How Silicon Valley Became A Den Of Spies

In the fall of 1989, during the Cold War’s wan and washed-out final months, the Berlin Wall was crumbling, and so was San Francisco. The powerful Loma Prieta earthquake, the most destructive to hit the region in more than 80 years, felled entire apartment buildings.

Freeway overpasses shuddered and collapsed, swallowing cars like a sandpit. Sixty-three people were killed and thousands injured. And local Soviet spies, just like many other denizens of the Bay Area, applied for their share of the nearly $3.5 billion in relief funds allocated by President George H.W. Bush.

FBI counter-intelligence saw an opening, recalled Rick Smith, who worked on the Bureau’s San Francisco-based Soviet squad from 1972 to 1992. When they discovered that a known Soviet spy, operating under diplomatic cover, had filed a claim, Smith and several other bureau officials posed as federal employees disbursing relief funds to meet with the spy.

The goal was to compromise him with repeated payments, then to turn him. “We can offer your full claim,” Smith told the man. “Come meet us again.” He agreed.

But the second time, the suspected intel officer wasn’t alone. FBI surveillance teams reported that he was being accompanied by a Russian diplomat known to the FBI as the head of Soviet counter-intelligence in San Francisco.

Foreign spies have been showing up uninvited to San Francisco and Silicon Valley for a very long time. According to former US intelligence officials, that’s true today more than ever.

Unlike on the East Coast, foreign intel operations here aren’t as focused on the hunt for diplomatic secrets, political intelligence or war plans. The open, experimental, cosmopolitan work and business culture of Silicon Valley in particular has encouraged a newer, “softer,” “nontraditional” type of espionage, said former intelligence officials, efforts that mostly target trade secrets and technology. “It’s a very subtle form of intelligence collection that is more business connected and oriented,” one told me.

But this economic espionage is also ubiquitous. Spies “are very much part of the everyday environment” here, said this person.
 
Political espionage happens here, too. China, for example, is certainly out to steal US technology secrets, noted former intelligence officials, but it also is heavily invested in traditional political intelligence gathering, influence and perception-management operations in California.

Chinese officials, in particular, often cajole or outright threaten Chinese nationals (or US citizens with family members in China) working or studying locally to provide them with valuable technological information.

Tech firms, especially start-ups, lack incentives to report potential espionage to US officials; and businesses and universities are often ignorant about the espionage threat, or so attuned to local political sensitivities they may fear being accused of stereotyping if they attempt to institute more stringent defensive security and screening measures.

As Silicon Valley continues to take over the world, the local spy war will only get hotter, and the consequences will resonate far beyond Northern California. This story is based on extensive conversations with more than half a dozen former intelligence community officials with direct knowledge of, or experience with, US counter-intelligence activities in the Bay Area.

Russian intelligence has had an intensive interest in San Francisco stretching back to the beginning of the Cold War. In those days, the Russians were primarily gathering information on local military installations, said former officials, including the Presidio, the strategically located former military base, set on a wind-swept northern tip of the San Francisco, peninsula overlooking the Golden Gate Bridge.

As the Bay Area transformed itself into a tech hub, Russia adapted its efforts accordingly, with Russian spies increasingly focused on obtaining information on valuable, sensitive or potentially dual-use technologies, those with both civilian and military applications, being developed or financed by companies or venture-capital firms based in the region.

Russia’s espionage activities have traditionally been centered on its San Francisco Consulate, which was forcibly closed by the Trump administration in early September 2017.

But even with the consulate shuttered, there are alternative vehicles for Russian intelligence-gathering in Silicon Valley. One potential mechanism, said three former intelligence officials, is Rusnano USA, the sole US subsidiary of Rusnano, a Russian government-owned venture capital firm primarily focused on nanotechnology. Rusnano USA, which was founded in 2011, is located in Menlo Park, near Stanford University.

“Some of the potential intelligence-gathering activities Rusnano USA was involved in were not only related to the acquisition of technology, but also inserting people into venture capital groups, in developing those relationships in Silicon Valley that allowed them to get their tentacles into everything,” one former intelligence official told me. “And Rusnano USA was kind of the mechanism for that.”

Rusnano’s interests, said this former official, have extended to technology with both civilian and potential military applications. US intelligence officials were very concerned about contacts between Rusnano USA employees and suspected Russian intelligence officers based at Russia’s San Francisco Consulate and elsewhere, this person said.

“The Russians treated [Rusnano USA] as an intelligence platform, from which they launched operations,” said another former US intelligence official. (Rusnano USA and the Russian Embassy in Washington, did not respond to requests for comment.)

Russia also employs older, tried-and-true methods locally. Intel officials have suspected that Russian spies were enlisting local high-end Russian and Eastern European prostitutes, in a classic Russian “honeypot” maneuver, to gather information from (and on) Bay Area tech and venture-capital executives.

