinese defector’s claims, suggesting that he has given little —if any information— that is genuinely new. Some argue that Mr. Wang is much too young to have been entrusted with senior-level responsibilities in the intelligence agency of a country that rarely promotes twenty-somethings in high-ranking positions. Additionally, Mr. Wang appears to have no military background —he claims to have been recruited while studying fine art— which is not typical of a Chinese military intelligence operative.

Furthermore, Mr. Wang episode interviewers from Australian television’s 60 Minutes program that he began feeling tormented by moral dilemmas when his staff officers supplied him with a fake passport bearing a different name, in preparation for an operation in Taiwan. However, by his own admission, Mr. Wang had been supplied with fake passports for previous operations, so it is not clear why he lost his nerve at the time he did. In fact, case officers usually covet the opportunity to go undercover and feel a sense of exhilaration when they receive fake identification documents for an undercover mission.

Is Mr. Wang not sharing the entire background to his decision to defect to Australia? Or could he be deliberately amplifying his role in Chinese intelligence, in an effort to appear useful to the Australian government and thus secure political protection by Canberra? In the words of Alex Joske, an analyst at the  International Cyber Policy Centre of the Australian Strategic Policy Institute, the details in some of Mr. Wang’s claims mean that “government investigations should uncover the facts eventually. But we don’t know the full story and we probably never will”.

Author: Joseph Fitsanakis | Date: 26 September 2019 | Permalink

Chinese defector reveals identities of Chinese undercover spies in Asia and Australia

Wang LiqiangA Chinese intelligence defector has reportedly given the Australian government information about entire networks of Chinese undercover spies in Hong Kong, Taiwan and Australia, according to reports. The story of Wang “William” Liqiang, made headlines all over Australia during the weekend, culminating in an entire episode of 60 Minutes Australia about him airing on Sunday. The 26-year-old from China’s eastern Fujian province reportedly defected to Australia in October, while visiting his wife and newborn son, who live in Sydney. He is currently reported to be in a safe house belonging to the Australian Security Intelligence Organization (ASIO).

Police in the Chinese city of Shanghai claim that Mr. Wang is a small-time criminal who has been found guilty of using fraudulent documents and has a 15-month suspended prison sentence on his record. In a statement issued on Sunday, China’s embassy in Canberra described Mr. Wang as a “convicted fraudster” who was “wanted by police after fleeing [China] on a fake passport”. But according to reports in the Australian media, Mr. Wang has provided the ASIO with a 17-page sworn statement, in which he details his work as an undercover intelligence officer. He is also said to have shared the identities of senior Chinese intelligence officers in Taiwan and Hong Kong, and to have explained how they organize and implement espionage operations on behalf of Bejing.

In a leading article published on Saturday, The Sydney Morning Herald referred to Mr. Wang as “the first Chinese operative to ever blow his cover” and claimed that he had given the ASIO “a trove of unprecedented inside intelligence” about Chinese espionage operations in Southeast Asia. The newspaper said that the defector had revealed details about entire networks of Chinese intelligence operatives in Taiwan and Hong Kong. He also reportedly provided identifying information about deep-cover Chinese intelligence networks in Australia.

Meanwhile, in an unrelated development, Australian media said yesterday that the ASIO was examining allegations that a Chinese espionage ring tried to recruit an Australian businessman of Chinese background and convince him to run for parliament. According to reports, the spy ring approached Nick Zhao, a successful luxury car dealer, and offered to fund his political campaign with nearly $700,000 (AUS$1 million) if he run as a candidate for the Liberal Party of Australia. Zhao reportedly told the ASIO about the incident last year, shortly before he was found dead in a Melbourne hotel room. His death remains under investigation.

Author: Joseph Fitsanakis | Date: 25 November 2019 | Permalink

FBI files espionage charges against California man who allegedly spied for China

Xuehua Edward PengThe United States has pressed espionage charges against a naturalized American citizen who operated as a courier for Chinese intelligence while working as a tour operator in California. On Monday federal prosecutors in San Francisco filed espionage charges against Xuehua “Edward” Peng, a 56-year-old Chinese-born American citizen. Peng, a trained mechanical engineer, reportedly entered the United States in June 2001 on a temporary visa. In 2012 he became a naturalized American citizen. By that time he was working for US Tour and Travel, an independent tour operator in California.

On Friday, officers with the Federal Bureau of Investigation arrested Peng at his home in Hayward, California, and charged him with spying on behalf of the Ministry of State Security (MSS), which is China’s primary external intelligence agency. At a press conference held on Monday, David Anderson, US Attorney for the Northern District of California, said that Peng began working for the MSS in June 2015 and continued to do so until June of 2018. Throughout that time, Peng participated in at least six dead drops on behalf of the MSS, said the FBI. But he was unaware that the agent on the other end of the dead drop was in fact an FBI informant, who had lured Peng and the MSS into an elaborate sting operation. The informant is referred to in the indictment as “the source”. The FBI said it paid the informant nearly $200,000 to facilitate the sting operation.

