What An Indictment of Alleged Chinese Intel Operatives Reveals About U.S. Double Agent Operations
Design by Ryan Ho

What An Indictment of Alleged Chinese Intel Operatives Reveals About U.S. Double Agent Operations

Zach Dorfman

On October 24, the Department of Justice announced the indictment of Guochun He and Zheng Wang, a pair of alleged Chinese intelligence officers, on money laundering and obstruction-related charges (but not, interestingly, for espionage itself).

He and Wang are accused of attempting to procure sensitive information about the ongoing prosecution of a “global telecommunications company” — unnamed in the court documents, but based on the timeline and description, is clearly Huawei, the Chinese telecommunications giant.

Any time the Justice Department decides to indict alleged foreign intelligence officials — especially when there’s little to no chance these officials will ever appear inside a U.S. courtroom — the deeper strategy or meaning of the action bears scrutiny. Sometimes, an indictment is just an indictment: an individual or entity is accused of committing a crime, and prosecutors fully expect to try them in court. The purported legal violation is what matters. But in these sorts of cases, national security officials use them as a wider tool of statecraft, or as part of an integrated offensive counterintelligence program.

To give one, minor example: sometimes in national-security related indictments, the U.S. will release candid photos of alleged spies, say, sitting at their desks. These aren’t Facebook or LinkedIn photos; the operative doesn’t appear to recognize that his picture is being snapped.

But as U.S. officials have told me, the decision to include such a photo in an indictment isn’t happenstance. It’s a signal from the U.S. intelligence community: We’ve been watching you and we’ve had access to your device. Which can then send the affected party — and his or her intelligence service — into a frenzy. How long has this device been compromised? Are other devices used by this person also breached? What operations may have been affected? And so on.

The net result is that you, as a counterintelligence professional, send your opponents spinning, scared, chasing their own tails. That wastes their valuable time and resources. Every working day that your opponent is scrubbing their digital networks or on a mole hunt is a day they’re not able to steal as many secrets from your country or recruit as many sources within your government. Intelligence agencies are bureaucracies, and there are real opportunity costs for them.

The He and Wang indictment doesn’t seem to include quite such revealing photos – both He and Wang’s photos seem touristy, and perhaps taken from a social network – but the court documents do reveal, in illuminating detail, an aspect of the counterintelligence world (and sometimes the indictments that are downstream from it) that often stay shrouded in darkness: that of double agents, or individuals believed by an intel service to be under their control, while actually working for an opposing service.

The U.S. government’s case against He and Wang appears to rest largely on their interactions with a double agent. Read with the benefit of hindsight, it’s clear from the conversations included in the filings that the double agent is strenuously attempting to suss out what his Chinese handlers’ intelligence priorities are – valuable information in itself for U.S. counterspies – and to better understand the relationship between Chinese intelligence and Huawei, since He makes it clear that the information he is collecting is being passed to the Chinese telecom company. These are illuminating exchanges, documenting closer connections between Huawei and Chinese spies than what has been previously revealed by the U.S. government.

Now, we don’t know a lot about this person, but a close reading of the court documents reveals a great deal.

The double agent (I’m going to say “he,” though this person’s gender is unclear) works for a U.S. law enforcement agency that has some jurisdiction over, or investigative authority regarding, the Huawei prosecution. Naturally, this points to someone in the U.S. Attorney’s Office or wider Department of Justice or within the FBI. But the Huawei indictment mentions that the Department of Homeland Security’s Homeland Security Investigations and the Department of Commerce’s Bureau of Industry and Security were also involved in the probe. So it’s very possible that this person worked for DHS or Commerce.

The double agent, who had some direct role in the Huawei prosecution, had a security clearance – meaning that he could access classified documents. I note this because “access and placement” is king when it comes to recruiting sources, so this must have been seen as a big plus for the Chinese intelligence officers.

Under FBI supervision, the double agent began his relationship with these alleged Chinese intelligence officers around February 2017, years before the Huawei indictment was unsealed and his cooperation with his handlers intensified surrounding this case. He was getting paid by his “handlers” by fall of 2017 (we don’t know what for), but the big money – over $40,000 in Bitcoin — didn’t start to roll in until he provided information on the Huawei case.

But there are some big question marks surrounding this operation.

It’s unclear whether this double agent was a “dangle” by the U.S. government – that is, someone specifically used by the FBI or another U.S. national security agency to reel in foreign spies who falsely believe they have bagged a legitimate recruitment, or whether this U.S. law enforcement official was organically pitched by He and Wang and subsequently reported his contact to the FBI, which then decided to run him as a double.

Either way, the court filings show how resource-intensive double agent operations can be. The filings hint that some communications between the double agent and He – via an unspecified “encrypted messaging program” – were overseen or conducted by FBI agents managing the operation, and not the double agent himself. You can bet that a whole team of U.S. counterintelligence officials worked on this case, designing and approving the ostensibly classified documents that, according to court filings, the double agent passed to his Chinese handlers. (These documents were not, in fact, classified–it was an act of strategic deceit by U.S. counterspies–but were marked as such when provided to He and Wang.)

Interestingly, it’s also unclear how the double agent came to know He or Wang. Most of their interaction seems to have been via this unspecified encrypted app, but the three men met at least once, per the court documents. U.S. officials believe both alleged Chinese intelligence officers are based in the same Chinese provincial capital, working under the same cover, associated with a scintillating-sounding state-run economic publication called “China Economic Systems Reform Magazine.” (This is speculation on my part, but He and Wang’s cover would lend credence to the idea that the U.S.’s double agent worked for Commerce or DHS, since the two Chinese operatives would have had a stronger, believable rationale to interact with him based on their employment.)

So He and Wang, who do not appear to have been U.S.-based, don’t seem to have spent much face time with the double agent. Indeed, he may have been pitched and recruited entirely online: In droll bureaucratese, He’s wanted poster says he is “known to enjoy painting and drawing, and to use LinkedIn.” (Chinese intelligence is known to blanket current and former U.S. officials on LinkedIn; it’s a low-cost, if scattershot, technique for attempted recruitments.)

Why did this double agent operation cease? The court filings don’t say. And why lay out, in such minute and devastating detail, the mechanics of a double agent operation in an indictment where the defendants will, again, almost certainly never see the inside of a U.S. courtroom? These, alas, are questions probably best posed to FBI counterintelligence agents–and the type they are least likely to answer publicly, or at all.

Get in touch at zach@projectbrazen.com or securely at brushpass1@protonmail.com.

THE BRUSH PASS is an initiative of Project Brazen, a journalism studio and production company based in London and Singapore. Follow our newsletter WHALE HUNTING delving into the hidden world of the rich and powerful and GATEWAY about the European drug explosion.

From elsewhere in the Brazen Network:

New book out on now about Adrian Hong and Free Joseon, a group of volunteers who tried to take on the North Korean regime -- https://www.rebelandthekingdom.com
Follow our exploration of the European drug trade at GATEWAY or dive into the hidden world of wealth and power at WHALE HUNTING.