National Security National Security

What you need to know about it in order to learn from it and protect yourself

Not surprisingly the recent guilty plea by Singaporean national Jun Wei Yeo, aka Dickson Yeo, for working as an illegal agent of a foreign power for China in the United States has received considerable media attention. What is surprising to veteran spy handlers and intelligence operatives is that many of the media reports and many commentators seem to convey that what Yeo was doing, and how he was doing it, is something new or somehow unique. The fact is, the tradecraft Yeo used to conduct his activities has been used for decades. Tradecraft is the word used in intelligence for the techniques and methods of conducting espionage or, as we said at CIA, how to recruit spies and steal secrets. In this case, Yeo’s actions fall squarely into the classic modus operandi of the Recruitment Cycle: spot, assess, develop, and recruit with the added flair of a “false flag”, where the true recipient of the information was the Chinese government whereas, Yeo was Singaporean and claimed to represent “clients” in East Asia.


Websites where jobseekers can post their resumes, including whether or not they have security clearances, have existed since the mid-1990’s. Accordingly, the ability to exploit that information and efforts to do so have been on-going since that time. As more and more such job sites, professional networking sites, online headhunters, and social media have become prevalent, so too has the amount of information available to identify and contact potential targets.

According to the Department of Justice (DOJ) official statement on the plea, Yeo was “using career networking sites and a false consulting firm to lure Americans who might be of interest to the Chinese government.” Allegedly, Yeo used LinkedIn to mine information regarding individuals’ backgrounds and security clearances and to collect their resumes. He reportedly received over 400 resumes from US government employees and members of the military, 90% of whom had security clearances. Much of this information was sent to the Chinese intelligence services, including the People’s Liberation Army (PLA) and perhaps Ministry of State Security (MSS), who sorted and recorded all of the data. The data likely was also cross-referenced with information stolen in the 2015 Office of Personnel Management (OPM) data breech. Individuals that were identified as having access to information that would fill China’s intelligence gaps- that is, who could provide information considered vital to the Chinese leadership, military, and national security establishment, were contacted under the guise of opportunities for positions as consultants.


It can be assumed that after contacting persons of interest, under the guise of determining whether they were a good candidate for a ‘consultancy’, Yeo interviewed the individuals in order to gather more information on their ability to provide information of interest. More crucially, these interviews would have been designed to uncover any vulnerabilities which may make the person susceptible to providing classified or other protected information and ultimately to formal recruitment as a controlled source. Yeo would have asked questions to determine any financial difficulties, potential ideological sympathies, or ego issues that could be exploited and that would be used to guide the steps to take in his recruitment efforts.

All of this can be done innocuously enough with questions such as: Can you elaborate on your position and responsibilities at your current and previous jobs? What are your particular areas of expertise? How would you say your abilities compare to those of your colleagues? Do you receive the training and support you feel you need from your current employer/boss? If you were to experience personal or other difficulties, would your employer assist you or terminate you? Why are you looking for work and what do you want out of this consultancy? How important is compensation to you? What do you know about the history and culture of China? How important do you think an increased understanding of one another is in improving relations between the United States and China?


Once meeting in person with those that were willing to do so, Yeo will have worked to build a level of rapport and trust with the targets and continued to assess their character, willingness to provide information of interest, and further probed their motivations for working with him and likelihood of taking them to the next level. He will have established a personal connection, been a sympathetic ear for their concerns and shown himself as a means to assist with their problems- be they financial, emotional, or both, and stroked their ego.

It is at this point, if they seemed willing, Yeo will have also made his first direct requests of his targets. Having assessed their motivations and vulnerabilities, and playing on those, Yeo will have asked his contacts to write something on a topic of interest. This “tasking”, the intelligence term for requirements given to a contact or source, would have been to write an unclassified analysis or informed opinion on a topic about which the target has knowledge and would tend to contribute to filling an intelligence gap. In this commercial ops scenario, the contact would be told that their submission would be shared with a think tank, fellow consultant, or business contact of Yeo’s- vice with a foreign government or intelligence service. There would, of course, be an agreed fee for this service. A truly savvy operator would tell their contact that the more in-depth and detailed the article, the greater the compensation will be.


Having induced a U.S. Army officer, and several others by this point in time, to provide papers on topics of interest and to accept remuneration (spy-speak for payment or compensation), Yeo was prepared to execute a classic move. He was going to take them from what they may have told themselves was a good business deal and easy money- what is called a “fig leaf”, where one justifies to themselves that they are not really doing anything wrong, to full on espionage. He had taken them over a line they never should have crossed and now had them “on the hook”. They had gone too far and would fear turning back.

Reportedly, Yeo was scheduled to meet the U.S. Army officer shortly after Yeo’s return to the US in November of last year, at which meeting he was going to formally “pitch” the officer to collaborate as a source for Chinese Intelligence. This would have been a significant step. A pitch in this context would be an overt request to “wittingly”, or knowingly, work on behalf of a foreign government against the United States. Fortunately, it seems Yeo was arrested before he was able to take any of his targets to this stage of the Recruitment Cycle.

Nothing new:

These steps that Yeo took are neither unique nor new. Not only have they been used for decades by the likes of the CIA, British Secret Intelligence Service (SIS) aka MI6, Israeli Mossad, Russian Foreign Intelligence Service (SVR), and others but also in documented cases by Chinese Intelligence right here in the United States.

