Chinese intelligence activity abroad
Based on Wikipedia: Chinese intelligence activity abroad
In 2007, two armed teams broke into Pelindaba, South Africa's premier nuclear research facility. A security guard was shot in the chest. The target wasn't uranium or weapons-grade material—it was blueprints for a specialized reactor design. According to South Africa's State Security Agency, the attackers were sent by the People's Republic of China.
This brazen operation represents just one thread in an extraordinary tapestry of intelligence gathering that spans every continent and employs tactics ranging from sophisticated computer hacking to old-fashioned seduction. The Chinese government has built what American officials describe as the most aggressive and wide-ranging espionage apparatus in history, with economic damages to the United States alone estimated in the hundreds of billions of dollars.
The Architecture of Chinese Intelligence
Unlike the relatively streamlined intelligence structures of Western nations, China's espionage efforts flow through a remarkably diverse set of channels. The Ministry of State Security handles traditional spycraft and counterintelligence. The People's Liberation Army operates its own Intelligence Bureau within the Joint Staff Department. The Ministry of Public Security focuses on domestic security but also hunts down dissidents who've fled abroad.
Then there's something with no direct Western equivalent: the United Front Work Department.
The United Front is a political organization designed to build influence among groups outside the Communist Party itself—business leaders, overseas Chinese communities, foreign politicians, academics. It operates in a gray zone between diplomacy and espionage. As one Australian analyst put it, united front networks are "a golden opportunity for the Party's spies because they represent groups of Party-aligned individuals who are relatively receptive to clandestine recruitment."
This approach has deep roots. As far back as 1939, Zhou Enlai—who would later become China's first premier—articulated the strategy of "nestling intelligence within the united front." The idea was elegantly simple: hide spies among legitimate cultural and business organizations where they can build relationships without arousing suspicion.
The Law as Weapon
What makes Chinese espionage particularly distinctive is that cooperation isn't optional. Article 14 of China's 2017 National Intelligence Law states plainly that intelligence agencies "may ask relevant institutions, organizations and citizens to provide necessary support, assistance and cooperation."
This isn't a polite request. It's a legal mandate.
Every Chinese company, every citizen, can be compelled to assist intelligence operations. This creates a situation Western security services find deeply troubling: how do you distinguish between a legitimate business partnership and an intelligence-gathering operation when the law explicitly blurs that line?
The implications ripple outward. When the Chinese telecommunications giant Huawei bids to build 5G wireless networks in foreign countries, security officials must weigh whether that infrastructure could become a surveillance tool. When Chinese payment companies like Tencent or Alibaba collect personal data from users worldwide, Germany's domestic intelligence agency warns that information could end up in Beijing's hands. The concern isn't necessarily that these companies want to spy—it's that they may have no choice.
The Digital Battlefield
In 2009, researchers at the University of Toronto's Munk Center made a startling discovery. While examining computers at the personal office of the Dalai Lama, they uncovered a vast cyber-espionage network they dubbed GhostNet. Chinese hackers had penetrated government and private computers in 103 countries.
The scope was breathtaking. Compromised machines included those at embassies, foreign ministries, and government offices across South and Southeast Asia. The network had penetrated organizations affiliated with the Dalai Lama in India, Brussels, London, and New York.
China denied involvement. The researchers themselves noted there was no conclusive proof linking the operation to the Chinese government. But the targeting told a story: the focus on Tibetan activists and exile organizations suggested this wasn't the work of profit-motivated criminal hackers.
The following year, the same researchers found a second network. This one had harvested classified documents about Indian missile systems, confidential embassy communications about India's relationships across Africa, Russia, and the Middle East, NATO troop movements in Afghanistan, and an entire year's worth of the Dalai Lama's personal email. The hackers were traced to Chinese universities.
Beijing denied involvement again.
The Art of Impersonation
By 2019, Chinese hackers had grown more sophisticated in their approach. Rather than simply breaking into systems, they began impersonating trusted organizations. Attackers posed as journalists from The New York Times and researchers from Amnesty International, using these borrowed identities to target Tibetan Parliament members, nongovernmental organizations, and once again, the Dalai Lama's private office.
