Russia’s war in Ukraine. The creation of parallel institutions like the Shanghai Cooperation Organization (SCO) and the Belt and Road Initiative (BRI) led by the Chinese. Both are examples of the U.S.-led unipolar world transitioning to a multipolar world defined by great power competition.
This shift in the international landscape raises security concerns as countries like Russia and China enter direct competition with the United States. This competition will not occur on a singular plane but most likely across multiple domains – economic, diplomatic, cyber, and technological – and undeniably affect the military. One example from a report by the Center for Strategic and International Studies notes that between 2000-2020, there were 160 reported cases of Chinese espionage against the United States and 1,000 cases of intellectual property theft. Within that, 85 percent were cases “involving Chinese agents trying to acquire U.S. military and commercial technologies.”
This week, Overwatch analysts look at some historic vulnerabilities facing U.S. military installations, domestically and abroad, to understand how adversarial nations may be attempting to gather intelligence on the United States’ critical military infrastructure. One of the biggest challenges when researching historical or potentially existing vulnerabilities facing U.S. military installations is the lack of data released by the Department of Defense (DoD). This information is naturally protected for national security reasons. Publishing current or past vulnerabilities, or tactics used to exploit them, can inspire adversarial nations to exploit them. With that limitation in mind, analysts looked at publicly available and historical reporting on the topic.
Base Comparison
Domestically, the United States has roughly 450 to 500 military bases spanning all 50 states. When expanded to the U.S. military’s foreign footprint, the number increases to roughly 750 bases in approximately 80 countries. The map below highlights the position of these foreign bases.
Adversarial nations comparably have less. Russia has approximately 20 overseas bases, and China is estimated to have one foreign military base in Djibouti. The map below shows the comparative presence of the U.S. military in comparison to Russia and China.
Vulnerabilities Continue to be an Area of Concern
While bases and installations are a source of power for the United States, they are a desirable target for adversarial nations. The U.S. has several historical sources of vulnerability, ranging from open-source information, data breaches, apps, technology developed by countries like China, business/land purchases by adversarial nations, and human intelligence collection techniques.
Open-source vulnerabilities facing U.S. military installations vary from applications used by denizens of the base to satellite imagery and breached data. These sources provide adversarial nations with multiple ways to gather information about critical U.S. military infrastructure and service members. A simple search for sensitive U.S. military installations, such as Area 51, supplies aerial views and pictures from March and April 2022. Using ESRI’s Wayback machine, it is even possible to view the construction and internal operations of more recently constructed installations.
Even more concerning was a 2018 incident involving the fitness app Strata. The app charted users’ exercises, supplying routes and patterns of life information that could be leveraged to target their users. Due to the app‘s prevalence among service members, there was concern about identifying military members abroad. A series of Twitter threads from this time used the app to quickly identify U.S. service members serving in sensitive areas, like bases in warzones such as Afghanistan, and even alleged CIA “black sites.“
Since then, the app has seemingly fixed this problem. However, the historical data remains, and the possibility that future applications may reveal the same vulnerabilities is a definite possibility.
Somewhat connected to vulnerabilities caused by application data is the threat of breached data released on the deep and dark web. A cursory search of email domains such as Army.mil, Navy.mil, DoD.mil, and CIA.gov resulted in thousands of breached emails and associated passwords, many of which were linked to names of individuals whose online presence could be further developed.
*Analysts did not include photos of this data, given its potentially sensitive nature.
Engrained Tech Infrastructure
The second vulnerability source is Chinese-owned tech infrastructure used by service members or near U.S. military installations. The placement of technology used to intercept communications near military bases is not new. In 2014, for example, the CEO of ESD America, a company specializing in highly secure cell phones, charted out several false cell phone towers near U.S. military installations.
The best example of this vulnerability is the telecommunications company Huawei, which was banned in the U.S. in 2019. The company continues to be unsuccessful in lifting the ban even with the introduction of new technology. As early as 2018, the Pentagon banned the sale of Huawei phones on military bases. However, this did not stop the company‘s alleged attempts to spy on the U.S. military. Huawei partnered with multiple local network providers in the United States, placing communications infrastructure near critical U.S. military locations, including a U.S. nuclear arsenal. The map below shows examples of some networks using Huawei technology and their proximity to U.S. military infrastructure.
Despite the bans and investigations, the problem persists. According to a July 2022 report by Politico, small telecoms networks, many of which are in rural areas near U.S. military infrastructure, remain in place due to the expense of removal and repair. This means many of these vulnerabilities are still active and will continue to pose a threat until the issue is fully addressed.
The purchasing of businesses and farmland provides bases of operation and operational cover for potential intelligence operatives from adversarial nations. The acquisition of American farmland and western businesses by adversarial nations, like China, poses an economic threat. However, it also poses a potential threat to U.S. military infrastructure.
