Chinese state security authority discloses foreign intelligence operatives posing as experts in online groups to steal sensitive data
Chinese Ministry of State Security
China's Ministry of State Security (MSS) on Sunday disclosed cases in which operatives from foreign intelligence agencies posed as industry experts or investment advisers to infiltrate professional online groups and exploit members' trust to extract sensitive information, including key technical data and internal policymaking details.
Some chat groups were formed across sectors under labels such as "academic seminars" or "industry exchanges," but recruited members from different sensitive units in violation of relevant regulations. By using anonymity features or temporary chats, group members were incited to share internal documents and policy developments across professional boundaries, turning spaces meant for legitimate knowledge exchange into grey markets for sensitive information and improper exchanges of interests, according to a statement published on MSS's official WeChat account.
Foreign intelligence agencies may have operatives posing as industry experts or investment advisers to directly create, operate, or quietly infiltrate high-threshold professional groups, attracting and screening specialists in the field before exploiting trust among perceived insiders to extract sensitive or classified information — such as key technical parameters and internal policymaking details — under the pretext of "data sharing" or "case discussions."
In highly specialized group chats, interactive activities such as brainstorming sessions or in-depth discussions were intended to promote learning but could be subtly steered into sensitive areas. Individuals with ulterior motives may initiate discussions using topics such as hypothetical scenarios or international benchmarking analyses, deliberately employing provocative language to intensify debate and prompt group members to disclose non-public information in an effort to demonstrate professional expertise.
Documents shared by prominent figures in group chats, including meeting summaries and industry research data, were often stored long term on cloud-based group platforms. While individual files may appear ordinary, systematic aggregation could produce a comprehensive picture of a sector and potentially constitute sensitive information. If administrator accounts were compromised or platforms were attacked, such accumulated data could be exposed in bulk and exploited, according to the MSS.
The MSS suggests when using commercial platforms for work discussions, participants comply with confidentiality rules and abide by the principle that classified information must not go online. The MSS also reminds that group creators and administrators should set clear, lawful rules, prohibit discussion of non-public data, draft policies, or internal meeting arrangements, and promptly shut down sensitive topics.
Members should remain alert to attempts to obtain sensitive information, avoid uploading classified files, work-related images, or location data, and regularly review and remove shared materials, according to the MSS statement.
Global Times
RELATED ARTICLES
