The threat of Chinese espionage is becoming more known among the general public, because of news articles, research papers and other analyses published of incidents that have occurred. Also heads of intelligence services, especially in Europe, have warned its citizens of the threat China’s intelligence services pose for their national security. The Five Eyes (a joint cooperation between the intelligence agencies of US, UK, Canada, New Zealand and Australia that share signal intelligence) for example, told its citizens that ‘the threat has only gotten more dangerous and more insidious in recent years’.
While some EU governments have become aware of the risks present in higher value espionage targets such as sensitive technology and energy projects, there are other industries at risk. The hotel industry is one such example where sensitive information can be gathered and used for intelligence purposes. It is thus important for the sector to remain aware of the risks in handling China’s sensitive investment in the industry.
Methods of the Ministry of State Security
The Ministry State of Security (MSS) is the primary intelligence agency of China who is responsible for Chinese foreign intelligence, counterintelligence and political security. All responsibilities are oriented towards the interests of the Chinese Communist Party (CCP). The MSS deems domestic as well as foreign actors or individuals as posing a risk to the CCP. The MSS plays an important role by conducting espionage activities to gather intelligence, but also in influencing operations, cyber attacks, policing and surveillance activities. These methods can overlap and are used for multiple purposes. In short, the methods can be described as:
Gathering intelligence
MSS officers use different types of sources to obtain the necessary information. For example, the MSS utilizes HUMINT (infiltrating organizations or recruiting insiders), OSINT (using open sources) and SIGINT (intercepting communications and deploying advanced electronic surveillance), to gain insights into foreign governments, military capabilities, economic conditions and technological developments.
Influencing operations
The MSS wants to shape the political, social or economic beliefs of foreigners in favor of the CCP. They do this by swaying the public opinion, manipulating political processes and influencing decision-makers abroad. Examples include propaganda, lobbying and engaging with local influencers/organizations/politicians to promote positive narratives for the CCP’s policies.
Cyber attacks
There are various hacker groups active, sometimes backed by the CCP, that conduct cyber attacks worldwide. This is a common way through which the MSS gathers information. The attacks include hacking into foreign government databases, corporate networks and critical infrastructure. Conducting a cyber attack is usually the first step of an operation, which can give perpetrators (digital) access to an organization’s assets. This gives them a strategic advantage for further actions.
Police stations
The MSS operates through covert police stations on foreign soil, to monitor Chinese nationals abroad, suppress dissidents and exert control over the Chinese diaspora. These operations extend the reach of Chinese law enforcement beyond its borders and help maintain the CCP’s influence over its citizens worldwide. These actions are illegal in most (European) countries.
Surveillance
The MSS employs extensive surveillance networks, using advanced technologies such as facial recognition, drones and artificial intelligence to monitor individuals and groups. This can involve physical surveillance by operatives (which is less used in foreign countries), electronic eavesdropping and monitoring digital communications (through Chinese apps for example). Surveillance is MSS’s way of tracking potential threats, gathering intelligence but also aiming to influence people of Chinese origin, particularly those involved in sensitive or politically significant activities.
Overlooking security risks?
The comprehensive national security strategy of President Xi Jinping aims to cover all aspects of Chinese society. It also extends to the CCP’s foreign adversaries. Nations, organizations and individuals opposed to the regime are targeted by MSS’s espionage activities. Several European intelligence agencies have marked Chinese investment as a security threat. According to the agencies, their target is primarily focussed on investing in vital infrastructure and sensitive technology.The European Union has to some degree recognised the problem of investments made with the wrong intentions or to benefit state interests. That’s why they have implemented an EU framework for Foreign Direct Investment (FDI) screenings. The objective of the regulation is to make sure that the EU is better equipped to identify, assess and mitigate potential risks to security and public order. The framework is designed for critical infrastructure, critical technologies, supply chains of raw materials, access to/controlling sensitive information and freedom/pluralism of the media.
China’s investments do not stop there. Many (private) companies that have different processes may have assets that are still targets for the CCP. What may be underrated but is vital for national security is travel intelligence (TRAVINT). This form of intelligence refers to information collected from and analyses of a wide range of travel companies. Hotels play a significant role in TRAVINT, because it is connected to every aspect of travel. The hotel industry is also an attractive target, because a large amount of personal data is processed by the hotels. A minimum level of personal information is always needed to book a stay for a guest. Following the General Data Protection Regulation (GDPR) the hotels need to strongly monitor the process of obtaining and controlling the information. Hotels need to explicitly ask permission to require the personal data and guests need to sign privacy statements. According to those statements, various kinds of information are obtained for different kinds of purposes.
The CCP is specifically trying to gather enormous amounts of personal data, but it is unknown how and to what ends the CCP is going to use these amounts of data for. There is a likelihood that the CCP could deploy it to monitor/identify individuals and groups for possible recruitment/influencing purposes.