Social media platforms became another front. Facebook and Twitter removed large networks of Chinese bots that were spreading disinformation about the 2019 Hong Kong protests. A months-long attack on Hong Kong media companies was traced back to Chinese hackers.
The message was clear: China's intelligence services had adapted to the digital age with remarkable speed.
The African Union Incident
The headquarters of the African Union in Addis Ababa, Ethiopia, is an imposing structure—and a gift from China. The China State Construction Engineering Corporation built the complex and presented it to the continental organization.
In January 2018, the French newspaper Le Monde reported that this gift came with a hidden cost. According to the paper, the building's computer systems had been compromised for five years, from 2012 to 2017. Data from the Union's servers was being quietly forwarded to Shanghai.
The African Union's response was telling. Officials reportedly removed the building's entire computer system and refused a Chinese offer to configure the replacement. Le Monde alleged the Union then covered up the incident to protect Chinese interests on the continent.
Both China and the African Union denied everything. Ethiopian Prime Minister Hailemariam Desalegn said he didn't believe the report. The head of the African Union Commission called the allegations "totally false."
But in 2020, Japan's Computer Emergency Response Team reported that a suspected Chinese hacking group called "Bronze President" had compromised the headquarters' security cameras, extracting surveillance footage. If true, the gift kept on taking.
The Hunt for Dissidents
China's intelligence operations aren't solely about stealing secrets. A significant effort goes toward tracking, harassing, and sometimes kidnapping people the government considers enemies—a practice known as transnational repression.
The targets form a diverse coalition of the unwanted: supporters of Tibetan independence, Uyghur activists, advocates for Hong Kong and Taiwan independence, practitioners of Falun Gong, and pro-democracy activists of all stripes.
The Causeway Bay Books case illustrates how far this can go. In late 2015, five booksellers from a Hong Kong shop that published gossipy books about Chinese leaders disappeared. Gui Minhai vanished from Thailand. Lee Bo disappeared from Hong Kong itself—remarkable because Hong Kong was supposed to maintain judicial independence from mainland China under the "one country, two systems" framework.
The men had been publishing books about corruption and scandals involving senior Communist Party leaders. They were allegedly seized by mainland public security officials operating extrajudicially in Hong Kong's territory.
The Ministry of Public Security runs operations like Fox Hunt, which officially targets corruption suspects who've fled abroad but critics say extends to dissidents and critics. The line between legitimate law enforcement and political persecution becomes impossible to draw.
The India Focus
India, which shares a long and disputed border with China, has become a particular focus of Chinese intelligence activity. The operations there reveal the full spectrum of techniques in Beijing's toolkit.
In August 2011, a Chinese research vessel disguised as a fishing trawler was detected off the Little Andaman Islands, gathering data in waters India considers geostrategically sensitive. In 2018, a Chinese electronic intelligence ship spent two weeks monitoring waters near the Andaman and Nicobar Islands.
The human intelligence efforts are equally persistent. India's Research and Analysis Wing believes China uses dozens of "study centers" it has established in Nepal, near the Indian border, partly as intelligence collection platforms.
In 2019, Indian intelligence reported that China was trying to spy on naval bases in southern India and missile testing facilities by establishing Chinese businesses in nearby areas—a classic example of using commercial cover for intelligence purposes.
The Dalai Lama, who has lived in exile in India since 1959, remains a consistent target. In 2020, Indian authorities caught a Chinese national named Luo Sang operating what appeared to be a money laundering scheme. According to reports, he had also employed people to track the Dalai Lama's movements and monitor pro-Tibetan individuals in Delhi and northeastern India.
Cyber operations complement human intelligence. The "Luckycat" hacking campaign inserted malicious software into a Microsoft Word document about India's ballistic missile defense program. Chinese hackers linked to the People's Liberation Army have conducted sustained campaigns against the Central Tibetan Administration, the exile government based in Dharamshala.
In March 2021, Chinese hackers allegedly attacked the facilities producing Covaxin and Covishield—India's COVID-19 vaccines. There were also claims of attempted breaches of electricity infrastructure, raising fears of an attack designed to trigger a national blackout.
