Note: The creator, Devin Thorne, thanks Alex Joske for his assist in creating this analysis. More details about the creator may be discovered on the finish of this report.
Executive Summary
The Beijing Institute of Electronics Technology and Application (BIETA), a communications know-how and knowledge safety analysis group beforehand unexplored in public reporting, is sort of actually affiliated with China’s principal civilian intelligence service, the Ministry of State Security (MSS). Based on publicly obtainable sources, it is rather probably led by MSS and certain a public entrance for the MSS First Research Institute. BIETA and its subsidiary, Beijing Sanxin Times Technology Co., Ltd. (CIII), analysis, develop, import, and promote applied sciences that nearly actually assist intelligence, counterintelligence, navy, and different missions related to China’s nationwide improvement and safety. Their actions embrace researching strategies of steganography that may probably assist covert communications (COVCOM) and malware deployment; creating and promoting forensic investigation and counterintelligence gear; and buying overseas applied sciences for steganography, community penetration testing, and navy communications and planning.
BIETA and CIII nearly actually kind a part of the very probably huge however underexplored (in public sources) community of entrance organizations contributing to the modernization of the MSS and wider Chinese state safety equipment, which challenges the pursuits of each overseas governments and personal companies. BIETA’s nearly sure MSS affiliation helps assessments of how the MSS very probably helps cyber-enabled intelligence operations by creating instruments for use by intelligence officers and their proxies. Neither BIETA nor CIII are recognized to have interaction in illicit exercise, however overseas export management authorities, tutorial establishments, and companies ought to contemplate limiting transactions and different engagements with each BIETA and CIII. Engagement dangers contributing to the capabilities of the MSS and People’s Liberation Army (PLA), and will come up via joint analysis alternatives, overlap at worldwide tutorial conferences, and product gross sales channels. Conducting due diligence investigations on any social gathering eager about applied sciences mentioned on this report is important.
Key Findings
- BIETA’s nearly sure ties to the MSS are inferable from the background of 4 BIETA personnel (three of that are nearly actually or very probably MSS personnel), its relationship with an MSS-run college (the University of International Relations in Beijing), and the scope of its analysis and different actions.
- BIETA’s analysis nearly actually contributes to the MSS’s steganographic capabilities that Chinese intelligence officers and contractors probably use to covertly talk or deploy malware, whereas different merchandise from BIETA and CIII nearly actually allow MSS and wider state and public safety counterintelligence investigations.
- BIETA’s nearly sure MSS affiliation presents readability into the very probably enablement function that the MSS performs with regard to Chinese cyber-espionage and cyber-enabled intelligence operations, whereby the MSS and subordinate state safety departments develop and distribute applied sciences to operational actors.
- Discovery of BIETA additionally presents new perception into the MSS’s organizational construction: BIETA was probably a part of the MSS’s former thirteenth Bureau, the remit of which was probably a lot broader than generally acknowledged in connection to CNITSEC; it is usually believable that BIETA was a part of the previous ninth Bureau, which is now 14th Bureau.
- BIETA’s analysis probably advantages from collaboration with worldwide lecturers and publicity to worldwide tutorial conferences, and really probably from overseas steganography know-how acquired by CIII. CIII has tried to assist China’s navy modernization with overseas software program for simulating and modeling communication networks and battlefield environments.
Organizational Overview
The Beijing Institute of Electronics Technology and Application (北京电子技术应用研究所) is a analysis group primarily engaged in utilized analysis of communication know-how, multimedia data processing, and multimedia data safety know-how. It has at the very least one wholly owned subsidiary: Beijing Sanxin Times Technology Co., Ltd. (CIII; 北京三信时代科技有限公司). The actions of BIETA and CIII nearly actually contribute to the capabilities of the MSS and, probably, to these of China’s wider safety equipment and navy. The MSS (国家安全部) oversees a nationwide system of semi-autonomous items that represent a home police power and China’s main civilian intelligence service accountable for human-source and cyber-enabled political and home safety, counterintelligence and counterespionage, non-military overseas strategic intelligence, and overseas financial and technological intelligence. BIETA and CIII are profiled beneath.