Most of the dead drops took place at a hotel in Newark, California. Peng would book a room in the hotel using a popular online booking service. He would check in and go to his hotel room, where he would hide envelopes containing as much as $20,000 in cash. He would then leave the room key at the front desk for his contact to pick up. The contact (the FBI informant) would pick up the key and the cash, and leave memory sticks with classified US government information for Peng to pick up. Peng would then travel to China to deliver the classified information to the MSS.

Unbeknownst to Peng, the FBI was monitoring him all along, and managed to secretly tape his alleged espionage activities. The surveillance footage is now part of the federal affidavit that was unsealed on Monday. Moreover, the FBI appears to have given Peng classified information that was approved for the purposes of the counterespionage operation against him. It is not known whether the classified information was real, deceptive, or a mixture of the two. It is worth noting that Peng is not a foreign diplomat and is therefore not subject to the rules of diplomatic immunity. He now faces a maximum of 10 years in prison and a fine of up to $250,000 if convicted.

Author: Joseph Fitsanakis | Date: 01 October 2019 | Permalink

In unprecedented move, US plans to block undersea cable linking US with China

undersea telecommunications cableIn a move observers describe as unprecedented, a United States government regulator is preparing to recommend blocking the construction of an 8,000-mile long undersea cable linking America with China, allegedly due to national security concerns. Washington has never before halted the construction of undersea cables, which form the global backbone of the Internet by facilitating nearly 100% of Internet traffic. Much of the undersea cable network is in the process of being replaced by modern optical cables that can facilitate faster Internet-based communications than ever before.

One such scheme is the Pacific Light Cable Network (PLCN), an 8,000-mile undersea cable construction project funded by Google, Facebook and Dr. Peng Telecom & Media Group Co., one of China’s largest telecommunications-hardware manufacturers. The PLCN’s completion will produce the first-ever direct Internet link between Los Angeles and Hong Kong, and is expected to increase Internet speeds in both China and the United States. Most of the PLCN has been laid and its completion is projected for this year.

But now an American regulatory panel plans to recommend blocking the PLCN’s final construction phase. According to The Wall Street Journal, the panel fears that the $300 million undersea cable project may facilitate Chinese espionage. The Justice Department-led panel is known as Team Telecom and consists of officials from several American government agencies, said the paper, citing “individuals involved in the discussion” about PLCN.

Never before has the US blocked the construction of an undersea cable, reported The Journal. National security concerns have been raised with reference to past undersea cable projects, some of whom were partially funded by Chinese-owned companies. But the projects eventually went ahead after the manufacturers were able to demonstrate that the design of the undersea cables forbade the installation of wiretaps. If the PLCN project is blocked, therefore, it will be the first such case in the history of the Internet in America.

The paper said that supporters of the PLCN argue that it would give American government regulators more control over the security of Internet traffic before it even reaches US territory. Additionally, PLCN investors claim that the completion of the project will provide American companies with broader access to consumers in Asia. Google, Facebook, Dr. Peng Telecom and the US government declined to comment on the news report.

Author: Joseph Fitsanakis | Date: 29 August 2019 | Permalink

Swiss to extradite brother of ‘leading biochemist’ who spied for Chinese firm

GlaxoSmithKlineA Swiss court has ordered the extradition to the United States of the brother of one of the world’s leading biochemists, who spied on a British pharmaceutical firm to help a Chinese startup. The extradition is part of a large corporate espionage case centered on Yu Xue, a Chinese scientist described by US federal prosecutors as “one of the world’s top protein biochemists”. Yu specializes in drug research for cancer and other serious terminal illnesses. From 2006 until 2016 he worked in the US for GlaxoSmithKline (GSK), a leading British pharmaceutical group.

In 2018, Yu was arrested by US authorities for stealing trade secrets from a GSK research facility in the US state of Pennsylvania, and giving them to a Chinese startup pharmaceutical company called Renopharma. He eventually pleaded guilty to stealing proprietary data from GSK, in a case that the US Department of Justice described as a textbook example of Chinese “economic warfare” against America. US government prosecutors also claim that Renopharma is almost wholly funded the Chinese government. The three co-founders of the Chinese firm have also been charged with corporate espionage targeting a US firm.

