EXCLUSIVE: Phone and Internet Data Sent Through Undersea Cables Threatened by Chinese Monitoring
The Chinese Communist Party (CCP) may be intercepting communications from undersea cables, placing at risk all phone and internet data passing through major networks in the Asia-Pacific region.
Existing research shows that Chinese military branches associated with cyberespionage maintain operations near key cable landing stations. A leaked report citing intelligence sources in the United States, Japan, and Australia—provided to The Epoch Times—shows additional research on possible Chinese front companies with mysterious finances and questionable ties at key data chokepoints.
It states that while China has a “well-deserved reputation for sophisticated cyberespionage,” its attempts to tap into undersea cables carrying large amounts of data are often overlooked. It details an alleged operation in the Pacific, centering on the Marshall Islands and Nauru.
“This would—with surprising ease—allow China access to all telephone and fax transmissions between South Korea, Japan, Australia, the Philippines, Singapore, and U.S. bases all over the Pacific,” it states. “This would provide China with access to critical military, economic, and financial communications.”
The report demonstrates that multiple Chinese front companies may be involved.
According to Agostino von Hassell, a retired intelligence officer and president of the consulting firm The Repton Group, who is familiar with the research, “The key impact is that this is an additional avenue of Chinese espionage, using almost old-fashioned technology just like the Russians did when they were trying to tap into underwater sonar cables.”
Hassell said that while there is concern among intelligence agencies that Chinese front companies are stealing data from the undersea cables, it’s very difficult to detect this form of espionage since “it doesn’t leave a trace.”
He added that this case is of particular concern, however, since a Chinese front company presence near cable landings in the Marshall Islands would give them access to all data transferred between countries in the region including Korea, Japan, Guam, and Australia.
This is not only a threat to privacy, Hassell said, but also to military communications, banking transactions, and political circles.
Suspected Front Company
A key focus in the report is on a company called Acclinks, which it notes “is most likely controlled by Beijing.” Despite having no visible source of revenue, the company has more than $28 million on deposit in bank accounts spanning Australia, Marshall Islands, and Taiwan.
According to Casey Fleming, CEO of BLACKOPS Partners, which advises senior leadership on national security in some of the world’s largest organizations, it’s not uncommon for the CCP to use front companies for espionage.
“This is one of literally hundreds of methods of espionage,” he said. “These are wartime methodologies, which are asymmetrical, and are replacing the conventional warfare that we’re all familiar with.”
“Espionage yields intelligence,” he said, “and intelligence wins wars.”
Acclinks has a “distribution” center on the Marshall Islands, which has not shown any activity for three years, yet, as the report states, is stationed at “the perfect place to access key submarine cables.”
Hassel said, “They have no known revenue. There is no known parent company.”
“For them, when they set up their operations on the Marshall Islands they had to put down $3 million, and it took two years before they could even come up with that money,” he said.
Another location of the company in Nauru again has no evident commercial operations, but as the report states, “has been able to install a telephone switching device in Command Ridge, next to key transmission facilities of Australia’s Federal Police.”
Adding to the picture, the report states that Chinese telecommunications company ZTE Corp. is a “main player” behind AccLinks, and that “ZTE is funding the whole project and have already poured millions into the project.”
ZTE and another Chinese telecommunications company, Huawei Technologies Co. Ltd., were named in a 2012 House Intelligence Committee report as security threats. It stated the companies may be providing Chinese intelligence services with access to telecommunications networks and may be influenced by the CCP.
The report states, “As many other countries show through their actions, the Committee believes the telecommunications sector plays a critical role in the safety and security of our nation, and is thus a target of foreign intelligence services.”
On its website, Acclinks states that it delivers products and services to the Pacific Islands in the areas of telecommunication, billing software, data communication, power utilities, and electronic equipment. It also states that the company is headquartered in Shenzhen City, Guangdong Province in China.
In Nauru government documents, Zhang Huafeng is listed as Acclinks’s CEO. However, the leaked report found that Zhang is not related to any such company in China.