BIETA
BIETA was established no later than 1990, nearly actually present in some kind as early as 1983 — the yr the MSS was created. It is situated, per its web site, at No. 15 Xinjian Gongmen Road, Haidian District, Beijing (北京市海淀区新建宫门路15号). As proven in Figure 1, this deal with is adjoining to or inside the MSS’s nearly sure headquarters compound at Xiyuan (West Garden). BIETA is sort of actually state-owned, on condition that the web site of BIETA’s subsidiary, CIII, describes itself (CIII) as an “enterprise that is owned by the whole people” (全民所有制企业). BIETA is sort of actually affiliated with the MSS, very probably led by the MSS, and certain a entrance for the MSS First Research Institute.
(Source: Baidu Maps, Google Earth)
BIETA includes at the very least 4 laboratories and one testing middle. Its laboratories embrace the Communication Technology Research Lab, Multimedia Information Security Technology Research Lab, Electromagnetic Compatible Technology Research Lab, and the Hybrid Integrated Circuits Development Research Lab. BIETA’s Quality Testing Center (质量检测中心) is additional composed of the Integrated Circuits Testing Experimental Lab, the Network Technology Testing Experimental Lab, the Multi-Media Technology Testing Experimental Lab, the Audio-Visual Subjective Evaluation Room, and the Product Integrated Testing Center Experimental Lab.
BIETA asserts that its “main analysis instructions,” amongst others, embrace:
- Wireless, satellite tv for pc, unfold spectrum, and microwave communication applied sciences
- Information processing and multimedia data safety applied sciences
- Computer vulnerability, data safety, sign positioning, and sign jamming applied sciences
Steganography is one other of BIETA’s “main analysis instructions,” and a significant focus primarily based on the group’s publicly seen tutorial actions. This line of analysis is mentioned within the Steganography part. Other areas of analysis by BIETA and its researchers embrace forensics know-how (together with strategies of figuring out video recordsdata which were tampered with, textual content forgeries, fabricated photographs, supply cameras, and supply printers), cryptography, networking, and know-how miniaturization (of antennas, for instance). In 2016, for instance, as China’s counter-terrorism marketing campaign in Xinjiang started escalating to incorporate mass detentions of Uyghur and ethnic minorities, BIETA researchers co-authored an educational article on Uyghur textual content recognition. These areas of analysis assist the evaluation that BIETA is sort of actually affiliated with the MSS.
Given BIETA’s nearly sure affiliation with the MSS, in addition to the remit of the MSS and wider state safety equipment to analyze and mitigate home and overseas threats to the Chinese Communist Party (CCP) and China, it’s nearly sure that the group’s analysis straight or not directly allows MSS operations throughout a spread of actions. It is noteworthy on this context that BIETA contracted venture(s) with NSFocus (北京神州绿盟信息安全科技股份有限公司) between 2013 and 2017. The nature of the venture or tasks is unknown, however NSFocus is amongst China’s main cybersecurity corporations and the primary based by early patriotic hackers (particularly these related to the “Green Army”).
Ties to the MSS
The evaluation that BIETA is sort of actually affiliated with the MSS, very probably led by the MSS, and certain a entrance for the MSS First Research Institute is primarily supported by proof that a number of of BIETA’s personnel (with various levels of certainty) are MSS officers, analysis workers, or in any other case affiliated with China’s principal intelligence service. The evaluation can be supported by BIETA’s engagement with an MSS-subordinate college, the University of International Relations (UIR; 国际关系学院).
Personnel
Though the MSS is a extremely secretive group, at the very least 4 BIETA personnel have clear or potential hyperlinks to the MSS, primarily based on publicly obtainable data. This helps the evaluation that BIETA itself is sort of actually affiliated with China’s principal civilian intelligence service. Of greater than twenty people presently or previously affiliated with BIETA, at the very least three people are nearly actually or very probably MSS personnel. There is proof that factors to at least one different BIETA worker having a potential MSS affiliation. The proof linking these personnel to the MSS is surveyed beneath.
Wu Shizhong (吴世忠)
Multiple public profiles establish Wu Shizhong as a BIETA researcher, one profile from as early as 2011. In 2009, and certain as late as 2016, Wu Shizhong was the pinnacle of the “MSS Science and Technology Bureau” (国家安全部科技局). Between 2005 and 2013, Wu was additionally the director of the China Information Technology Security Evaluation Center (CNITSEC; 中国信息安全测评中心). Wu was additional the secretary of CNITSEC’s CCP committee between 2014 and 2018. CNITSEC is sort of actually a public face of the MSS’s former thirteenth Bureau that specialised (partly) in community safety and exploitation. According to at least one profile, Wu was employed at BIETA whereas additionally holding directorship of CNITSEC. Wu’s background helps the evaluation that BIETA is sort of actually affiliated with the MSS.
