A place were I can write...

My simple blog of pictures of travel, friends, activities and the Universe we live in as we go slowly around the Sun.



April 22, 2019

Chinese Woman Spy.....

What Was the Chinese Woman Arrested at Mar-a-Lago Really Up To? A Former Spy Helps Us Figure It Out.

Want to know whether she’s a bumbling Chinese spook or an innocent tourist who loves her hi-tech devices?

By ALEX FINLEY

What was a Chinese woman doing at Mar-a-Lago with her pockets full of passports and cellphones? The March 30 arrest of Chinese national Yujing Zhang at President Donald Trump’s vacation home certainly reads like a juicy spy drama. At the time she was arrested, after changing her story about why she was there, she had on her, in addition to two Chinese passports and four cellphones, a laptop and USB drive later found to contain some kind of malware. More devices and $8,000 in cash were later found in her room at a nearby hotel.

Is Chinese intelligence attempting to infiltrate Mar-a-Lago? The answer to that is almost certainly yes. And so is every other foreign intelligence service. That’s just business as usual.

But is Zhang part of the Chinese effort?

U.S. law enforcement is still trying to figure that out. Earlier this month, Zhang was charged with lying to a federal officer and entering restricted property, but prosecutors have said more charges might follow. For now, prosecutors are treating Zhang’s case as a national security matter, according to the Miami Herald, adding that a team of FBI counterintelligence officers is on the case. According to the Herald, federal investigators were already looking into Chinese intelligence operations in South Florida before this incident occurred. Zhang’s arrest “has sent the counterintelligence probe into overdrive.”

As a former CIA officer, I am intrigued by Zhang’s role but wary of jumping to conclusions about it, given the limited facts we know so far. Here are five questions that might help us determine whether Zhang is a bumbling Chinese spy who got caught trying to infiltrate the president’s vacation lair or if she is simply an innocent tourist who loves her hi-tech devices.

Why did her cover story fall apart so quickly?

The most basic tradecraft any intelligence officer or asset learns is how to build a decent cover story—an explanation of what you are doing and why, in order to cover what you are really up to—and be ready to maintain it under questioning. Any cover story will eventually fall apart under enough scrutiny (because it is, in fact, a lie), but people trained in espionage know how to protect their story from collapsing too quickly or too easily.

So how did Zhang do with this? At the first Secret Service security checkpoint at Mar-a-Lago, she said she was there to use the pool. Her story initially worked; the agent waved her in. But she did not have a swimsuit with her, and the Colony Hotel, where she was staying, had its own pool. Then, when questioned again later, Zhang explained she was at the resort for a social event, which was not, in fact, scheduled for that day.

If this was an attempt to present a story to cover nefarious actions, it fell apart incredibly quickly. Maybe she was sloppy or poorly prepared? That seems odd for a professional intelligence officer.

Perhaps Zhang’s pool excuse was a quick and casual line to pass through the first security perimeter without many questions. Did she actually have a better cover story, or maybe a verifiable true story, she was able to present under more intense questioning? Zhang reportedly underwent 4½ hours of questioning by the Secret Service. How did this go? What explanation did she give for her visit to Mar-a-Lago in this high-stakes setting? Did her explanation fit with answers she gave when applying for a visa to enter the country? Zhang reportedly traveled to the United States in 2016 and 2017. Does her explanation for those trips match information she gave when applying for a visa, and how do those trips fit with her current itinerary and actions?

If Zhang isn’t a spy, or up to other nefarious things, why is it that she “lies to everyone,” as the prosecutor said in court? Could she simply be confused or did she communicate poorly because English is not her native language? Investigators, particularly those who questioned her, know better than we do about Zhang’s command of English. The Miami Herald reported that she “appeared to speak English” to a lawyer in court and she took notes during the hearing, but a translator was also present.

How would Zhang have operated inside Mar-a-Lago?

The president’s vacation abode is a target-rich environment. There are the obvious marks: The president and his inner circle. But those people are hard to access. Better targets might be the multitudes of people at Mar-a-Lago who aren’t in the president’s inner circle but who have access to those who are and can influence and glean information from them.

A casual observer could also gather a load of information simply by being present at Mar-a-Lago. Who is there? Who is trying to get access and influence people? Who interacts with whom? What activities do they participate in? What schedule do they follow? This could help a foreign intelligence service target people for recruitment as assets. It could also tell a foreign intelligence service what other countries are running operations there and which individuals they are targeting using what methods. This is important counterintelligence information for any spy agency, a window into other countries’ priorities and how close they are to achieving them.

It’s also possible Zhang wanted to observe the security situation at the resort, laying the groundwork for some future operation. She might have witnessed how Secret Service and resort security worked (or didn’t work) together and how freely Trump and his people moved around, to determine what kind of access might be available.