Sex workers targeting executives at high-end bars and nightclubs such as the Rosewood Sand Hill, an ultra-luxury hotel located near many of Silicon Valley’s top financial firms, infamous for its raucous, hook-up oriented Thursday nights, the Redwood Room, a tony bar located in the Clift Hotel in downtown San Francisco, and other spots have been identified as potentially reporting back to Russian intel officers, said another former official.

“If I were a Russian intelligence officer, and I knew that these high-end girls were dragging CEOs of major companies back to their rooms, I’d be paying them for info too,” said this person. “It’s that whole idea of concentric rings: You don’t need to be on the inside, you just need somebody on the inside that you have access to.”

Russia’s interference in the 2016 presidential election has given Putin’s regime an outsized role in the national conversation on espionage. But talk to former intel officials, and many will say that China poses an equal, if not greater, long-term threat.

“The Chinese just have vast resources,” said Kathleen Puckett, who worked counterintelligence in the Bay Area from 1979 to 2007.

Because of California’s economic and political importance, as well as its large, well-established, and influential émigré and Chinese-American communities, the People’s Republic places great weight on its intelligence activities here, said multiple former intelligence officials.

Indeed, two told me that California is the only US state to which the Ministry of State Security, China’s main foreign intelligence agency, has had a dedicated unit, focused on political intelligence and influence operations. (China has had a similar unit for Washington.)

And if California is elevated among Chinese interests, San Francisco is like “nirvana” to the MSS, said one former official, because of the potential to target community leaders and local politicians who may later become mayors, governors or congressmen. Their efforts are becoming increasingly sophisticated.

Sometimes these recruitment efforts have been successful. According to four former intelligence officials, in the 2000s, a staffer in Senator Dianne Feinstein’s San Francisco field office was reporting back to the MSS. While this person, who was a liaison to the local Chinese community, was fired, charges were never filed against him.

Or take the case of Rose Pak. Pak, who died in September 2016, was for decades one of San Francisco’s preeminent political power brokers. Though she never held elective office, she was famous for making and unmaking mayors, city councilmen (or “supervisors,” as they’re known in San Francisco), and pushing city contracts to her allies and constituents in Chinatown.

According to four former intelligence officials, there were widespread concerns that Pak had been co-opted by Chinese intelligence, and was wielding influence over San Francisco politics in ways purposefully beneficial to the Chinese government.

Another worry, US officials said, was Pak’s role in organising numerous junkets to China, sometimes led by Pak in person and attended (often multiple times) by many prominent Bay Area politicians, including former San Francisco Mayor Ed Lee, who died while in office in 2017.

Political junkets are used by Chinese intelligence for surveillance (“every single hotel room is bugged,” one former official said) and collection purposes, as well as for spotting and assessing potential recruits, said former intel officials. (There is no indication that Pak herself participated in, or had knowledge of, specific intelligence-gathering efforts.)

Concerns about Pak’s links to the Chinese Communist Party occasionally percolated into local political debate, but the intelligence community’s identification of Pak as a likely agent of influence for Beijing is being reported here for the first time.

Occasionally, Chinese intelligence activities in San Francisco burst into plain view. Consider the story, and it is an incredible one, also told here for the first time, of the 2008 Olympic Torch Run.

San Francisco was the only US city to host the Olympic torch as it made its way, tortuously, to Beijing. And Chinese officials were very concerned about disruptions to the run by protesters, as well as in managing the image China projected to the rest of the world in the run-up to the games.

US officials watched as Chinese intelligence officers filmed Tibetan monks on their march across the Golden Gate Bridge, and known Chinese spies surveilled a pro-Tibet rally downtown featuring Desmond Tutu and Richard Gere. Chinese spies also recorded participants in a Falun Gong rally in Union Square, and shot footage of protestors at the torch run itself.

Most brazenly, said former intelligence agents, Chinese officials bussed in 6,000-8,000 J-Visa holding students, threatening them with the loss of Chinese government funding, from across California to disrupt Falun Gong, Tibetan, Uighur and pro-democracy protesters. (They even provided these students with a box lunch.) “I’m not sure they would have pulled out these stops in any other city, but San Francisco is special” to China, said a former senior US official.

Counter-intelligence officers possessed advance knowledge about some aspects of this operation and observed Chinese intelligence officers, who often wore earpieces connected to a radio, managing the movements of counter protesters, directing blocs of pro-PRC students to intimidate, disrupt and overwhelm anti-Beijing protesters across the parade route.

When it comes to economic espionage in particular, Chinese intelligence employs a more decentralised strategy than Russia does, former intelligence officials told me. China draws from a much larger population pool to achieve its objectives, using opportunistic businessmen, ardent nationalists, students, travelers and others alike.

The July 2018 arrest of Silicon Valley-based Apple employee Xiaolang Zhang, who allegedly stole proprietary information about Apple’s self-driving car program to benefit his new employer, a China-based competitor, appears to fit this pattern. (Zhang was charged with theft of trade secrets and has not been accused of any espionage-related crimes. He maintains his innocence.)