He Dequan (何德全)
Beginning in 1983 — the yr the MSS was created — He Dequan was nearly actually employed as a senior engineer at BIETA. Academic publications point out that, as late as 2009, He nonetheless used a BIETA affiliation. He was nearly actually a profession intelligence officer in China, previous to and after the MSS’s institution. In 1983, He was additionally deputy bureau chief (副局长) for “some security department” (某安全部) and a researcher with and director of the Beijing Information Technology Research Institute (BITRI; 北京信息技术应用研究所). Although public profiles don’t explicitly say that from 1983 to 2000, He was employed with the MSS, he received a “Ministry of State Security Science and Technology Advancement Award” (国家安全部科技进步奖) in 1989, supporting this conclusion. He’s hyperlinks to the MSS are additionally seen in his consulting place with CNITSEC. Further, he has had an advisory function with the China International Public Relations Association (中国国际公共关系协会), an outwardly Ministry of Foreign Affairs-affiliated group that’s reportedly run by the MSS and utilized by MSS officers to work together with multinational firms. Moreover, He’s BITRI affiliation is notable as a result of this analysis group has had different workers related to the MSS. Specifically, BITRI seems within the work historical past of former Huawei government Sun Yafang (孙亚芳), who labored for the MSS in a job associated to communications after faculty. He’s background helps the evaluation that BIETA is sort of actually affiliated with the MSS and that BIETA could be very probably led by the MSS.
You Xingang (尤新刚)
You Xingang has printed tutorial analysis utilizing a BIETA affiliation since at the very least 2001. You was the pinnacle of BIETA between 2008 and 2023. You could be very probably an MSS officer. In 2012, You was described as a CNITSEC deputy director. References from 2018 and 2019 proceed to affiliate You with CNITSEC in an unspecified capability. Furthermore, in 2003, a person named You Xingang was awarded a China Youth Science and Technology Innovation Award (中国青年科技创新奖) and recognized as a researcher with the MSS First Research Institute (国家安全部第一研究所). This You is probably going BIETA’s You Xingang. Having reportedly graduated from college in 1984, BIETA’s You would probably have been across the age of 39 on the time of the award and due to this fact eligible for it. Evidence supporting the evaluation that BIETA is probably going a entrance for MSS First Research Institute are indications that the MSS First Research Institute’s actions overlap with these of BIETA. A patent filed in 2007 references the MSS First Research Institute as having examined an “MT-type nickel-based conductive coating … used for electromagnetic wave shielding.” Correspondingly, BIETA has an Electromagnetic Compatible Technology Research Lab (电磁兼容技术研究室) and conducts analysis into electromagnetic sign safety safety know-how. You’s background helps the evaluation that BIETA is sort of actually affiliated with the MSS, very probably led by the MSS, and certain a public entrance for the MSS First Research Institute.
Zhou Linna (周琳娜)
Zhou Linna reportedly labored at BIETA between 1999 and roughly 2017, publishing tutorial analysis underneath this affiliation at the very least as late as 2011. Evidence helps an evaluation that Zhou may be an MSS officer or in any other case affiliated with the intelligence service. First, Zhou is a professor with the MSS-subordinate UIR. As early as 2017, she was, extra particularly, recognized because the dean of UIR’s School of Information Science and Technology (信息科技学院; now the School of Cyber Science and Engineering [网络空间安全学院]). An particular person named Zhou Linna was additionally acknowledged in 2017 among the many recipients of the Central State Institutions Ninth National Five Good Civilized Household Award (中央国家机关第九届全国五好文明家庭获奖) and recognized as a member of the MSS (国家安全部干部). As of writing, nonetheless, this potential direct reference to BIETA’s Zhou as an MSS member can’t be corroborated via different publicly obtainable data. Zhou’s background helps the evaluation that BIETA is sort of actually affiliated with the MSS.
Activities
BIETA’s organizational hyperlinks and actions in relation to the MSS-subordinate UIR additionally assist the evaluation that BIETA is sort of actually affiliated with the MSS. UIR promotional supplies for potential graduate college students assert “year-round” and “very close cooperation” between the college and BIETA. Between at the very least 2011 and 2018, BIETA was a “joint training” companion for the college’s Communications and Information Systems (通信与信息系统) self-discipline. Specifically, BIETA supported trendy communications know-how and knowledge safety as areas of research. UIR’s School of Cyber Science and Engineering additional asserts that it has an “intern base” at BIETA the place graduates can attain sensible {industry} expertise. UIR’s School of Cyber Science and Engineering solely publicly names intern bases at two different organizations, certainly one of which is CNITSEC.