On May 28 Yu’s brother, Gongda Xue, was arrested in Basel, Switzerland. According to the US government, Gongda used GSK data stolen by his brother to carry out drug experimentation at the Friedrich Miescher Institute for Biomedical Research, where he worked as a post-doctoral trainee between 2008 and 2014. On Tuesday, the Swiss Federal Office of Justice (FOJ), ruled in favor of a request by the US government to extradite Gongda so he can be tried in Pennsylvaia. According to the FOJ, the Chinese scientist will be extradited as soon as his 30-day appeal period expires.

Author: Ian Allen | Date: 17 July 2019 | Permalink

Poland frees on bail former intelligence officer arrested for spying for China

Orange PolskaThe Polish government has authorized the release on bail of a former counterintelligence officer who was charged in January of this year with spying for China. The man has been identified in media reports as Piotr Durbajlo and is believed to have served as deputy director of the Internal Security Agency, Poland’s domestic counterintelligence service. A cyber security expert, Durbajlo also served in Poland’s Office of Electronic Communications with a top security clearance and unrestricted access to classified systems of Poland and the North Atlantic Treaty Organization, of which Poland is a member.

However, at the time of his arrest on January 10, Durbajlo had left government service and was a mid-level executive at Orange Polska. The company operates as the Polish branch of a French multinational telecommunications carrier with sister companies in several European Union countries. Along with Durbajlo, Polish authorities arrested Wang Weijing, a Chinese national who worked for the Chinese telecommunications manufacturer Huawei. Orange Polska is Huawei’s main domestic partner in Poland. Wang reportedly learned Polish at the Beijing Foreign Studies University. In 2006 he was posted by the Chinese Ministry of Foreign Affairs at the Chinese consulate in Gdansk, Poland’s largest Baltic Sea port. In 2011 he left the Foreign Service and joined the Polish office of Huawei. Following his arrest on January 10, he was charged with espionage. Huawei denied it had any role in espionage against the Polish state, but fired Wang nonetheless. Both Wang and Durbajlo have been in pretrial detention since their arrest in January.

On Friday, July 5, Durbajlo’s legal team announced that he would be set free on July 7, on a $31,500 bail that must be paid within 30 days to secure his release. His lawyers explained that the charges against him had not been dropped, but did not explain why he was being released. It is worth noting that Durbajlo’s release on bail was announced during a visit to Poland by a high-level Chinese delegation, aimed at discussing economic and political ties between Warsaw and Beijing. Late on Tuesday it was announced that Wang would remain in pretrial detention for at least three more months.

Author: Joseph Fitsanakis | Date: 10 July 2019 | Permalink

Attack by Chinese hacker group targeted high-profile individuals around the world

Operation SOFTCELLA hacker attack of impressive magnitude targeted specific individuals of interest to the Chinese government as they moved around the world, in what appears to be the first such operation in the history of cyberespionage. The attack was revealed late last month by Cybereason, an American cybersecurity firm based in Boston, Massachusetts. Company experts described the scope and length of the attack, dubbed Operation SOFTCELL, as a new phenomenon in state-sponsored cyberespionage. Cybereason said SOFTCELL has been in operation since at least 2017, and identified the culprit as APT10, a hacker group that is believed to operate on behalf of China’s Ministry of State Security.

The operation is thought to have compromised close to a dozen major global telecommunications carriers in four continents —the Middle East, Europe, Asia and Africa. According to Cybereason, the hackers launched persistent multi-wave attacks on their targets, which gave them “complete takeover” of the networks. However, they did not appear to be interested in financial gain, but instead focused their attention on the call detail records (CDRs) of just 20 network users. With the help of the CDRs, the hackers were able to track their targets’ movements around the world and map their contacts based on their telephone activity. According to The Wall Street Journal, which reported on Cybereason’s findings, the 20 targets consisted of senior business executives and government officials. Others were Chinese dissidents, military leaders, as well as law enforcement and intelligence officials.

An especially impressive feature of SOFTCELL was that the hackers attacked new telecommunications carriers as their targets moved around the world and made use of new service providers. The attacks thus followed the movements of specific targets around the world. Although this is not a new phenomenon in the world of cyberespionage, the geographical scope and persistence of the attacks are unprecedented, said The Wall Street Journal. Speaking last week at the 9th Annual International Cybersecurity Conference in Tel Aviv, Israel, Lior Div, Cybereason’s chief executive officer and co-founder, said SOFTCELL attacks occurred in waves over the course of several months. The hackers used a collection of techniques that are commonly associated with identified Chinese hacker groups. If detected and repelled, the hackers would retreat for a few weeks or months before returning and employing new methods. The Cybereason security experts said that they were unable to name the targeted telecommunications carriers and users “due to multiple and various limitations”.

Author: Joseph Fitsanakis | Date: 09 July 2019 | Permalink