Even without taking some deep cover, clandestine action, simply being present at Mar-a-Lago provides a wealth of information to anyone who is looking.

Or, maybe Zhang just wanted a glimpse of the president?

What’s with all the cash?

In some cases, espionage is a cash business. Spies often pay assets for information, and cold, hard cash is an easy way to pay people while hiding the source of the funds. Perhaps the Chinese government already has assets at Mar-a-Lago—among the staff, for example—and Zhang was there to pay them.

But Zhang’s more than $8,000 in U.S. and Chinese currency was found in her hotel room at the Colony Hotel about 2 miles from Mar-a-Lago, not on her person. Unless she planned to enter the resort a second time, it seems very unlikely she was there to pay an asset for information.

Some tourists do indeed travel with loads of cash. Although Zhang has a Wells Fargo account in the United States that she could have accessed. And that account raises new questions. When and why did she set up this account and how has she used it in the past? Is her use of this bank account consistent with the investor and consulting business she claims to run? Or did she set it up years ago in an attempt to build her cover story while laying the groundwork for an intelligence operation? Investigators will try to find answers to those questions.

Is this a spy’s collection of devices?

When she was picked up at Mar-a-Lago, Zhang was carrying four cellphones, a laptop, an external hard drive and a thumb drive later found to carry malware. In her hotel room, investigators found nine USB drives, five SIM cards and a “signal detector” device, which could possibly be used to detect hidden cameras.

OK, that seems a little strange. It’s true that all kinds of professionals (including many in the financial sector) do go to great lengths to keep their activities secure from prying eyes or simply to separate out business activities and personal activities. Some people, for example, have a work phone and a private phone. And if someone travels internationally, they might have multiple SIM cards to allow them to have local phone numbers.

But an intelligence officer also might have multiple phones and SIM cards. Good spies follow the “one phone, one operation” rule. That is, they don’t call different assets using the same phone, because then they become linked, and key in any intelligence operation is to keep information compartmented. Much like you don’t want to send private texts on your work phone, you don’t want communications with multiple assets on a single device.

There is also the question of what kinds of phones these are. Are they burner phones, which are pay-as-you-go and not registered to an individual and therefore not easily traced to the purchaser and user? A spy would most likely use a burner phone. Or, maybe she was delivering burner phones to assets inside the resort to make communication easier? Or are these regular phones, registered in Zhang’s name or her company’s name? Investigators will certainly run traces on the phones and SIM cards to see if they link to anyone of interest or if they suggest a strange pattern of behavior, such as communicating with someone in a way that is meant to hide the contact.

Thumb drives are pretty normal in business, but malware isn’t. The fact that the first thumb drive Secret Service looked at had malware on it does not look good for Zhang.
It’s possible that a spy would want to use malware to destroy a network at the resort. But a foreign intelligence service would more likely be interested in using it to gather useful information. There is very little chance (if any) that Zhang could have gotten the malware anywhere near a government computer. But to slip a program into the resort’s network that would allow an intelligence service to see guest lists, schedules and itineraries, room assignments, and who is coming and going? Yes, that would be of interest.

Is Zhang just one part of a larger spy scheme?

What the heck is the “United Nations Chinese Friendship Association”? This is perhaps the most intriguing part of Zhang’s story.

Zhang explained that she was at Mar-a-Lago to attend a “United Nations Friendship Event” and that she had been invited by a Chinese friend named “Charles.” As the Miami Herald reports, a Chinese national named Charles Lee promotes events at Mar-a-Lago through his United Nations Chinese Friendship Association, which has no actual ties to the United Nations. No such event was scheduled at Mar-a-Lago that day, however.

By the way, Li “Cindy” Yang, the owner of a massage parlor that has been caught up in a sex trafficking sting who possibly sold access to Trump, promoted many of the same events as Lee. A spokeswoman for Yang told the Herald she has done nothing wrong.

Is Zhang a private individual who, like others, used the association to get into Mar-a-Lago to help her business? Or is Zhang an isolated case of Chinese intelligence using the association for the same purpose? Or worse, is the Chinese government using the “friendship association” and its travel packages to funnel spies into Mar-a-Lago (and perhaps elsewhere)?

This wouldn’t be unheard of: Intelligence agencies often use front companies or “associations” to make their activities look benign and disguise any involvement by the government.

In that case, it’s likely that Zhang’s arrest (along with scrutiny of Yang and Lee) just blew the association’s cover.

For now, it is impossible to say if Zhang was a confused tourist, who just wanted a glimpse of the president, or a bumbling Chinese intelligence officer whose cover story cracked. But one thing is for sure: Mar-a-Lago is target-rich environment for any real spy.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.