CIII
CIII, often known as Beijing Sanxin Times Technology Co., Ltd., and previously generally known as Beijing Sanxin Times Information Company (北京三信时代信息公司), is a know-how firm established in 1994. CIII is a state-owned enterprise and a subsidiary of BIETA. It is situated in Beijing and has places of work in Shanghai and Hangzhou (integrated in October 2023), a possible workplace in Hong Kong, and former places of work (now closed) in Xinjiang. CIII claims its shoppers embrace party-state authorities and navy organizations in addition to organizations within the broadcasting, finance, surroundings, insurance coverage, electrical energy, transport, and oil industries. While CIII has shared a number of workers with BIETA, publicly obtainable data doesn’t establish hyperlinks between CIII workers and the MSS. Nevertheless, CIII can be nearly actually affiliated with the MSS via its relationship to BIETA.
On its web site, the corporate claims to be engaged in a number of disparate actions that embrace working an web information middle (IDC) in Beijing; sustaining Beidou Satellite Navigation-enabled platforms for police and campus safety organizations; creating enterprise and social functions for Windows, Android, and iOS — together with these for importing recordsdata to Baidu Cloud and OneDrive and for family tree, pictures, voice recording, and finding and speaking with buddies — and conducting community simulations and penetration testing in opposition to web sites, cellular functions, enterprise programs, servers, databases, cloud platforms, and internet-of-things gear. How just lately CIII’s web site has been up to date is unknown, however software program copyright registrations point out actions since 2020 (see Table 1). CIII additionally registered a copyright for a “mesh detection system” (网眼检测系统) in 2017 and a “penetration testing analysis system” (渗透测试分析系统) in 2013.
Software Copyright Name
Latest Registration Date
Intelligent Discussion Android App (慧议通安卓版应用软件)
November 29, 2021
Secure Instant Communication Software (安全即时通讯软件)
June 15, 2020
Beidou Satellite Communication Software (BD卫星通信软件)
June 14, 2020
Table 1: Select software program developed by CIII since 2020 (Source: Insikt Group)
Limited data is publicly obtainable on most of those actions and whether or not or how they could assist the MSS. Most are probably geared toward producing earnings for BIETA, commercializing state-funded analysis, and supporting state-led know-how initiatives. For instance, CIII probably contributed to the event of “Time Capsule” (时间舱), a cellular software that claims to be China’s “first smart information rights protection certificate ledger” (智慧信息权益保全存证) platform. “Time Capsule” was developed by a joint laboratory established by CIII, different corporations, and varied authorities businesses and analysis institutes. CIII’s possession of an IDC and publication of person functions as just lately as 2021 suggests the MSS might have, or as soon as have had, easy accessibility to person information through CIII. The extent to which the general public adopted CIII’s functions is unknown.
CIII additionally sells a variety of safety merchandise, providers, and options which are related to the power and operational safety wants of the MSS and different Chinese navy and safety providers. These are additional mentioned within the Security Products part. CIII additional claims to be an “agent [or representative; 代理] for network testing, network monitoring, cybersecurity, network communications simulation, and other software and hardware products developed by the United States [US], Europe, and other countries.” CIII’s acquisition of overseas applied sciences (whether or not as an agent or via different means) nearly actually allows the corporate’s actions associated to community simulation, penetration testing, and varied Chinese navy wants. The Technology Transfer part discusses this facet of CIII’s enterprise in additional element.
Ties to the MSS
Publicly obtainable data doesn’t reveal direct hyperlinks between CIII and the MSS. In describing its work associated to Beidou navigation, CIII refers to CNITSEC as a “related unit” (关系单位) that gives data safety providers for CII’s Beidou platform and terminals. Whether this language has any further that means or significance with regard to institutional ties between CIII and the MSS is unclear. Since at the very least 2017, CIII has been a CNITSEC-recognized “unit [that has] passed the national information security evaluation/information security service qualification (security engineering level 1) evaluation” (通过国家信息安全测评/信息安全服务资质(安全工程类一级)测评的单位). The potential significance of this qualification in relation to CIII’s potential ties to the MSS can be unclear.