Influence of investments
Foreign Direct Investment (FDI) is a way of investing into a business or organization in another country while establishing a lasting interest. From 2000 until 2016 the Netherlands was the 7th largest recipient of FDI originating from China and the majority of these investments were made through acquisitions. At the same time, 34,8 million USD was invested in real estate and hospitality. There is little record of clear connections between the CCP and the private sector in China, which makes it difficult to collect hard evidence on espionage attempts. Therefore, it is not clear if the CCP directly pushes the business sector to invest in foreign countries of their choice, but there are clear concerns of espionage risk due to previous incidents.
In one example, in 2014 the Waldorf Astoria hotel in New York came under Chinese ownership, as one of America’s most famous hotels was sold to China’s Anbang Insurance Group for almost 2 billion USD. The acquirer was a Chinese state-owned insurance company, the first to enter the US market. After four years of ownership, the Chinese government took control of the insurance group meaning that the organization fell into the state-controlled China Insurance Security Fund. The fund issued a statement, saying it was acting to protect consumers of insurance products as Anbang threatened to go bankrupt. Together with the Waldorf Astoria other hotels were also acquired by Anbang, who were directly under control of the Chinese government. Before the direct involvement of the Chinese government, there was already fear of its influence on hotel guests during stays. In 2015 the US president Barack Obama refused to stay at the Waldorf Astoria hotel during the annual UN General Assembly. Even though the hotel was a fixed accommodation for the event, the fear of espionage pushed the US president, the Secret Service and Obama’s White House staff to stay at another hotel.
There was a similar event with the Chinese HNA Group. HNA Group was a conglomerate of Anbang, which funded a lot of overseas acquisitions around 2010. Among those acquisitions was Hilton Worldwide Holdings Inc. Through the years the CCP slowly seized control of the group by limiting their powers, which resulted in a request for bankruptcy. The CCP has stepped up to restructure HNA and to protect its assets against external threats. It still remains active to this day, with an executive chairman appointed by the Hainan government, an island to the south of China.
Investments in the hotel industry, backed by the CCP, can cause consequences for the national security of European countries. A greater supply of Chinese FDI will decrease other investments. Secondly, an increase in Chinese FDI will give them more power on the market, making the hotel industry dependent on it. And lastly, potential interference of the CCP will increase the risk of espionage.
Risks of espionage in the hotel industry
Dyami Services has conducted an internal research on the risks of Chinese espionage for guests of hotel chains in the Netherlands, that can result in serious incidents with severe impact if not correctly acted on. The research gave a general indication of risks that apply to the hotel industry.
The results of the research showed that there is a high risk of the MSS using the guest Wi-Fi to gather intelligence on a hotel guest, who is considered a target to the CCP. The guest Wi-Fi can be a vulnerability, because it is not always closely monitored by the hotel security department. There is also a high risk of cyberattacks conducted by state-backed hacker groups by breaching a Point of Sale (POS) system to gather Personal Information (PI). POS systems are hard- and software that accept payments from customers and are very vulnerable to hacking because it gives direct access to PI. Through the POS system the hacker groups can gain access to the network of the hotel, which can result in access to other hotels in the world who are part of the chain.
There is a high risk of the MSS keeping Chinese hotel guests under surveillance by hacking Internet of Things (IoT) systems with Chinese technology. IoT devices are pieces of hardware, connected to the hotel’s network. It transmits data over the internet to its endpoint. This can be exploited by hackers as another access point. Especially when the hardware is made with Chinese technology.
Looking forward
The hotel chains can take measures to make guests of hotel chains more resilient against espionage activities performed by the MSS. Since the EU regulation for investments screenings does not always cover the hotel sector, the board of management of hotels should conduct detailed examinations of Chinese investments to understand their purposes and potential risks. This includes investigating their business partners for any connections with the CCP or the MSS and evaluating their intentions.
Second, the hotel chains should be careful with choosing their technological devices, particularly those connected to the internet (IoT). It is crucial to understand the vulnerabilities associated with these technologies and the potential risk they pose. Two steps the hotel chains can undertake are conducting risk assessments on all the devices of the hotels and checking the background of the company selling the devices.
Lastly, hotel guests themselves should be looking into the hotels they are staying at. When staying at a hotel that has Chinese investors, the risks named above should be considered. However, guests can avoid using guest Wi-Fi and the IoT devices. In addition, stays can be paid in advance, avoiding using POS systems.
A disclaimer that should be pointed out is the balance between doing safe business with China for hotel chains, whilst not becoming a target for espionage. This is an issue that the Dutch government also struggles with. The balance is hard to find, which makes it difficult for hotel chains to protect their business. However, not every Chinese investor has the intention to support the CCP with spying activities. Hotel chains should be aware of the risks, when engaging with Chinese investors and take mitigating measures to reduce the risks as much as possible.