Why did Chinese intelligence officers hack the Equifax credit rating agency and steal 147 million records?
This hypothetical example explains why.
Mr. Joe Bloggs is a 42-year-old recently divorced CIA contractor. Chinese Ministry of State Security officers had flagged Bloggs as a subject of interest back in 2015, after they read his Office of Personnel Management record. Bloggs’s was one of more than 20 million active or former U.S. government employees whose records Chinese Peoples Liberation Army hackers stole in 2015. And Bloggs’s OPM form from 2012 showed he had a history of alcoholism, albeit listed as resolved.
In early 2018, the targeters ran another search for Bloggs. This time, in their 2017 hacking acquired a portfolio of 147 million Equifax records. And the targeters find another interesting tidbit to add to the alcoholism: Bloggs’s credit rating fell significantly between 2016-2017. They don’t know that this is a result of Bloggs’s struggle to make child support payments, but Bloggs’s ever-increasing debt suggests something has gone wrong in his life. The Chinese officers also use the Equifax data to see that Bloggs is living at a mediocre apartment in Herndon, Virginia. He has moved out of the four-bedroom house that was listed as his address on his 2012 OPM form. Looking on Zillow, the targeters see that Bloggs’s apartment is rented and looks rather run-down. Bloggs doesn’t seem to be doing as well as a CIA contractor of his age should be.
It’s worth a roll of the dice.
One of the targeting officers travels to the MSS station at the Chinese Embassy in Washington, D.C. He briefs the lead operations officer on Bloggs’s record and why he might be worth approaching. The operations officer agrees and assigns a deputy to meet with a trusted intermediary, a Chinese expat who holds a U.S. green card, at a restaurant just outside of Washington. The intermediary is asked to take his wife to drinks at bars in the immediate locale of Bloggs’s apartment. He’s to befriend Bloggs.
After two weeks of bar trawls, the intermediary and his wife meet Bloggs. They hit it off. Bloggs is drinking too much and seems angry. But the intermediary thinks he’s the greatest guy on the planet. The third time the intermediary meets Bloggs for drinks, he leaves his wife at home. His wife is annoying him, he says. Bloggs relates. The next three meetings, once a week, go the same way. They’re always near Bloggs’s Herndon apartment, always casual and fun, but never lasting more than an hour and a half. Two weeks later, Bloggs is invited to dinner with a friend the intermediary thinks he’d like.
The intermediary introduces his friend, Xi, a Chinese citizen who says he’s an investor and green card holder like the intermediary. He also now calls the United States home. Xi is charismatic, generous, and like the intermediary, speaks excellent English. The intermediary has already told Xi that Bloggs is struggling with his finances, is angry at his wife, and furious with his boss “at a government office” who won’t give him a reassignment with more earning potential. The dinner goes well.
Six weeks later, friendship consolidated, Xi tells Bloggs that he has a business proposition that would make his money issues go away. Bloggs is scared, but Xi reassures him. This isn’t what you think it is, he says. He’s simply trying to get an inside scoop on contracting at federal agencies. He wants to know any new programs that the government is working on. Stuff that might allow him to anticipate future contracting tenders. Bloggs is persuaded that this isn’t so bad, and he needs the money. He cautiously tells Xi about a CIA effort to invest in a new microcircuit that allows for much improved terminal stage ballistic missile targeting. He doesn’t know too much about it but a bit. And what Bloggs does know, he tells Xi. Xi is elated. He takes out an envelope with $25,000 in cash. The two have a great meal and talk no more about business.
Two years later, Bloggs is a fully recruited Chinese intelligence asset. Codename 青鸟/Qingniao, Bloggs has used a miniature camera-enabled pen, provided by Xi, to photograph numerous computer screens full of data on active U.S. operations, capabilities, and plans around the world. Bloggs has been persuaded that half his generous $150,000 a month Chinese salary should go to a holding account in China, and the rest paid to him in cash. He has been given an evacuation plan, although he doesn’t think it seems that credible.
This has just been a hypothetical, fictional example. But it illustrates why China hacked the Equifax credit rating agency.
Consider the Justice Department indictments on Monday of four Chinese military intelligence hackers over the 2017 Equifax hack. That hack compromised the credit ratings, names, addresses, and other personal information of up to 147 million people in the U.S. Identifying the degree of sophistication with which the hackers conducted their business, the Justice Department noted that they used dozens of servers in 20 nations to try and hide their tracks.
But this is only the tip of the Chinese espionage iceberg.
China’s 2015 theft of around 20 million Office of Personnel and Management records, for example, can be seen in the same light as the Equifax hack. Namely, that China is trying to identify U.S. government officials, congressional aides, and intelligence officers who might be willing to spy for Beijing if offered the right inducements. With Equifax, the intent clearly rests in identifying Americans, like our fictional Mr. Bloggs, who are struggling with their finances. Where Russia favors blackmailing or compromising an individual as a means of intelligence recruitment (kompromat), China is embarked on an industrial scale campaign to identify Americans who might accept a little side job.
But from China’s perspective, the beauty of the Equifax data isn’t simply that it offers recruitment targeting insight now, but also for the longer term. After all, as with the OPM hack, China now has access to data on Americans who aren’t currently in a position of intelligence value, but one day might be. China is hoping that the young 20-something federal contractor with a secret clearance might, a decade or so from now, be working at an intelligence agency with a top secret/SCI security clearance.
That speaks to the ultimate point here: China is engaged in a generational effort to supplant the U.S.-led liberal international order with its own order of global feudal hegemony. Add the Equifax and OPM hacks to their skillful deployment of Huawei, and you see just how bold China’s strategy truly is. It’s about stealing our allies and our future in a way that evades our notice until it’s too late.