Support to the MSS and Wider Security Apparatus
In addition to different assist, BIETA and its subsidiary, CIII, nearly actually facilitate the MSS’s and state safety system’s missions by creating steganographic capabilities and promoting safety gear. CIII claims to additional assist the PLA (人民解放军) with its services and products. It is probably going that applied sciences developed or offered by BIETA and CIII additionally assist public safety operations. Notably, each BIETA and CIII nearly actually represent a vector for know-how switch from the US and Europe that straight or not directly advantages the MSS and PLA.
Steganography
Publicly obtainable data demonstrates that steganography (信息隐藏; 数据隐藏; 隐写术) is a significant point of interest of BIETA’s analysis efforts. Steganography is the follow of hiding data inside in any other case unusual information, reminiscent of secret messages embedded in textual content, picture, audio, or video recordsdata. Of 87 tutorial publications with at the very least one BIETA-affiliated creator between 1991 and 2023, at the very least 40 (46%) are associated to steganography, primarily based on key phrase searches of their titles and abstracts. Various authorities funding applications, together with the National Natural Sciences Fund (国家自然科学基金), 973 Program (973计划), and 863 Program (863计划), have supported BIETA’s steganography analysis as just lately as 2019. UIR interns have additionally labored on steganography points. In addition to tutorial publishing, BIETA has additionally sponsored or participated in associated conferences, reminiscent of a nationwide convention on “the future development of information hiding” in 2017 and the “18th national information hiding and multimedia information security” convention in October 2024. Based on BIETA’s nearly sure affiliation with the MSS and proof that Chinese state safety intelligence officers have “received malware from the MSS to be used against foreign victims” in recognized cyber espionage instances, BIETA’s analysis nearly actually contributes to the MSS’s technical capabilities for detecting hidden data and speaking covertly which are prone to be shared with different actors within the state safety system.
CIII has additionally obtained copyrights for software program associated to steganography. Examples embrace an “audio-visual-to-voice conversion secrets deep analysis system” (音图转换语音隐密深度分析系统) and a “JPEG image forensics differentiation method based on characteristics optimization” (基于特征优化选择的JPEG图像取证鉴别方法软件), each registered in 2017.
BIETA and CIII’s steganography work nearly actually has the potential to assist defensive and offensive MSS operational actions. Defensively, entry to efficient steganalysis strategies throughout mediums and file varieties may help the state safety system in detecting hidden data that threatens CCP political energy and nationwide safety, reminiscent of amongst would-be dissidents and overseas intelligence providers. Offensively, the MSS, state safety departments and bureaus, and their contractors or proxies may use steganography to covertly transmit data of worth in assist of their operations. Chinese superior persistent threats (APTs) have been noticed doing so and have additionally used steganography to deploy malware (see Steganography in Chinese Cyber Operations beneath). Officers from the Shanghai State Security Bureau (SSSB) additionally supplied former US intelligence officer Kevin Mallory a cell phone with COVCOM capabilities and skilled him tips on how to embed paperwork inside photographs as a part of a scheme wherein Mallory offered the SSSB categorised data.
BIETA’s steganography analysis covers a spread of matters throughout totally different media: textual content, picture (reminiscent of JPEG), audio (reminiscent of MP3), and video (HEVC). Public BIETA-affiliated tutorial articles nearly actually cowl matters which are related to each defensive and offensive functions, such because the detection of messages inside MP3 recordsdata and stopping the detection of data hidden in photographs. BIETA’s analysis additionally consists of creating strategies of covertly transmitting data. Figure 5 offers examples of strategies explored by BIETA researchers for coding messages into seemingly unusual digital on-line communications. During a 2019 convention panel on steganography and synthetic intelligence (AI), an affiliate researcher with BIETA launched Generative Adversarial Networks (GAN), suggesting that is one other space of analysis for the group.
Figure 5: Steganographic strategies researched by BIETA personnel; left: mis-ordered letters in an ostensible web chat message talk a message disguised as a typo (2009); proper: iconographic library used to speak secret messages (2019) (Source: Insikt Group)
Steganography in Chinese Cyber Operations
Several Chinese APTs have used steganography of their operations. APT40, which operates underneath the path of the Hainan State Security Department (海南国家安全厅), used this system to transmit “stolen trade secrets and proprietary hydroacoustic data” through innocuous photographs (Figure 6). APT15, which has been tentatively attributed to Xi’an Tianhe Defense Technology Co., Ltd. (西安天和防务技术股份有限公司), has used steganography to stealthily deploy malware whereas avoiding detection (Figure 7). APT1, attributed to PLA Unit 61398 (61398部队), probably additionally used steganographic strategies.
