https://twitter.com/RMantri/status/1341053687947378693?s=08
This story of how China sabotaged and abused the open internet only reinforces the Popperian dictum:Do not tolerate the intolerant. Do not allow rogue operators to play by the rules made for those valuing an open society.
>>https://foreignpolicy.com/2020/12/21/china-stolen-us-data-exposed-cia-operatives-spy-networks/
>>But instead, CIA officials believed the answer was likely data-driven—and related to a Chinese cyberespionage campaign devoted to stealing vast troves of sensitive personal private information, like travel and health data, as well as U.S. government personnel records. U.S. officials believed Chinese intelligence operatives had likely combed through and synthesized information from these massive, stolen caches to identify the undercover U.S. intelligence officials.
>>Exploiting a flaw in the online system CIA operatives used to secretly communicate with their agents—a flaw first identified in Iran, which Tehran likely shared with Beijing—from 2010 to roughly 2012, Chinese intelligence officials ruthlessly uprooted the CIA’s human source network in China, imprisoning and killing dozens of people.
>>For U.S. intelligence personnel, these new capabilities made China’s successful hack of the U.S. Office of Personnel Management (OPM) that much more chilling. During the OPM breach, Chinese hackers stole detailed, often highly sensitive personnel data from 21.5 million current and former U.S. officials, their spouses, and job applicants, including health, residency, employment, fingerprint, and financial data. In some cases, details from background investigations tied to the granting of security clearances—investigations that can delve deeply into individuals’ mental health records, their sexual histories and proclivities, and whether a person’s relatives abroad may be subject to government blackmail—were stolen as well. Though the United States did not disclose the breach until 2015, U.S. intelligence officials became aware of the initial OPM hack in 2012, said the former counterintelligence executive. (It’s not clear precisely when the compromise actually happened.)
>>When paired with travel details and other purloined data, information from the OPM breach likely provided Chinese intelligence potent clues about unusual behavior patterns, biographical information, or career milestones that marked individuals as likely U.S. spies, officials say. Now, these officials feared, China could search for when suspected U.S. spies were in certain locations—and potentially also meeting secretly with their Chinese sources. China “collects bulk personal data to help it track dissidents or other perceived enemies of China around the world,” Evanina, the top U.S. counterintelligence official, said.
>>There were other bad omens. During this same period, U.S. officials concluded that Russian intelligence officials, likely exploiting a difference in payroll payments between real State Department employees and undercover CIA officers, had identified some of the CIA personnel working at the U.S. Embassy in Moscow. Officials thought that this insight may have come from data derived from the OPM hack, provided by the Chinese to their Russian counterparts. U.S. officials also wondered whether the OPM hack could be related to an uptick in attempted recruitments by Chinese intelligence of Chinese American translators working for U.S. intelligence agencies when they visited family in China. “We also thought they were trying to get Mandarin speakers to apply for jobs as translators” within the U.S. intelligence community, recalled the former senior counterintelligence official. U.S. officials believed that Chinese intelligence was giving their agents “instructions on how to pass a polygraph.”