For Republican voters sick of “deep-state” shenanigans, Kash Patel, the new head of the FBI, seems an ideal appointment. He and his new deputy, the former police officer turned podcaster Dan Bongino, look and sound like exactly the right men to disrupt a bureau that has at times in the past eight years acted as an investigative arm of the Democratic party in its attempts to thwart Donald Trump through the legal system.
Patel is considered so pleasingly anti-establishment that his ties to a Chinese e-commerce business have been largely overlooked. He has holdings worth up to $5 million in a fast-fashion company called Shein, founded in China but headquartered in Singapore, and he intends to keep his stock. There’s nothing wrong with that, per se. But combine that fact with his intention to limit dramatically the FBI’s power and scope at a time when it is uncovering shocking levels of Chinese espionage in America, and questions start to be raised.
It’s hard to exaggerate how bad the China spying problem is. Last December, US senators emerged from a classified briefing from intelligence agencies shaken by what they heard. It was “breathtaking,” said Josh Hawley of Missouri, adding that the American people “need to know about their text messages, their voicemail, their phone calls. It’s very bad, it’s very, very bad, and it is ongoing.” Then-Senate intelligence committee chairman Mark Warner called it “far and away the worst telecom hack, and the fact is that they are still in the systems.”
The briefing, from the FBI, the Federal Communications Commission and the Cybersecurity and Infrastructure Security Agency, was on an alleged Chinese espionage operation dubbed Salt Typhoon, whereby cyber spies had been able to burrow deep inside the systems of more than a dozen of America’s largest telecom companies, including AT&T, Verizon and T-Mobile. They were able to target specific individuals, including Donald Trump and Vice-President J.D. Vance, as well as people working for the campaign of Kamala Harris and State Department officials, accessing call logs and text messages. Other targets included universities in an effort to access cutting-edge research. These spies were able to roam around at will.
China’s cyberspies have long been hyperactive in their effort to absorb American technology and know-how, but the brazen ambition of Salt Typhoon shocked the agencies. The group appeared to have breached America’s “lawful intercept” system, used by telecoms companies to facilitate surveillance requests from the government against suspected criminals and spies. So not only had they highjacked tools created for law enforcement, but they potentially also had access to information about FBI investigations into Chinese operatives.
The former FBI director Christopher A. Wray, who quit before Donald Trump could have the pleasure of firing him, described Salt Typhoon as China’s “most significant cyberespionage campaign in history.” In an abrupt about-face, the bureau recommended that Americans use end-to-end encrypted apps such as Signal and WhatsApp to avoid leaving their texts and calls vulnerable to Chinese spying. The FBI has previously been critical of such encryption, arguing that it weakens its ability to investigate crimes.
That was bad enough, but there is also Volt Typhoon (Typhoon being a moniker used by cyber specialists to describe Chinese groups), a group which is accused of pre-positioning malware inside critical American infrastructure, including internet service providers and utilities. Their aim is not to steal secrets, but to commit acts of sabotage. Volt Typhoon malware is designed to bring down computer systems in the event of conflict.
What made this so shocking in the eyes of intelligence agencies is that previously, Beijing had focused primarily on espionage. Russia was the saboteur. Now, their strategies appear to be converging.
Shortly before Christmas, the US Treasury revealed that its systems had been breached by Chinese state-sponsored hackers in what it called a “major incident,” during which hackers were able to access employee workstations and some unclassified documents. In January, Bloomberg revealed that the hacked computers included those of then-Treasury Secretary Janet Yellen and two of her closest advisers.
And the frenzy of Chinese espionage goes well beyond cyberspace. Last September, federal prosecutors indicted Linda Sun, the deputy chief of staff to New York governor Kathy Hochul, accusing her of working as an undercover agent for Beijing. They alleged that Sun, a naturalized American citizen who was born in China, had used her position to further China’s interests, including blocking Taiwanese diplomats from contacting the state government and covertly sharing internal documents with Beijing.
In exchange, Beijing allegedly funded the lavish lifestyle of Sun and her husband to the tune of millions of dollars, enabling them to buy a $4.1 million house in New York and a $2.1 million ocean-view condominium in Honolulu, as well as luxury vehicles. The couple pleaded not guilty to a range of charges, including failing to register as a foreign agent and money laundering.
In January, the Justice Department also announced that it had arrested a former senior adviser to the US Federal Reserve and charged him with conspiring to steal trade secrets for the benefit of China. John Harold Rogers worked in the Federal Reserve’s international finance division between 2010 and 2021, and allegedly passed on documents to Chinese handlers who posed as graduate students.
A series of espionage cases have also hit the US military. These include a US Navy sailor who was jailed last year for 27 months after admitting to providing sensitive military information to China for bribes, and a US army analyst who was paid $42,000 for information, including data on US fighter aircraft, military tactics and the US military’s defense strategy for Taiwan.
Prosecutors have also taken aim at secret police stations run by Beijing for surveilling and intimidating dissidents, often with the aim of forcing them to return home. Wang Shujun, a Chinese-American academic, is awaiting sentencing after a federal jury found him guilty of tracking dissidents. Another man, Chen Jinping, pleaded guilty last December to running a clandestine overseas police station in lower Manhattan for the Chinese government.