Figure 7: Image utilized by APT15 to ship the payload of the Okrum malware (Source: ESET Digital Security)
Security Products
CIII advertises quite a few safety and forensic investigation merchandise, providers, and options related to the MSS’s missions and people of the broader state safety and public safety equipment. These gadgets cowl use instances together with conducting forensic or counterintelligence investigations of a given venue; stopping electronics from getting into a given space; stopping information (within the type of alerts and recordings) from being collected; and figuring out, intercepting, and jamming cell phones throughout the spectrum (2G-5G). Examples of those gadgets are listed in Table 2. Most are probably gadgets that CIII resells from different builders and producers, however at the very least two are CIII- or BIETA-developed gadgets. Another product nearly actually developed by CIII or BIETA, however not marketed on CIII’s web site, is a fingerprint-secured USB drive, which BIETA licensed with CNITSEC in 2006.
Product(s)
Image
Additional Notes
Laptop Computer Information Protection Device
Desktop Computer Signal Protection Device (proven proper)
These gadgets had been developed by CIII or BIETA. An older model of the machine (proven left) was licensed by CNITSEC in 2001.
These gadgets defend in opposition to data theft and leaks by interfering with alerts emitted by a laptop computer or desktop laptop.
Environment Security Inspection Kit
The equipment consists of an infrared thermal imaging detector, wi-fi surroundings evaluation and warning system, handheld counter-surveillance detector, and digicam detector for “safety examination of common confidential locations.”
3D Portable X-Ray Inspection Instrument
Large-Venue Cell Phone Positioning System
A safety answer for figuring out, monitoring, positioning, and blocking cell phones inside giant venues (reminiscent of inside a convention room or constructing), together with the power to seize textual content messages and calls from managed telephones.
Recording Interference Briefcase
Table 2: Select safety merchandise marketed by CIII (Source: CIII)
Technology Transfer
Through BIETA and CIII, the MSS and PLA nearly actually profit from entry to worldwide skilled communities and overseas know-how. BIETA and CIII’s actions are probably authorized or had been authorized on the time the proof described beneath was created — a lot of which comes from CIII’s web site and certain dates to roughly 2017 or earlier. Nevertheless, BIETA and CIII’s operations probably proceed to create know-how switch dangers.
BIETA’s Academic Activities
BIETA’s researchers probably profit straight or not directly from worldwide collaboration with different lecturers. Articles co-authored by BIETA personnel and others have been offered at varied worldwide conferences since at the very least 2012. Topics embrace “excessive capability coverless picture steganography,” models for studying network worms targeting social media users, and “audio signal authentication.” A restricted variety of BIETA-affiliated articles offered internationally have additional included co-authors at overseas tutorial establishments, particularly Deakin University in Australia and State University of New York at Buffalo within the US.
Whether BIETA researchers personally attend worldwide conferences, such because the 2017 European Signal Processing Conference and people hosted by the Institute of Electrical and Electronics Engineers (IEEE), is unknown. Given BIETA’s nearly sure affiliation with the MSS, in the event that they do, these conferences very probably allow BIETA — and due to this fact China’s main intelligence service — to elicit suggestions from overseas specialists on matters of curiosity. Direct participation overseas would additionally very probably allow BIETA to identify specialists engaged on comparable points that may very well be approached for collaboration or focused by state safety brokers at a later date. Even if BIETA researchers don’t journey overseas, BIETA can probably nonetheless profit from worldwide publicity in skilled circles that legitimizes the group if it reaches out to overseas universities or people. Past analysis into MSS ways has discovered the intelligence service nearly actually depends “on real and internationally recognised lecturers to open doorways, make introductions and collect intelligence.” In this context, the Chinese and overseas co-authors who work with BIETA may grow to be conduits between the MSS and overseas skilled communities.
CIII’s Imports
As famous, CIII claims it acts as an agent for US and European community testing, safety, and simulation software program merchandise. A number of overseas software program is marketed on its web site, suggesting (in some instances even stating) that these are the merchandise CIII resells — and those who it nearly actually works with — in offering providers associated to community surroundings simulation, penetration testing, and navy gear and operations modeling. Note that CIII might not have direct relationships with the overseas corporations named on its web site; its aforementioned claims of being an agent for varied corporations are usually not verified. As indicated above, the data on CIII’s web site is probably not present.
