Is U.S. Counterintelligence Up to the Task of Protecting America’s Secrets?

Inside the government’s increased efforts to keep China and Russia from undermining the nation’s spy networks.

One weekday a decade ago, Chinese security officers entered a government office, pulled one of its employees out into the building’s courtyard, and shot him dead, The New York Times reported in 2017, citing three former U.S. officials. The chilling execution, the article said, was meant as a warning to others who might think of betraying their country. Beijing dismissed the report as a “purely fabricated story.”

The alleged incident was part of a roll-up of the CIA’s spy networks in China in which at least 30 CIA assets were executed, according to Foreign Policy. It will take years to rebuild the networks—unless the Chinese security services keep taking them apart.

In October, Russian intelligence launched a massive cyberassault on thousands of the U.S. government’s IT systems, American businesses, and research institutions, four months after President Joe Biden warned Vladimir Putin to deescalate tensions. The episode comes on the heels of Russia’s SolarWinds hacking late last year, which included the computer networks of the Departments of Homeland Security, Defense, State, Commerce, and Treasury. Microsoft reports some 23,000 hacks from Russia alone in recent months—in contrast with 20,500 attacks from “all nation-state actors” over the previous three years.

Equally disconcerting, the FBI arrested the naval engineer Jonathan Toebbe and his wife, Diana, last month for attempting to sell nuclear submarine secrets to a foreign country. Highly educated, dual income, and the parents of two school-age children, the couple seems to have been motivated by money, typical of most American turncoats.

Simply put, it’s open season on America’s secrets by hostile powers. These cases are just a sampling. The number keeps rising. Of the 160 publicly reported instances of Chinese espionage against the U.S. since 2000, 24 percent occurred between 2000 and 2009, while 76 percent were launched between 2010 and 2021, the Center for Strategic and International Studies has found. And over the past 22 months, there have been 22 publicly reported cases of Chinese espionage. At least six American citizens were involved. Four U.S. ex-intelligence officers have been handed lengthy prison sentences in the past two years after being caught spying for Beijing. “The FBI opens a new China-related counterintelligence case nearly every 10 hours,” FBI Director Christopher Wray said last year.

An indication of just how serious America’s foreign intelligence vulnerabilities are, The New York Times has reported, can be found in a top-secret cable last month from CIA headquarters to all stations citing major losses of overseas informants and calling on case officers to place more emphasis on security and vetting when recruiting informants.

All of which leads to a sensible question: Is America at the mercy of its adversaries, unable to safeguard its secrets, protect informants, or even rein in a nonstop stream of loyalty-fluid Americans with top-secret clearances and no compunction about selling out their country?

Marc Ruskin, a retired FBI special agent with 20 years of experience in undercover work and the author of The Pretender: My Life Undercover for the FBI, told me the FBI’s counterintelligence people are highly capable, resources are adequate, and tradecraft is solid, but the Bureau is sometimes hobbled by “a hidebound upper management that is overly cautious and focused more on their careers than on positive outcomes.” They are risk avoiders who are aware that “just one failure and they’re toast,” he said. Nonetheless, the FBI is up to the challenge of catching amateur spies like the Toebbes. According to Ruskin, “All they know about tradecraft is what they read in John le Carré’s books. They’re just not as smart as a highly trained team of 25 FBI agents.”

As for overseas intelligence operations, a former senior CIA case officer told me, “Espionage is a very unforgiving business.” Recruiting and protecting informants is high risk, and failures are common, a cost of doing business in the spy-versus-spy realm. He described the CIA cable to all stations as “not out of the ordinary.” Headquarters was merely informing employees that they would be “pivoting to great power competition and need to up our game.”

Human intelligence is the bread and butter of espionage, the case officer said. “There’s no substitute for agent meetings. We must look an agent directly in the eye. With counterintelligence technology, it’s gotten harder. We must tighten up and get better.” This includes retraining officers who recently served in war zones like Afghanistan and Iraq and making a “psychological shift” from the way things were done in conflict zones to how they are carried out in stable countries.

A former senior counterintelligence official agrees on the need to make both a psychological and tradecraft shift from wartime to peacetime service. “The war on terror degraded recruitment tradecraft,” this ex-official told me. “What works in war zones doesn’t necessarily work in Russia or China.” A major need for improvement is meeting the challenge posed by artificial intelligence, facial recognition, and other advanced technology that our adversaries now use to track intelligence officers. “Autocracies are also able to monitor internet communications more closely” than democratic governments, he added. China, for example, “owns encryption mechanisms and can easily identify IP addresses when narrowing in on perpetrators.”

He said the Chinese roll-up of the CIA’s spy networks could be attributed to an insider mole or, more likely, penetration of CIA secure communications, as has been reported—though three American ex-intelligence officers sentenced to long prison terms in 2019 for passing classified information to the Chinese could also be responsible.

As for Americans out to sell official secrets, this official said, “the good news is that we are catching them. The bad news is that there are more of them out there. This is less about our effectiveness at counterintelligence than it is about the width and breadth and persistence of the threat.”

The former counterintelligence official also stressed the need to greatly improve cyberdefenses to block attacks from Russia, China, North Korea, and other adversaries and make them pay a price as well.

Nicholas Eftimiades, a retired senior U.S. intelligence officer and an expert on Chinese espionage, holds a less sanguine view regarding America’s domestic counterintelligence capabilities. “Considering the volume that’s going on, how many times has the FBI gotten them? Precious few,” he told The New York Times. “There’s no way you can staff up to be able to contend with this type of onslaught.”

But the Biden administration isn’t taking it lying down.

Officials assert that they are working vigorously to defend the U.S. from cyberthreats, including by taking measures to disrupt Russian ransomware gangs. The administration has elevated ransomware attacks to national security threat level since the May attack on Colonial Pipeline, which resulted in widespread gasoline shortages in the southeastern U.S. Furthermore, it is assigning more people to manage the government’s cyberoperations and putting tighter security in place.

In response to Russian hacks, the White House announced a series of deadlines for government agencies and contractors to strengthen security procedures aimed at making them harder targets for foreign hackers. And the CIA announced last month the formation of a new China Mission Center whose task, in the words of Director William Burns, is to “strengthen our collective work on the most important geopolitical threat we face in the 21st century, an increasingly adversarial Chinese government.”

Those mechanisms work in conjunction with the Department of Justice’s China Initiative, which was launched three years ago to alert corporations and academic institutions to the threat of Chinese active measures to steal intellectual property and trade secrets.

Time will tell whether the administration’s increased efforts to counter growing, brazen, and massive efforts by China, Russia, and other adversaries to purloin America’s secrets and undermine its spying operations will succeed. Security breaches and compromised espionage networks have been egregious in recent years, posing a serious ongoing threat to U.S. national security. The White House has its work cut out for it.

Our ideas can save democracy... But we need your help! Donate Now!

James Bruno

James Bruno is a Washington Monthly contributing writer and former U.S. diplomat. Read his blog, DIPLO DENIZEN, and follow him on Twitter @JamesLBruno. The opinions and characterizations in this article are those of the author, and do not necessarily represent official positions of the U.S. government.