When the news broke that the American IC community had picked up clues that China was considering providing lethal assistance to the Russians fighting in Ukraine, I had a quiet moment of joy. Oh, I thought, the Americans have figured out an angle to look in on Chinese decision-making.
But then it was revealed by NBC News that the American intel was basing on information it had picked up from Russian officials, not Chinese officials. That confirmed my worst fears.
It appears that the Central Intelligence Agency and National Security Agency do not have much visibility at all into Beijing’s decision-making. First the CIA: In the 2010 to 2011 time frame, China’s Ministry of State Security turned a former CIA agent in Hong Kong, who revealed the identities of all CIA assets in China. They were disappeared. It takes a long time to build up an intelligence network and it’s not at all clear that CIA has been able to recover. Their wounds were further compounded by the leaking of a treasure trove of the agency’s tools for penetrating the computer networks of foreign goverments. The CIA software engineer accused of doing the leaking, Joshua Schulte, was convicted.
Another CIA vulnerability is that its cloud computing network, which is separate from the rest of the U.S. government’s IT systems, was built by Amazon Web Services. That subsidiary is registered in China as a Chinese company, which means that it has to share its source code with the Chinese government. The Chinese could be inside the CIA’s system, a theory that was bolstered by recent agency losses in China, Russia, Iran and North Korea.
The NSA also has been wounded, first by Edward Snowden’s leaks roughly 10 years ago. But it gets worse: Published reports suggest that the NSA is quietly supporting the Equation Group, which like the spy agency is based in Fort Meade, Md. A group called Shadow Brokers posted files to prove they had stolen source code from the Equation Group. In effect, the NSA’s own tools have been stolen.
The final icing on the cake is that the Chinese have stolen so much data on U.S. government officials that no military or intelligence official can operate safely in China. They have stolen millions of pieces of data from Marriott, United Airlines and the U.S. government itself, when they hacked the Office of Personnel Management. My co-author Mike McLaughlin and I argue in our new book, Battlefield Cyber: How China and Russia Are Undermining Our Democracy and National Security, that the Chinese can identify and track American officials attempting to meet with Chinese sources because they can match up the data points. They know so much about the travel patterns of America’s military and intelligence officials that it’s simply not safe for them to try to operate inside China.
All of which leads me back to the conclusion that the American intel community has only limited insight into what the Chinese leadership is thinking and planning.