Steganography Software
One of the applied sciences CIII advertises is WetStone Technologies’s StegoHunt, which allows the invention of steganography in a spread of file varieties. StegoHunt as allegedly offered by CIII nearly actually consists of WetStone’s StegoAnalyst and StegoBreak applications. These allow additional evaluation of and knowledge extraction from investigated recordsdata. BIETA very probably advantages from CIII’s entry to this suite of overseas steganography instruments.
Military Simulation and Modeling
CIII advertises a spread of overseas software program and providers associated to communication simulation, 3D modeling, and operational planning for navy and defense-industry use instances. These embrace “consulting and development” for third-party functions utilizing Systems Tool Kit (STK) and Orbit Determination Tool Kit (ODTK), applications developed by the US-based Ansys Government Initiatives (AGI). Atoll, OPNET, RCS-Analyzer, WRAP, VEGA Prime, and MAK VR-Forces are different overseas software program marketed on CIII’s web site. CIII additionally presents a “3D digital digital sand desk,” claiming “full military simulation production technology.” If the digital sand desk referred to on CIII’s web site isn’t itself a overseas product, it nearly actually advantages from the overseas software program to which CIII has entry and for which CIII develops functions.
In about 2010, and no sooner than 2009, CIII very probably gave a presentation to the PLA or China’s protection {industry} on QualNet and EXata. Developed by the US-based Scalable Network Technologies (SNT), these software program allow simulation, emulation, and evaluation of communication networks. The nearly sure function of the presentation was to promote the worth of those and associated software program applications — reminiscent of VisNet Defense, Network Centric Forces, and VR-Forces — for China’s navy and protection {industry} modernization. One slide within the presentation is titled “Start Our Complex Network — LandWarNet,” which explains how the US Army’s LandWarNet is structured. According to the presentation, CIII’s clients include PLA Electronic Engineering Institute (解放军电子工程学院; now part of the National University of Defense Technology [国防科技大学]); several of the group of universities known as the “Seven Sons of National Defense” (国防七子); and the state-owned protection contractor China Electronics Technology Group Corporation (CETC; 中国电子科技集团公司).
Network Simulation and Penetration
CIII advertises numerous “network functionality testing tools” and a “network offense-defense electronic range” from overseas suppliers. CIII nearly actually makes use of these merchandise in its penetration testing actions and sells them to others engaged in comparable actions. Products within the former class embrace a “network application layer functionality testing tool” known as IxChariot that was developed by the US-based enterprise Ixia, which was acquired by Keysight Technologies in 2017. Among different merchandise, CIII additionally advertises gear from Spain’s ALBEDO Telecom, together with Net.Storm “community impairer,” Net.Hunter “network monitor and analyzer,” and Ether.Giga “gigabit ethernet tester.”
In the latter class — “network offense-defense electronic range” — CIII advertises Ixia’s (now Keysight’s) BreakingPoint cyber vary. Cyber ranges have reliable defensive functions, reminiscent of simulating cyberattacks to strengthen a corporation’s cybersecurity posture. They will also be used for coaching capabilities associated to “‘target scouting, information theft, network intrusion … information or service destruction, and other attack methods’, in addition to for evaluating the ‘attack effects’ of assorted assaults,” in response to authoritative Chinese navy sources.
Other Applications
In 2016, CIII registered a “Datacrypt Hummingbird online storage upload software” (Datacrypt蜂鸟网盘上传软件) for copyright. “Hummingbird” is probably going a reference to “a lightweight encryption and message authentication” base-level algorithm (a “primitive”) first printed throughout a 2009 convention organized by the Research Institute for Symbolic Computation in Austria.
According to CIII’s web site, the IDC it operates in Beijing makes use of those open-source and US applied sciences: a Cacti “community visitors monitoring platform,” Multi Router Traffic Grapher (MRTG) “network traffic monitoring,” and a SolarWinds “community load monitoring platform.”
In addition to the aforementioned traces of enterprise, BIETA and CIII even have or as soon as had manufacturing traces for producing thick movie circuits, micro-circuits, floor mounts, and naked chip mounts that relied on imported overseas machines from the US and Japan. BIETA and CIII declare to supply communication gear interface circuits, car ignition circuits, process-controlled switching and military-use analogue-digitial/digital-analogue (AD/DA) converters, and “public safety safety inspection circuits” (公安安检电路) amongst different objects. All of the machines and pictures associated to this exercise on BIETA’s and CIII’s web sites are older, probably relationship at the very least to the Nineties or early 2000s. How energetic these manufacturing traces are as of this writing is unknown.