Zhang did not respond to a request for comment.
Zhang is also listed as the controlling shareholder and CEO of Acclinks Nauru Ltd. Inc. co-owned by the Nauru government. While it can’t be confirmed, the report states that the Chinese Acclinks may be trying to establish a joint venture with the Nauru government in telecommunications and electronics.
There are also links between the Nauru company and a firm with a similar name that was listed in the Panama Papers database of exposed offshore entities around the world. Registered in the British Virgin Islands, Acclinks Communication Inc. counts Liang Liyong as a shareholder, who is also director of the Nauru company.
The existence of multiple Acclinks subsidiaries suggests that it’s “very probable” the Chinese heads of the company are looking for ways to funnel cash out of mainland China and into offshore entities, the report concluded.
An internet search also revealed that the Chinese name Zhang Huafeng is affiliated with several Chinese government posts: He is listed as director of Lintong District (in Xi’an City, Shaanxi Province) Telecommunications Bureau, Major Customer Business Department; contact person for the state-owned China Telecom Co.’s Nanhe branch in Hebei Province; and the Sichuan Province Mingshan County Telecommunications Company Party branch secretary. The report could not confirm whether the identity of the Zhang affiliated with Acclinks corresponded to these titles.
Intercepting Data from Cables
The CCP has a known military and spy presence at landing stations for undersea cables, which some in the security community believe is being used to spy on data.
According to a report from Project 2049 Institute, a security think tank, a Chinese military hacker unit, Unit 61398, “has fiber optic connectivity with China Telecom’s internet monitoring center” located in the China Telecom Information Park in Pudong District, Shanghai.
Unit 61398 is the Second Bureau of the CCP’s signals intelligence agency, which is in the Third Department of the warfighting branch of its military, the General Staff Department.
The U.S. Justice Department released wanted posters of Unit 61398’s officers in May 2014. The five officers were charged with 31 crimes, which could amount to life sentences for each if they are arrested. China does not have an extradition treaty with the United States.
Hassell noted that while spying on copper cables was common during the Cold War, spying on the large amount of data passing through today’s networks is a new phenomenon. He said, “The Chinese have the manpower and computer power to sort this data. A couple years ago you just couldn’t do it because you didn’t have sufficient computer technology.”
“The technology of sorting message traffic by keywords, and basically using the highly advanced conventional intelligence, you can derive a lot of patterns and information,” he said.
According to Project 2049 Institute, “The Second Bureau also manages a work station on Shanghai’s Chongming Island,” near the Chongming Submarine Cable Landing Station. It notes, “The landing station is reportedly the entry and exit point for 60 percent of all phone and internet traffic entering and leaving China.”
In addition, the institute states, the Second Bureau also oversees a work station near another major submarine cable landing station on Chongming Island, “and probably a unit near the Nanhui [district in Shanghai] cable landing station.”
“Second Bureau elements with direct access to fiber optic cable landing stations could buffer communications traffic entering and leaving China,” it states, adding that as gatekeepers for such information, the Second Bureau may have obtained “large volumes of data exfiltrated by other cyber espionage groups operating from throughout China.”
Other submarine cable landing stations have a similar CCP military presence. Project 2049 Institute notes that the Fourth Bureau, in charge of the CCP’s electronics intelligence operations, are present in many of the same areas; and members of the Chinese military’s technical reconnaissance community “may have access to similar landing stations located in the eastern coastal city Qingdao [eastern coastal city in Shandong Province], Shantou [southeastern coastal city in Guangdong Province], Hong Kong, and more recently in Fuzhou [eastern coastal city in Fujian Province].”
According to Daniel Wagner, founder of risk management company Country Risk Solutions, “this should not be a surprise to anyone,” given the CCP’s “penchant for industrial espionage on an industrial scale.”
“China is leading in industrial espionage, so could we imagine it would not be the case they’re doing something like this to ramp up their efforts and remain on the cutting edge,” he said.