Photo Credit: Screenshot of Dickson Yeo LinkedIn Profile

Former CIA officer Kevin Mallory, who was arrested in June 2017, was first contacted by Chinese Intelligence on LinkedIn. He also was offered a position as a consultant for a think tank. Despite his reservations that he was actually meeting with Chinese Intelligence officials, he provided classified information.

Going further back, according to a DOJ public statement, Ron Rockwell Hansen, who was arrested in June of 2018, admitted in his plea agreement that in early 2014 “agents of a Chinese intelligence service targeted him for recruitment, and he began meeting with them regularly in China.”

Much earlier than that, in 2010 Jerry Chun Shing Lee, a former CIA Case Officer, aka Operations Officer, was recruited by the Chinese and provided them national security information, including about sensitive operations against the Chinese, true names of assets- that is, Chinese nationals risking their lives to inform CIA, intelligence those assets provided, as well as meeting locations, phone numbers, and information about covert facilities.

Should have known better:

While effective, Yeo was not particularly adept or polished. Former US Army Counterintelligence Officer Stephen Preston recently posted his “cautionary story” on LinkedIn in which he notes that last year, while a graduate student, he received LinkedIn messages from Yeo. Preston assessed Yeo was a weird guy and blew him off. While it may not have been obvious at the time that Yeo was working on behalf of the Chinese, clearly for Preston, Yeo did not pass the “sniff test” and his hackles were raised. As Preston said in a latter post, “I think this is an excellent lesson for all of us.”

The point is that the hackles must have also been raised for the individuals that Yeo successfully drew over the line to provide classified information. They are reportedly a U.S. Army Officer, an individual working for the U.S. Air Force, and a Department of State employee. There are procedures in place meant to prevent government officials and military personnel like these from falling prey to these types of approaches. Not to blame the “victims” but there is no doubt that all of them were aware of the secrecy agreements they signed as part of maintaining their security clearances and that they received periodic briefings on approaches. Moreover, to take an outside position, even as a consultant, would require approval of the government organization for which they worked or the military command. This too would have been known by all of these individuals.

As with the other cases referenced earlier in this article, the individuals involved were not always specifically told that they were working for Chinese intelligence but each of them admitted they knew without being told that was in fact who was receiving their information.

The Questions this raises:

Why were these individuals susceptible and why did they ignore what must have been the obvious red flags? Why did they allow themselves to believe the “fig leaf” of a consultancy relationship which, though they accepted, they did not report to their employers?

While the details are not fully available for each of the recent cases, the U.S. Army officer told Yeo he was traumatized by his multiple tours of duty in Afghanistan. The State Department employee was having financial difficulties and was dissatisfied at work. The individual working for the Air Force was also having financial problems. A more detailed example in the earlier cases, Mallory had lost his job, was behind on his mortgage payments, and had $30,000 in credit card debt when the Chinese approached him.

While these situations will never be acceptable justification for compromising one’s nation, the next question we must ask is, what more can be done to prevent this from happening? It is possible that the US Army officer did not receive adequate support when he returned from his traumatic experiences in Afghanistan. In a culture, be it military or intelligence, where you are supposed to be tough and endure and push past all that happens to you and where, often, those that are deciding what to do with individuals who have suffered hardship have never themselves actually had the same experiences, it can be difficult to ensure proper steps are taken. As we used to say in the Agency, the person making the decisions about what one needs after returning from a tour oversees probably doesn’t even have a passport.

Financially, while there may be a perception that government employees are overpaid, they are often required by the location of their jobs to live in the expensive DC metro area where housing and other costs of living are high. They often struggle, particularly early in their careers, to make ends meet. More than that, if they should suddenly lose their job, they may find themselves stuck in an expensive area and where their skill set is either not as marketable as needed, as it can be difficult to convert their government skills to commercial requirements, or where there are a plethora of others that have the same skills as they do and it is tough to be competitive in landing a next job.

What can be done:

Of course, security briefings are crucial. But so too is understanding by security and support officials of what they can do to prevent someone finding themselves in a vulnerable position. There needs to be a cultural change where it is ok to say that you are struggling- emotionally or financially, and be afforded the resources needed to address those problems. If an employee has fallen into a bad place, they must receive the understanding and support of their organization. Too often security officers, for example, hone in on what they think may be a vulnerability and declare an individual unfit instead of rehabilitating them. While there are policies on paper, for example, that an officer returning from a tough tour of duty must see a psychologist, that does not always happen. And, when it does, they must be able to openly share their struggles without it negatively impacting their career.

On an individual level, employees and military personnel with access to sensitive information must be alert to the methods used to target them. Security protocols, though they may sometimes seem burdensome, often exist for a reason and came about in response to, and as a protection from, something that went wrong in the past. Had the individuals targeted by Yeo informed their security departments of their contact with Yeo or advised their superiors they were going to act as a consultant, in all likelihood they would have been prevented from providing the Chinese with compromising information.

What Yeo did at the behest of the Chinese was not new nor unique. Espionage is said to be the second oldest profession in the world. It has been going on for thousands of years and it will continue to happen. In an open age with easy access to information, individuals that may be potential targets of foreign adversaries must remain informed, vigilant, and alert to recognize if they are being approached. They must also follow appropriate security procedures. Finally, organizations must remember they are dealing with human beings that need to be cared for in order to prevent them becoming potentially vulnerable to recruitment.

Remember: If you suspect you have been the target of a recruitment scheme, contact your local FBI Field Office or report the approach to your organization’s security office. If you are pitched, hear out the pitch, firmly and clearly refuse it and immediately report it.