Implications for Understanding the MSS
Discovery of BIETA’s nearly sure affiliation with the MSS brings further readability to the MSS’s function in offensive Chinese our on-line world and cyber-enabled intelligence actions, and to the MSS’s organizational construction. The MSS — which sits atop a community of sub-national, semi-autonomous state safety organizations — very probably performs a supporting function in our on-line world operations. BIETA’s analysis is sort of actually used to create applied sciences that allow the MSS’s mission. The MSS then probably makes capabilities benefiting from BIETA’s achievements obtainable to subordinate state safety departments, bureaus, and officers, which in flip present them to their contractors or proxies. In the sector of steganography, these applied sciences probably embrace applications to covertly transmit data and applications to detect data covertly transmitted by the CCP’s adversaries.
This mannequin, whereby the MSS’s analysis establishments or companions very probably assist the event of know-how that’s distributed to others all through the state safety equipment, is supported by prior analysis and proof. First, the MSS very probably evaluates vulnerabilities submitted to nationwide vulnerability databases, together with one run by the MSS-subordinate CNITSEC, for their utility in cyber espionage, nearly actually to distribute these to Chinese APTs. Second, as talked about, state safety intelligence officers have reportedly “received malware from the MSS to be used against foreign victims” in recognized cyber espionage instances. Third, state safety intelligence officers have supplied malware to cyber risk actors and supplied recruited overseas belongings with COVCOM gadgets and steganography coaching. Cyber expertise on the provincial degree of the state safety system — which is extra straight concerned in managing offensive cyber operations — probably additionally develops instruments for operational use.
Additionally, the overlap between BIETA and CNITSEC personnel probably signifies that each organizations had been organized underneath the previous thirteenth Bureau, and that this bureau’s remit was probably a lot broader than simply community safety as most public consideration to CNITSEC suggests. Aligning with the aforementioned references to former CNITSEC Director Wu Shizhong as the pinnacle of the “MSS Science and Technology Bureau,” the MSS’s former thirteenth Bureau probably additionally oversaw the event of assorted applied sciences related to the MSS’s intelligence, counterintelligence, and investigative duties, prone to embrace some biomedical analysis. However, the remit of the MSS’s former ninth Bureau probably lined communications surveillance and safety, surveillance and forensic know-how, and cybersecurity analysis via the Nanjing Institute of Information Technology (南京信息技术研究院). It is, due to this fact, additionally believable that BIETA was organized underneath the ninth Bureau. The MSS’s organizational construction has modified since 2018; the previous thirteenth Bureau’s new quantity is unknown, and the previous ninth Bureau has grow to be the 14th Bureau, although it’s unconfirmed whether or not the brand new 14th Bureau retains a cybersecurity remit.
Outlook
Public proof of the MSS’s very probably huge community of entrance organizations and co-optation of entities for intelligence actions is growing. This proof consists of cybersecurity corporations engaged in offensive operations, universities leveraged for mental property theft, non-profit organizations used for social affect, and now — nearly actually — analysis institutes and their subordinate corporations established to supply know-how enablement.
BIETA and CIII nearly actually pose know-how switch dangers. How usually BIETA and CIII conduct enterprise exterior of China or collaborate with overseas specialists is unknown. However, overseas export management authorities involved concerning the Chinese intelligence neighborhood and navy’s entry to COVCOM applied sciences like steganography, community simulation, penetration testing, and 3D and communications modeling applied sciences ought to assessment these entities. They ought to contemplate warning authorities and navy officers of their international locations about these organizations’ assessed hyperlinks to the MSS and PLA and doubtlessly add them to lists of organizations for which approval is required to export delicate know-how.
Foreign tutorial establishments and companies with actions associated to COVCOM, community penetration, community simulation, superior modeling, and forensic applied sciences ought to, throughout safety coaching, advise workers about dangers stemming from engagement with anybody asserting a BIETA or CIII affiliation to keep away from inadvertently contributing to the capabilities of the MSS, PLA, and wider Chinese party-state safety equipment. Academics or workers who’re approached by both group needs to be instructed to report this to applicable safety contacts. More typically, earlier than agreeing to any transaction involving delicate or doubtlessly delicate applied sciences, tutorial establishments and companies ought to try to totally examine their would-be companions or shoppers.