Tuesday, 22 July 2008

Shanghai Surprise

I've been trying to make some sort of sense of this weekend's oddest political story, the loss by a prime-ministerial aide of his BlackBerry at the hands of a Chinese sexy superspy/ prostitute/ random unattached young woman/ whatever during a trip to Shanghai.

According to the Sunday Times, the aide was "picked up by a Chinese woman who had approached him in a Shanghai hotel disco. The aide agreed to return to his hotel with the woman. He reported the BlackBerry missing the next morning." This presumed theft, said an unnamed "senior official", had "all the hallmarks of a suspected honeytrap by Chinese intelligence."

It would seem that about a dozen Downing Street staffers had gone to the disco where "a lively party with several hundred young people was in full swing." A "security official", who might or might not be the "senior official", described the function as "apparently a lot of fun, there was quite a bit of dancing with lots of people on a big crowded dance floor." The spook described the aide's behaviour as "in these circumstances" unwise, adding: "Nobody knows exactly what happened after they left. But the next morning he came forward and said: 'My BlackBerry is missing.'"

It's not just 9/11 truthers with too much time on their hands who go in for conspiracy theories, obviously. Or maybe the "senior source" is rather too keen on spy thrillers. A Downing Street spokesman was anxious to play down the incident, saying that "an investigation had established that there was no compromise to security" and disputing the circumstances in the ST article. And a spokesman for the Chinese foreign office denied everything - no surprises there - claiming that "the relevant report was created out of thin air".

But even castles in the sky have ramparts and crenellations. The ST went on to consider the case in the light of the possibility of hacking into the Downing Street computer system via the BlackBerry, the government's history of embarrassing data losses (usually, though, they involve the personal details of members of the public), and remarks last year by MI5 director Jonathan Evans, that "China was carrying out state-sponsored espionage against vital parts of Britain’s economy, including the computer systems of big banks and financial services firms."

The printed version in the Mail on Sunday, which differs slightly from that on their website, adds a few more details which only add to the confusion. The party was, apparently, organised by Sir Richard Branson, who was one of about 25 business leaders accompanying Gordon, and took place at the Attica Club. According to this version, the aide the next morning "realised he had left his jacket, and BlackBerry, at the club. British diplomats rushed to the club and found the jacket, but the device was missing". Which makes it sound even more like boring old phone-theft.

But we also learn from the Mail that "Britain's security forces had warned Mr Brown and his team of the danger posed by Chinese agents. As a result, No 10 officials were ordered not to use their usual mobile phones in case the Chinese listened in or hacked into confidential information..." So their minds were primed to expect espionage, which may be why they over-interpreted what happened. Two more morsels from the MoS: "The man has said that they did not have sex, nor did the woman go to his room" and that "several people had raging hangovers in the morning"; and (no surprises here) Gordon Brown himself was not at the party.

Guido, today, helpfully named the aide as Michael Jacobs, a former general secretary of the Fabian society who is currently one of Gordon Brown's economic advisers with special responsibility for climate change. He's married, at least for the time being. Jacobs is a loyal Brownite, which might explain why he received the mildest of rebukes over the potentially serious security breach.

We also learn from that impeccable source that several leading journalists were at the party, including Benedict Brogan, Andrew Porter and George Pascoe Watson. I had a sneaky at Brogan's blog for that month, looking for clues. Not much to report, though he refers at one point to a colleague's attempts to evade "the Chinese securocracy, members of which minded us so closely during our stay in Beijing and Shanghai." Porter says nothing.

Several things about the story as told in the Sunday Times don't quite add up. Like how, if Jacobs left the BlackBerry in his jacket at the club, the theft is being blamed on the girl - honeytrap or otherwise - who presumably was with him, rather than the jacket, at the time the device went missing. Or why the dastardly Chinese, if it was an intelligence op rather than a random theft, didn't just borrow the BlackBerry for a couple of hours, rip all the data, and return it safely to Jacobs' jacket pocket before anyone noticed it was missing.

The usual rule in such cases is cui bono?, but it's difficult to see how anyone benefits from this little tale. Certainly not the aide, who gets to look like a complete prat, a security risk, and a really bad husband. Not the government, that reveals itself as stuffed with people (senior people at that) who not only have a cavalier attitude towards sensitive data, but who also use official prime-ministerial tours as an opportunity to go out and get slaughtered in nightclubs, quite possibly screwing around as well. Not the Chinese (unless they're pitching to be the main location for the next Bond movie). And not the press, who have presumably been sitting on this rather large story for months, assuming Guido is right about the guest list.

The Sunday Times, which seems to have broken the story, stated that the aide's identity "is known to" them. This is usually code for "he's the guy who told us", of course. But that only adds to the confusion. A possible clue crops up towards the end of the article, however:


Last week it emerged that US intelligence and security officials were debating whether to warn business people and other travellers heading to the Beijing Olympics about the dangers posed by Chinese computer hackers. Joel Brenner, the US government’s top counter-intelligence official, warned: “So many people are going to the Olympics and are going to get electronically undressed.”

This appears to be a reference to a report in the Wall Street Journal on 17th July. This states:

U.S. intelligence and security officials are concerned by the frequency with which spies in China and other countries are targeting traveling U.S. corporate and government officials. The Department of Homeland Security issued a warning last month to certain government and private-sector officials stating that business and government travelers' electronic devices are often targeted by foreign governments. The warning wasn't available to the public.

Among the techniques worrying the Americans was "wirelessly inserting spyware on BlackBerry devices", as well as "a new technique dubbed "slurping" that uses Bluetooth technology to steal data from electronic devices." Brenner highlighted the case of a computer security expert who arrived in China with a new hand-held computer and discovered, when he reached his hotel, that several programmes had been surreptitiously inserted during his trip. The report goes on to detail the precautions that American companies have begun taking on Chinese trips, and carries the obligatory denial from a Chinese official spokesman, describing the charges as "entirely fabricated and seriously misleading."

A confidential report was drawn up last month by the US Deptartment of Homeland Security. It was, says the WSJ, "shortly after reports that a U.S. government laptop may have been hacked during a December trip to China by the U.S. Commerce secretary."

The Associated Press had reported on 29th May that an investigation was ongoing into this incident, which involved a computer being "left unattended" during talks in Beijing. Few details are given, but we are told that several govenment departments, including the Pentagon and the State Department, have suffered from electronic intrusions "blamed on China" during the past two years. Parts of the Commerce Department have even been isolated from the Internet as a precaution.

Unless this is all a remarkable coincidence, I think the best explanation why the Jacobs story emerged this week lies in the US connection. Alert to US precautions, some British journalist decides to go after what looks like an equivalent UK incident, and what sounds like a random theft from a man who has left his jacket behind in a nightclub, his brain addled by drink and lust, gets spun into a glamorous tale of sex, espionage and the coming electronic Cold War with China. But the American incidents are high-tech, geeky, reliant on Bluetooth technology and sophisticated malware attacks. The British story is quite different: it has more to do with James Bond than any plausible account of a Chinese intelligence operation. Perhaps it flattered Jacobs' ego to imagine that he was singled out to be the target of a honeytrap operation. I suspect he was just a prat who got drunk, got his leg over, and had his phone nicked.

1 comment:

valdemar said...

'Er, I got pissed and somebody nicked a nice bit of kit the taxpayer bought me.'

'Right Bond, you irresponsible immature tit - here's your water pistol, your Clarke's Pathfinders with hidden compass in the right heel, and two cans linked by a bit of old string.'

Isn't the simple message that, if you have adventures in foreign parts (oo-er) nowadays, a virus check should extend to more than your biological hardware/software?