Chinese Government Uses Foreign Universities as Spying Platforms

According to a recent report from the Australian Strategic Policy Institute (ASPI), the Chinese People’s Liberation Army (PLA) “has sponsored more than 2,500 military scientists and engineers to study abroad and has developed relationships with researchers and institutions across the globe.” This integration of the PLA with foreign universities is not simply a way to acquire basic skills. It is, in fact, an organized spying operation. The PLA poetically describes this as, “picking flowers in foreign lands to make honey in China”. To accomplish this honey collecting, these visiting PLA scientists “actively used cover to disguise their military affiliations, claiming to be from non-existent academic institutions.”

Before continuing this discussion further, it is important to state a few facts. First of all, most Chinese students are not spies. They are here to better their careers or gain credentials which will make them more attractive to big Chinese companies. In short, getting U.S. or foreign university credentials will help make them wealthy. Secondly, some universities need the money generated by Chinese students and openly court them. In other words, they do not distinguish between potentially ‘dangerous’ students and normal students. Money is money. Third, universities take no action to limit Chinese student participation in research because they do not want to appear to be discriminating against them. In the current atmosphere of embracing intercultural diversity, it would not be popular to do so. All this is to say that the PLA has a willing accomplice in its infiltration of U.S. universities; the universities themselves. It would be naïve to believe that the Chinese government didn’t know how to take advantage of these vulnerabilities.

The goal of these PLA scientists is to work with researchers in the US and other countries so as to take what they learn or take what they steal back to China. The graph below shows the cooperation between PLA-sponsored researchers and overseas researchers.

chinese pla cooperation

The top 5 countries collaborating to help the PLA in their endeavors are the U.S., the U.K., Canada, Australia, and Germany.

Overseas universities also inadvertently aid Chinese spying operations by readily agreeing to academic partnerships, research collaboration, and student and professor exchange programs. Such topnotch universities as Harvard, Cambridge, and Oxford have formed such liaisons. It might be thought that these PLA students, when actually experiencing life in foreign countries, might find it attractive and consider dropping their allegiance to their government. However, the Chinese government is well-aware of this possibility and has warned students with such proclivities that “the consequences would be inconceivable”, Take that warning for what you will. The ASPI report claims that “pressure on the family members of overseas PLA scientists is used to maintain discipline”.

Ruopeng Liu was described by fellow students and professors at Duke University as “a sweet kid.” He worked with Dr. David Smith who was the leading expert on metamaterials; materials that display invisibility features. Liu eventually asked Smith if he could invite two of his colleagues from China to work in Smith’s lab. Smith agreed. At some time during their stay, the visitors, probably including Liu, took photos of various apparatus and made other measurements which they eventually took back to China. Not long after returning to China, Liu built a replica of the apparatus in his own lab.

Documents later surfaced that proved, without a doubt, that Liu had planned, from before he entered Duke, to steal Smith’s secrets on invisibility. It paid off. Now, at age 35, Liu is a multi-billionaire.


The PLA instructs its sponsored students to enter specific research programs. Some are encouraged to find jobs in industries that develop the technologies that the government is interested in. They are also known to seek out unaffiliated Chinese employees in target companies and encourage them, in whatever ways possible, to work with them. (see my post  Chinese State Hackers are Actively Recruiting Corporate Insiders ).

Recently, though, there has been an upgraded effort on part of law enforcement to crack down on Chinese industrial spying. Back in July, FBI Director, Christopher Wray, noted that Chinese espionage “represents the broadest, most challenging, most significant threat we face as a country”. In October, a Chinese agent Yanjun Xu, masquerading as an aerospace scientist ,was arrested for attempting to steal information from a number of aerospace companies. Ten other Chinese agents were also indicted. These actions did not go unnoticed by the Chinese government and, in response, they have begun to vary their attack vector.

Within the last year, according to Kaspersky, Chinese hackers have begun targeting university researchers directly. Most of their targets are located in American universities, but foreign universities have also been targeted. Leading the list in the U.S. are the University of Washington (11.6% of attacks), Cornell University (6.8%), and the University of Iowa (5.1%). And what sophisticated technique are they using? To probably no one’s surprise, they are using spear phishing attacks. They are good phishing attacks seeming to come from an associate or someone known to the researcher. The attacker may gain control of the researcher’s email and contacts by leading them to a cloned sign-in page like the one below for the University of Michigan.

umich phish

Once in control of the researcher’s email account, they can craft more specific emails that target contacts who work on research with the victim. They can reference something that the researcher may have mentioned in one of his/her emails. In this case, they can attach a legitimate-looking document which, when opened, will release malware that can eventually spread through the entire university network.

Kaspersky has reported a dramatic increase in such attacks in the last year. They have registered phishing attacks against 131 universities in 16 countries with more than half of them (83) targeting the US. It is clear that universities need to increase their awareness of the fact that they are being targeted and take appropriate steps. For the moment, American universities are in denial. They simply can’t believe that they are being targeted by a group of sophisticated Chinese agents. Such naiveté is exactly what the Chinese government hopes to exploit. It is time to move from denial to acceptance, otherwise, China will continue to harvest flowers in foreign universities and use them to make into profitable honey.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s