A Chinese national from California has been sentenced to four years in prison for spying for Beijing. The convict, 56-year-old Edward Peng, used to work as a tour operator in the San Francisco Bay Area.
“This case exposed one of the ways that Chinese intelligence officers work to collect classified information from the United States without having to step foot in this country… This case is but one example of the Chinese government’s multifaceted espionage efforts,” Assistant Attorney General for National Security John C. Demers said, as reported by the South China Morning Post.
Peng, whose Chinese given name is Xuehua, had come to the United States in 2001 as a legal non-immigrant worker, becoming a permanent resident after marrying a U.S. citizen in 2006.
During a business trip to China, Peng was approached by a Chinese Ministry of State Security (MSS) official who asked that he work to serve the interests of the communist regime. In March 2015, he was trained in handling dead drops.
The official instructed him to identify and book hotel rooms where Peng would first leave money, go out for a few hours, come back, and retrieve digital storage devices that were left in exchange. Peng was then to transport these devices to China and hand them over to the official. He never saw who left the storage devices in the hotel rooms.
Peng received about US$30,000 for his work. The FBI caught up on his activities, secretly filming Peng carrying out the deliveries and pick-ups. They also intercepted his phone calls in which he conversed with the MSS officials. In addition to the 4-year jail term, Peng will also have to pay a fine of US$30,000.
The MSS and other Chinese intelligence agencies steal data through a variety of means, including acquiring U.S. government documents by hacking printers. A recent report by the American Enterprise Institute revealed that the Chinese agents comprised office printers, which store documents in their internal hard drives.
Since most people usually do not give importance to securing their printers, hackers take advantage of this and gain access to state or local government reports that have been printed.
“The one area that they’ve (China) been keen to exploit is at the state level… Because they recognize that state and local governments do not have the same sort of awareness about this issue, they’re largely dealing with state and local issues,” said Sen. Marco Rubio, as reported by Business Insider.
Hacking during a viral outbreak
While the CCP coronavirus outbreak has people across the world tensed up, hacking groups linked with the Chinese government have been using the opportunity to hack into computers from the Philippines, Mongolia, Vietnam, and Taiwan. According to cybersecurity firm FireEye, the hackers send email attachments containing information about the coronavirus. The recipients opened the emails and ended up getting infected with malware.
In addition to state-backed hackers, other independent groups are also taking part in the hacking attempts. The targets “have heightened interest in news and developments related to the virus, potentially making them more susceptible to social engineering that tricks them into clicking on malicious links,” researchers at the cyberintelligence firm RiskIQ said, as reported by the MIT Technology Review.
In the emails, the hackers mostly represented themselves as reputable organizations like the World Health Organization (WHO) and the Centers for Disease Control (CDC). Some phishing emails were targeted to steal passwords of the victims.