As he left office, Wray concluded that the FBI has more than 2,000 active investigations linked back to the Chinese government and, at the turn of the year, was opening a new one every ten hours. He said that the Chinese cyber threat in particular is unparalleled. “They’ve got a bigger hacking program than every other major nation combined,” he warned. In an interview with CBS News in January, Wray described China as the “defining threat of our generation.” It was his final interview before he resigned.
Wray may have been unduly interested in harming Trump, but he was not wrong about the extent of China’s snooping in the United States. Chinese espionage has been likened to an enormous vacuum cleaner, hoovering up technology and know-how on a colossal scale. Yet even that doesn’t really do justice to a vast system that encompasses multiple intelligence-gathering techniques, formal and informal, while at the same time seeking to manipulate western societies to serve the interests of the Chinese Communist party.
Techniques range from industrial-scale cyberspying to buying up or bullying western companies with cutting-edge tech, exploiting academic relationships and weaponizing business, cultural and other front organizations. China’s economy has been built on theft, and President Xi Jinping has turned his country into a state defined by paranoia, with every company, organization and individual required by law to assist the security and intelligence services.
The Ministry of State Security is China’s main spy agency, but it also works closely with an organization called the United Front Works Department (UFWD), whose focus is on influence operations. Influence is the stuff of all diplomacy, and every country seeks to push its worldview and values. Yet there is a fine line between influence on the one hand and interference, coercion and corruption on the other, which China consistently crosses. The UFWD also operates in the shadows, usually through front organizations and individuals. It methodically targets politicians, influential businesspeople and academics who could be useful for the CCP, as well as “friendship” associations and ethnic Chinese community groups and media.
The US is by far Beijing’s most important target and traditionally its spies have targeted the ethnic Chinese diaspora, appealing to their “patriotism” as well as their pocketbooks. Diaspora groups called tong xiang hui, or hometown associations, which bring together immigrants from particular parts of China and are common in American cities, have come in for particular scrutiny by the Justice Department.
In 2018, the authorities launched an anti-espionage program called the China Initiative to combat what they called “nontraditional collectors,” such as academics and scientists. Nearly 90 percent of those subsequently charged were of Chinese heritage, according to a database compiled by the MIT Technology Review, with a number of academics accused of failing to fully declare their links to China.
But only a quarter of the cases ended in a conviction and in 2022 the initiative was dropped because of the “harmful perception” of racial profiling. However, last September the House of Representatives passed a bill to revive it as the CCP Initiative. Although it had the strong backing of Trump’s supporters, it’s not clear how much of a priority it is for the President.
China’s rapid progress on artificial intelligence raises another serious challenge. For years, many security experts have been puzzled by Beijing’s colossal harvesting of enormous data sets — including the personal data of 78.8 million Americans at Anthem, a healthcare insurer; 145 million people at Equifax, a credit rating agency; 500 million guests registered with the Marriott Hotel reservation system; and a hack of the US Office of Personnel Management, providing data on more than 22 million state employees.
Usable intelligence is about analysis and interpretation, looking for patterns, so the argument went, so how could China possible wade through everything it was stealing? AI, or machine learning, makes this so much easier, whether it is in identifying vulnerable people for possible intimidation, blackmail or recruitment or for spotting potential American spies for purposes of counterespionage. Taken together with China’s hunger for genetic data — it is building the world’s largest database — it even raises the chilling specter of tailored weapons.
Each theft of a database is damaging on its own, but combined they can be used to create what has been described as a “shadow CV.” This is also why the flow of data from such rapacious Chinese-owned data harvesting machines as TikTok, DeepSeek — and indeed Shein itself — is so important. Just after it was released, DeepSeek became the most downloaded app in America. Regulators in Italy blocked it as they probed the data the company was collecting and how it was being stored. France and Ireland also began investigations into the app.
Another related Chinese practice has been dubbed “grab now, decrypt later,” whereby encrypted databases are also harvested and then stored in anticipation of their becoming decipherable once the computer power to do so has been developed.
Then there is the hot air balloon. It has now been just over two years since a Chinese spy balloon floated across America, creating a frenzy of attention before it was shot down. According to Newsweek, an unpublished technical analysis conducted by the US military discovered that it was packed with advanced technology from at least five US companies. Whether this was stolen or sold to China is not clear, but it raises worrying questions.
Chinese espionage of all types against America seems certain to increase from its already frenzied levels as other means of obtaining technology and know-how are closed or come under closer scrutiny and the tech race intensifies. Intelligence agencies and legislators do appear to see the danger — Volt and Salt Typhoon in particular have been serious wake-up calls. Less clear is how the battle against Beijing’s spy machine might be damaged as Trump, Patel and company rattle the cage of the federal state.
Ian Williams is author of Vampire State: The Rise and Fall of the Chinese Economy, which is out now. Read Steve Hsu on the race for human capital between China and US overleaf. This article was originally published in The Spectator’s April 2025 World edition.
Leave a Reply