Constitutional protection: spies from china target germans in social networks

constitutional protection: spies from china target germans in social networks

Lily wu calls herself assistant to the secretary general of a center for chinese-european development studies. The linkedin profile picture shows an accurate young woman who is assiduously taking notes in pencil. They cite one of the country’s most prestigious universities as a reference. Laeticia chen identifies herself as a project manager for a chinese thinktank in the world’s largest career network with well over 400 million registered users. And jason wang introduces himself as the manager of an association that wants to improve relations with china.

All three profiles have at least two things in common: they are potentially interesting contacts for experts, politicians and scientists with a penchant for china, with allegedly more than 500 contacts. And all three are fake profiles. At least, that is what a project group of the federal office for the protection of the constitution (bfv) has found out. From january to the end of september, the group intensively studied one of the currently most important forms of chinese espionage: contact via social media.

The findings are alarming. Whereas targets used to be approached by chinese secret agents at symposia or receptions, the focus has now shifted to contact via social media. "Social networks, especially linkedin, are used in a crude way for tapping and source advertising", bfv president hans-georg maaben summarizes the results of his counterintelligence work. "It is a broad attempt of infiltration of parliaments, ministries and authorities."

More than 10,000 german nationals have been contacted, according to constitutional protection officials. The aim of the chinese intelligence services was to siphon off information and recruit intelligence sources. There are fears of a high number of unreported cases.
The approach is often similar. People from the far east pose on the internet as employees of headhunting and consulting agencies, of thinktanks or as scientists. The profiles of lily wu, laeticia chen and jason wang have been exposed by the constitutional protection agency as some of the most active fake profiles of the chinese.

If an interested party makes contact, the spies behind the profiles signal their interest in a professional exchange. First, they ask for trial work, followed by invitations to symposia or other meetings in china. Personal contact can also be established there. Reports on sensitive information are usually expected, and in the case of particularly high-value targets, several tens of thousands of euros may be paid out.

For the chinese intelligence services, making contacts via the internet has one advantage in particular: it is risk-free. In addition, linkedin& co. Quickly filter out a range of interesting details about a person’s career, social environment or information about habits, hobbies or political interests at the click of a mouse. And unlike many other networks, linkedin is fully accessible and not blocked in china.

The chinese have particularly targeted members of the bundestag or the EU parliament, but also members of the german armed forces, foundations or banking associations, as well as political advisors or high-ranking business representatives. But even well-trained but inexperienced and still relatively poorly paid professional trainees could get caught in the web of chinese espionage. When the people concerned are then approached by german security authorities, they often react with surprise – they had only wanted to do something to improve german-chinese relations, some say.

But attempts to make contact via social networks are not the only activities of chinese intelligence services that are causing trouble for german authorities. In 2017, germany and europe were increasingly the focus of chinese cyber attacks. New attack methods have also been identified, says bfv president maaben. Instead of attacking the target directly, as in the past, the IT service provider working for the organization to be spied on is now being attacked first, for example.

The advantage is obvious: the spies can access the computer network directly and, if necessary, install infected software that can be used to extract secret data. Because network connections between service provider and customer are usually not conspicuous, the camouflage is even better. That’s another reason why the bfv, as the cyber security authority, is focusing on raising even more awareness among authorities and the business community, says maaben.

Leave a Reply

Your email address will not be published.