In other words, the paramount Chinese interest was finding out the extent of the US officials’ knowledge about China’s own intelligence operatives, and in adjusting their behavior accordingly. “If in fact the person in question was Chinese intelligence,” said this former official, “they could then alter their approach.” This strategy began being observed during a hack of Google, said two former officials, that occurred about a decade ago.

While China and Russia demand the lion’s share of counterintelligence resources in the Bay Area, a number of friendly intelligence services are also active in Silicon Valley, said former intelligence officials. South Korea, according to one, has become “formidable” in the realm of economic espionage, with particular sophistication in cyberespionage.

Israel is also active in the Bay Area, but it’s complicated. According to one former intelligence official, Israel has “a culture that facilitates and encourages acquisition of targeted companies”, in other words, it will use information it has gathered locally to cajole or incentivise private Israeli firms to purchase specific start-ups or other Silicon Valley-based tech companies. Throughout the 2000s, said former officials, French intelligence employed a similar strategy.

Silicon Valley firms continue to downplay, or outright conceal, the extent to which the theft of trade secrets and other acts of economic espionage occur, said multiple former officials. “Coming forward and saying you didn’t have controls in place, that totally impacts shareholder or investor value,” noted one former intelligence official.

The open, start-up culture in the Bay Area has also complicated US counterintelligence efforts, said former officials, because Russian and Chinese operatives have an easier time infiltrating organisations without any security systems or hierarchies in place.

These services like penetrating young companies and start-ups, noted one former official, because “it’s always better to get in at the ground floor” when seeking to pilfer valuable information or technology.

The exorbitant cost of living in Silicon Valley, however, means that opportunities for tech employees, and potential spies or co-optees, to “get in at the ground floor” are becoming increasingly uncommon. The tech industry, chasing talent and lower overhead, is now spread more widely across the country than ever before.

But spies will never leave Silicon Valley. As the region’s global clout grows, so will its magnet-like attraction for the world’s spooks. As one former US intelligence official put it, spies are pulled toward the Bay Area “like moths to the light.” And the region will help define the struggle for global preeminence, especially between the United States and China, for decades to come.

Politico

You Might Also Read:

The Impact Of Economic Espionage:

Slingshot: Avoiding Sophisticated Cyber Espionage:

Now China Tells US To Stop Spying:

« One Answer To Cyber Attacks Is To Hack Back
What Is Stuxnet And Who Created It? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Assured Data Protection

Assured Data Protection

Assured Data Protection specialises in data protection and disaster recovery services for large SME and enterprise organisations.

Deutsche Cyber-Sicherheitsorganisation (DCSO)

Deutsche Cyber-Sicherheitsorganisation (DCSO)

DCSO was founded in 2015 with the aim of counteracting the threats posed by globally organized cybercrime and state-controlled industrial espionage.

NXO France

NXO France

NXO is an independent leader in the integration and management of digital workflows with services covering digital infrastructures, communications & collaboration, and security.

IAC

IAC

IAC is a specialist Irecruitment consultancy covering Internal Audit, Risk, Controls, Governance, IT Audit, and Cyber Security roles.

Echoworx

Echoworx

Echoworx primary and exclusive focus is providing organizations with secure email services.

Baffin Bay Networks

Baffin Bay Networks

Baffin Bay Networks operates globally distributed Threat Protection Centers™, offering DDoS protection, Web Application Protection and Threat Inspection.

Snode Technologies

Snode Technologies

Snode's Guardian cybersecurity platform uses AI and machine learning to monitor, detect and proactively respond to all threats on every device within your network.

972VC

972VC

972VC was created to help entrepreneurs find potential funding for their startups. Your guide to the Israeli startup funding ecosystem.

Axio Global

Axio Global

Axio is a leading cyber risk management SaaS company. Our Axio360 platform gives companies visibility to their cyber risk, and enables them to prioritize investments to protect their business.

Corsica Technologies

Corsica Technologies

Corsica Technologies is recognized as one of the top managed IT and cybersecurity service providers. Our integrated IT and cybersecurity services protect companies and enable them to succeed.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

Black Girls In Cyber (BGiC)

Black Girls In Cyber (BGiC)

Black Girls In Cyber's mission is to increase industry awareness and diversity in cybersecurity, privacy, and STEM for women of color.

Green Enterprise Solutions

Green Enterprise Solutions

Green Enterprise Solutions are a Namibian company providing Information and Communication Technology (ICT) services to corporate Namibia.

Cyber1

Cyber1

CYBER1 is a leader in cyber security advisory and solutions. We are uniquely placed to help customers achieve cyber resilience and thus, safeguard reputation and value.

Sacumen

Sacumen

Sacumen is a niche player in the cybersecurity market, solving critical problems for security product companies.

Graphiant

Graphiant

Graphiant’s Data Assurance service gives businesses end-to-end control and visibility into how data travels throughout the entire business network.