Around 2013, U.S. intelligence began noticing an alarming pattern: Undercover CIA personnel, flying into countries in Africa and Europe for sensitive work, were being rapidly and successfully identified by Chinese intelligence, according to three former U.S. officials. The surveillance by Chinese operatives began in some cases as soon as the CIA officers had cleared passport control. Sometimes, the surveillance was so overt that U.S. intelligence officials speculated that the Chinese wanted the U.S. side to know they had identified the CIA operatives, disrupting their missions; other times, however, it was much more subtle and only detected through U.S. spy agencies’ own sophisticated technical countersurveillance capabilities.
The CIA had been taking advantage of China’s own growing presence overseas to meet or recruit sources, according to one of these former officials. “We can’t get to them in Beijing, but can in Djibouti. Heat map Belt and Road”—China’s trillion-dollar infrastructure and influence initiative—“and you’d see our activity happening. It’s where the targets are.” The CIA recruits “Russians and Chinese hard in Africa,” said a former agency official. “And they know that.” China’s new aggressive moves to track U.S. operatives were likely a response to these U.S. efforts.
At the CIA, these anomalies “alarmed chiefs of station and division leadership,” said the first former intelligence official. The Chinese “never should have known” who or where these undercover CIA personnel were. U.S. officials, lacking a smoking gun, puzzled over how China had managed to expose their spies. In a previous age, they might have begun a mole hunt, looking for a single traitor in a position to share this critical information with the other side, or perhaps scoured their records for a breach in a secret communications platform.
But instead, CIA officials believed the answer was likely data-driven—and related to a Chinese cyberespionage campaign devoted to stealing vast troves of sensitive personal private information, like travel and health data, as well as U.S. government personnel records. U.S. officials believed Chinese intelligence operatives had likely combed through and synthesized information from these massive, stolen caches to identify the undercover U.S. intelligence officials. It was very likely a “suave and professional utilization” of these datasets, said the same former intelligence official. This “was not random or generic,” this source said. “It’s a big-data problem.”
