The fact that China is building dossiers on global leaders, to include U.S. citizens, is not new news, though it continues to be troubling news. Some may opine, the price of a free and open society is the availability of information for all to consume, collect, and collate. They would be correct; the cottage industry of scraping internet content is used by competitive intelligence entities, background investigators, and every nation state.
U.S. academic, Christopher Balding published a five page report in which he discusses the existence of a Chinese “Overseas Key Information Database (OKIDB)” which was built and controlled by Zenhua Data, a Shenzen-based technology company which advertises itself as “a pioneer in using big data for hybrid warfare.”
The OKIDB
Balding explains how the database consisted of over 2.4 million individuals from around the world in support of “Chinese intelligence, military, security, and state operations in information warfare and influence targeting.” He continues, “The data covers a broad array of public and non-public data with classifications and rankings on individuals and institutions designed to assist Chinese analysts.”
Our takeaway from reading Balding’s report is that the OKIDB is yet another tool in the Chinese efforts to build dossiers on current and future targets of interest.
Open Source Intelligence
Is collecting open source intelligence (OSINT) something new? Nope, it’s infinitely easier and safer for intelligence entities to collect what is openly available than to use covert means to collect the same information.
For example, the FBI created an RFP for a “Social Media Alerting Subscription” in 2019 which would provide the Bureau with analysis of scraped OSINT. A plethora of free and accessible social media listening tools are available, including those found within social networks. Similarly, search engines can be configured to provide alerts whenever a topic of interest to you is published.
How the Chinese dossiers are built
The analysts and targeteers within Chinese intelligence entities will take the OKIDB information on a particular target and marry the data with that which has already been accumulated in an all-source collation. Thus the classified HUMINT, SIGINT, the illegally procured, and the OSINT provide the Chinese decision-makers a comprehensive look at a given target.
This is offensive intelligence at its finest, and the counterintelligence briefer within every entity need to highlight the Chinese intelligence threat.
- HUMINT – Think for a moment as to the amount of personal information which was collected from the PRC penetration, Alexander Yuk Ching Ma of FBI Honolulu on personnel within that division? We know from his indictment that he provided information on his CIA colleagues.
- SIGINT – Do you think that any telephone call into or out of China is not available to be collected? When a country bans encryption, there is always a reason why – a target’s interaction with family, business colleagues, or other government entities provides yet another optic. Similarly, the recruitment of individuals with access to government codes remains a target of interest to China as we learned via the 2005 suicide of the Japanese code clerk following his engagement with the MSS in Shanghai. The ability to read government documents and communications will never diminish.
- Illegally procured – We can start with the OPM breach and then follow along with the Equifax breach. With those two breaches, millions of cleared personnel have their SF-86, background investigation results, and their financial situation availed to the Chinese. Couple this with the salacious Ashley Madison, and there might be a piece of dirt availed to the Chinese to squirrel away.
- OSINT – The OKIDB contained information on 52,000 Americans. The firm which collated the data for Zenhua Data was China Revival which claims to have records on 2.4 million individuals, 650 thousand organizations, 2.3 billion news articles, and 2.1 billion social media posts. The data harvested came from LinkedIn, Twitter, Facebook, and other social networks. In addition, the OKIDB linked papers, research, videos, blog posts, and other information on individuals to provide a holistic view of a given individual.
From this data, they will be able to extrapolate in a comprehensive manner the perceived vulnerabilities of a target, the best avenue to make a HUMINT approach, the utilization of social networks, and communication mediums of choice for SIGINT and project decision making.
We’ve said it many times, and it bears repeating: China determines who is targeted, you the target don’t get a vote. You know now that your postings and social network engagement are fair game for every Chinese targeteer; act accordingly.