By 2025, India had implemented testing regulations requiring inspection of hardware and software from surveillance camera manufacturers—a direct response to the recognition that any Chinese-made device could theoretically be required to cooperate with Beijing's intelligence services.
The Surveillance Export Business
China hasn't just developed surveillance technology for domestic use. It has turned that technology into an export industry.
Facial recognition systems originally designed to identify Uyghurs—a Muslim minority subjected to intensive surveillance and mass detention in China's Xinjiang region—are now manufactured for global sale. State-owned enterprises like China National Electronics Import and Export Corporation and Huawei sell this technology to countries spanning the globe: Ecuador, Zimbabwe, Uzbekistan, Pakistan, Kenya, the United Arab Emirates, Venezuela, Bolivia, Angola, and Germany.
Chinese artificial intelligence startups like Hikvision, SenseTime, and Megvii have attracted investment from unexpected sources, including American universities like the Massachusetts Institute of Technology and Princeton, as well as the Rockefeller Foundation and the California Public Employees' Retirement System. These companies sell what amount to less expensive versions of state-developed surveillance systems.
This investment has become increasingly controversial. Several of these companies have been declared national security threats and human rights violators by the United States government, curtailing some American investment. But China continues to pour resources into artificial intelligence development, and by some measures has begun to overtake the United States in total AI investment.
The Hybrid Warfare Theorist
In September 2020, a Chinese company called Shenzhen Zhenhua Data Technology attracted global attention for its data collection capabilities. The company had assembled a massive database integrating information from around the world.
What made this particularly noteworthy was the candor of the company's chief executive, Wang Xuefeng. He had publicly boasted of supporting "hybrid warfare" through the manipulation of public opinion and "psychological warfare."
Germany's domestic intelligence agency, the Federal Office for the Protection of the Constitution, had already warned in its annual report that personal data provided to Chinese payment and technology companies could end up in the hands of China's government. The Zhenhua case suggested this wasn't paranoia—it was business strategy.
The Honey Trap
Amid all the high-technology espionage, some of the oldest techniques remain in use. Honey trapping—using romantic or sexual relationships to compromise targets—remains a common tool of Chinese intelligence services, as does kompromat, the collection of embarrassing or compromising material that can be used for blackmail.
The case of Katrina Leung became briefly famous in American counterintelligence circles. She was accused of having an affair with an FBI agent to obtain sensitive documents from him. In a twist that revealed the messiness of real-world intelligence work, a U.S. judge dismissed all charges against her due to prosecutorial misconduct. The case highlighted both the continued effectiveness of traditional tradecraft and the complications that arise when the lines between personal and professional relationships blur.
The Covert Front
In 2023, Chen Wenqing, a senior official in the Chinese Communist Party's Central Political and Legal Affairs Commission, issued a directive to party cadres at all levels. They were instructed to "attach great importance to, concern themselves with, and support covert front work."
The phrase "covert front" captures something essential about China's approach to intelligence. The boundaries between overt influence and covert espionage, between legitimate business and intelligence collection, between cultural exchange and political manipulation, are deliberately blurred. The intelligence operation hides within the united front, and the united front provides cover for the intelligence operation.
Much of what the public knows about Chinese intelligence services comes from defectors—individuals who have fled China and revealed information about its operations. The Chinese government invariably accuses such defectors of lying to promote an anti-China agenda. Without access to classified intelligence assessments, outside observers are left to piece together a picture from court cases, investigative journalism, and the occasional public statement from security agencies.
What that picture reveals is an intelligence apparatus of unprecedented scope and ambition, one that leverages every tool available—from sophisticated computer hackers to disguised research vessels, from fake journalists to legitimate businesspeople who may not even know they're being used, from ancient techniques of seduction to cutting-edge artificial intelligence.
The targets are equally diverse: military secrets and missile technology, commercial innovations and trade negotiations, political dissidents and religious minorities, international organizations and individual activists. The scale is global. The patience is measured in decades.
And the mandate is written into law: when the state asks for assistance with intelligence work, the answer must be yes.