For example, in 2022, a Chinese company, the Fufeng Group, purchased 300 acres of farmland 20 minutes from Grand Forks Air Force Base in North Dakota. The purpose of the purchase was allegedly to create a corn processing plant. However, its closeness to the base, which specializes in drone technology and housing a “new Space Networking Center,” has some concerned that the factory could be used to surveil drone and satellite transmissions.
In addition to land purchases, investment in businesses utilized by U.S. citizens could allow espionage on service members who use the app. For example, according to the U.S. Department of Justice and Treasury Department, when the dating app Grindr was acquired by a Chinese investment firm Kunlun Tech, it posed such a risk. Though the app claims no data was ever released, the U.S. government demanded the Chinese company sell its stake in the application in 2020. The same story played out with TikTok, which was banned from government and military service members’ phones due to national security concerns.
Despite best efforts, the pace of technological development and the economy generally means that more businesses tied to adversarial nations will gain access to service members and military installations physically and through the digital domain. Due to the time it takes to evaluate their threat and the number of apps that need to be assessed, it is likely that companies owned by adversarial nations may be able to exploit sensitive data related to U.S. military personnel.
Human intelligence collection is one of the oldest forms of information gathering. The media tends to focus more on high-profile politicians and individuals who are seduced by female and male spies in operations called “honey pots.” This was the case with a Chinese spy associated with Representative Eric Swalwell, a House Select Committee on Intelligence member, or Russian spy Maria Butina, who was attached to multiple high-level Republican officials. But this is not always the case. The threat to a member of the U.S. military or someone with access to classified military information is genuine.
In November of 2022, a former U.S. Army helicopter pilot and government contractor pled guilty to spying for China. He was recruited by a female intelligence officer with whom he began a relationship. However, not all these operations are sexual. In September, the U.S. charged former Army reservist Ji Chaoqun with spying for the Chinese. Chaoqun was recruited while studying engineering in Chicago and instructed to join the reserves in the hopes of getting U.S. citizenship and gaining access to classified information, according to reporting on the incident. While these more traditional cases highlight a concerning problem, perhaps even more alarming is the ease with which this can be done almost entirely digitally by utilizing social media to reach out to potential assets. This puts those that proudly display their position and status in the field of national security at risk. Even less sophisticated than the above examples have been attempts by alleged spies for China posing as diplomats or tourists to access U.S. military installations in 2019 and 2020.
While exact figures on the number of successful or attempted recruitments of U.S. military personnel are not reported, the above stories prove that it is a tactic being actively used by U.S. competitors and focused on infrastructure and commercial businesses tied to the U.S. military.
U.S. military installations in foreign countries also have vulnerabilities that adversarial nations can exploit. While the U.S. has more control and ability to surveil domestically, in foreign countries, U.S. forces depend upon host countries or partners to assist in maintaining security. For example, in 2021, it was announced that Japan would start taking a closer look at land purchases near U.S. military bases to diminish the ability of adversarial nations to collect intelligence on the United States. While we will not go into deep detail during this brief, four specific instances of attempts to gather intelligence regarding U.S. military installations in foreign countries help shed light on the threat.
In 2021, eight individuals associated with the Russian mission to NATO in Brussels were expelled. It was discovered that these eight individuals were undeclared Russian Intelligence Officers. Then in 2022, Maria Rivera, AKA Olga Kolobova, was discovered to be a Russian spy living in Italy. Through social and organizational connections, she gained access to several NATO officials in Rome, including a member of the U.S. Navy. In April, following the release of data on Russian FSB agents by Ukrainian intelligence, it was discovered that two individuals posing as lieutenant colonels in the Russian Army had used their cover as observers of the Organization for Security and Cooperation in Europe (OSCE) to spy on U.S. military infrastructure in Latvia. Finally, in November 2022, the FBI, in partnership with Swedish State Security Forces, arrested two Russian spies living in the country for almost 30 years. The couple was believed to be in the country and were identified when it came to light that they were surveilling U.S. military assets.
Operating critical defense infrastructure in a foreign country will never be 100 percent safe. Foreign defense systems suffer from many of the same vulnerabilities as domestic military installations highlighted above. However, awareness of past incidents helps highlight the importance of partnerships with host countries and the standard operating procedures of those hoping to exploit this vulnerability.
Our Assessment
Overwatch analysts assess that as competition between the United States and its near competitors increases, the desire to find vulnerabilities and collect intelligence on critical U.S. infrastructure will also elevate. These attempts will likely look to collect information using several, if not all, of the tactics outlined above. As a result, we will likely see the U.S. military and government take several actions to moderate this risk. We will also likely see more guidance released by the DoD regarding the use of apps, further government oversight in land and business purchases, increased vetting of foreign diplomats and members of the U.S. military, and increased coordination with countries hosting U.S. military bases.
It will be imperative for individuals, especially those working in organizations and businesses tied to national security, to do their proper due diligence on companies and individuals they associate with and the apps they download on their phones. Proper open-source research techniques and literacy are not only good tools for offensive intelligence gathering, but they are also imperative for lowering the chance that an intelligence official from a hostile nation exploits an individual.