Month: January 2022

Over the weekend of January 22 – January 24, 2022, hundreds of residents in South Florida and San Francisco found antisemitic flyers littered in their yards and doorsteps.

The flyers focus on a conspiracy theory about how influential Jewish Americans control every aspect of COVID-19, naming high-profile officials in the CDC and pharmaceutical giant, Pfizer. The flyers read, “Every Single Aspect of the COVID Agenda is Jewish” and included a link for an antisemitic website— goyimtv.tv. The main theme of the goyimtv.tv website suggests that the Jewish people are master manipulators of the world and control all significant events.

As a result of the flyers, police departments in Miami and San Francisco are investigating. However, this isn’t the first time that the flyers have appeared in the U.S. Since November 2021, the flyers have appeared in various locations across the U.S. which include Maryland, North Carolina, Missouri, Vermont, and Texas.

For this brief, Overwatch focused on the uptick in antisemitism in 2021 and the website, goyimtv.tv.

Antisemitism Increased in 2021

According to survey data from the American Jewish Committee, an estimated 1 in 4 Jewish Americans was a victim of antisemitism in 2021. Forty-six percent of Jewish Americans participating in the survey also said antisemitism is taken less seriously than other forms of hate bigotry. Additionally, 22% of Jewish-American respondents said they avoid wearing items/clothing in public that identifies them as Jewish out of fear of antisemitism.

An Overwatch review of antisemitic attacks from December 2021 to January 24, 2022, found 11 incidents in the U.S. The incidents were in Pennsylvania, Florida, Missouri, Idaho, New Jersey, New York, California, and Texas.

1. December 1, 2021 — Hitler stickers are found at Dickinson College’s Jewish Center in Carlisle, Pennsylvania.
2. December 2, 2021 — An unidentified person hung an antisemitic banner on the Jewish Community Center in Homestead, Florida.
3. December 3, 2021 — The Chabad on the Plaza, a Jewish Community Center in Kansas City, Missouri, had its wires cut and plumbing ripped out by vandals.
4. December 6, 2021 – Unknown individuals vandalized tunnels with swastikas and antisemitic content. The tunnels are near the Anne Frank Human Rights Memorial in Boise, Idaho.
5. December 6, 2021 — A parking sign in the Adath Emanu-El Synagogue and Child Center parking lot in Mount Laurel Township, New Jersey, is vandalized with a swastika sticker, which read, “We are everywhere.”
6. December 6, 2021 — The door of the Temple Emanu-El synagogue in Miami Beach, Florida, was vandalized with a swastika.
7. December 10, 2021 — A group of vandals wrote a swastika into wet cement outside of a Brooklyn home. The NYPD is investigating it as antisemitic vandalism.
8. December 20, 2021 — Residents in Beverly Hills find fliers that blame COVID-19 on the Jewish people.
9. January 15, 2022 — Malik Faisal Akram takes hostages at the Beth Israel Synagogue in Colleyville, Texas. Hours later, he is killed by law enforcement on the scene.
10. January 20, 2022 — In New York City, a woman now identified as Christina Darling, told a group of Jewish Children in New York City, “Hitler should have killed you all” and then spit on them. The NYPD arrested Darling on January 22, charging her with a hate crime.
11. January 24, 2022 — A Yeshiva student gets punched in the face by an unknown assailant on Troy Ave and Carroll St in Brooklyn, New York. The Yeshiva student was dressed in traditional Hassidic garments.

Goyimtv.tv

Goyimtv.tv is an extremely antisemitic social media platform, espousing anti-Jewish views on things like COVID-19, the U.S. media, War on Terror, and many more topics. Goyim.tv has videos, articles, live streams, book recommendations, and more.

Based on Overwatch research, the most popular user on the goyimtv.tv platform is Handsometruth, an alias for the site founder, Jon Minadeo Jr., who lives in California. As of the publication of this brief, Minadeo Jr. has hosted 225 live streams on goyimtv.tv.

In his 225^th live stream, dated December 21, 2021, Minadeo Jr. begins his show by playing a video, which shows dozens of antisemitic flyers and stickers which were posted in Vermont. The following are just a few of the fliers that are shared in the live stream.

Overwatch note: The following content is offensive to the Jewish community and our purpose in sharing it is to show how these antisemitic groups spread their propaganda.

Analysts note: During the reign of Adolf Hitler, the Nazis repeatedly produced propaganda that compared the Jewish people to snakes, claiming they were not just poisonous, but cunning and untrustworthy.

Analysts note: The sticker says Europa the Last Battle, Neo-Nazi propaganda against the Jewish people. It is unclear where the QR code leads.

Analysts note:  This is the same antisemitic flyer that appeared in Florida, Missouri, Idaho, California, Vermont, and Texas.

Analysts note: The swastika that says we are everywhere correlates with the message of sticker that was placed on the parking sign at the Adath Emanu-El Synagogue in Mount Laurel Township, New Jersey.

A review of the comments in the live stream shows extreme and violent rhetoric like “burying Jews alive,” “let’s get the Jews,” and one screenname Overwatch identified was, “Jewgasser1488.”

One commenter in the antisemitic Livestream also mentions how people should donate to entropystream.live, which takes donations in Bitcoin.

Research done by the Anti-Defamation League shows how goyimtv.tv is an arm of the GDL, Goyim Defense League. Per the ADL, the GDL has been involved in many different antisemitic incidents in the United States.

Further analyst research shows that searches for content from goyimtv.tv appears on Facebook, Twitter, and Instagram, despite the monitoring policies the social media platforms have in place. Additionally, goyimtv.tv content is found in much larger quantities on websites like Bitchute, Gab, and Minds. Goyimtv.tv has accounts on both Instagram and Gab.

Analysts identified an active Twitter account belonging to Minadeo Jr. The account, @loaninberg, mentions the goyimtv.tv website in its bio has an antisemitic caricature as a profile photo. Minadeo Jr. Tweets make fun of the Jewish people and the Holocaust with the profile. Twitter would typically ban an account like this.

Analysts were able to correlate the profile belonging to Minadeo Jr., as he has a Vk.com profile that posted the same caricature with an animated backdrop of a Nazi concentration camp.

Vk.com, which is Russia’s version of Facebook, has a large network of antisemitic extremists on its platform.

Public records also show that Minadeo Jr. has a business called Handsome Truth Enterprises, which is registered in Sonoma County, California. Handsometruth13@gmail.com is the email address affiliated with Minadeo Jr. However, additional research into Handsome Truth Enterprises returned no other relevant information about goyimtv.tv’s antisemitic owner.

Our Assessment

Antisemitism and hate speech against the Jewish people will continue to spread across the U.S. in 2022, as individuals like Minadeo Jr. host platforms that push extreme anti-Jewish narratives and conspiracy theories. Minadeo Jr.’s Livestream had an estimated 300 people in it, some of whom donated as he shared his propaganda against the Jewish people. The size of Minadeo Jr.’s audience indicates that he is finding a sizeable amount of people that identify with his antisemitic messaging and are willing to contribute to his cause monetarily. With the lack of policing antisemitic content on notable and smaller social media platforms, individuals with beliefs like Minadeo Jr. will continue to build small followings and create antisemitic activism in their communities.

Additionally, Antisemitic activists like Minadeo Jr. cannot solely rely on their websites to build their audiences, so they will continue to resort to creating aliases on social media platforms to spread their narratives and recruit others to their movements.

Research shows that goyimtv.tv is hosted by Eranet International Limited, an entity based in China. Minadeo Jr.’s using a hosting server in China suggests sites like his can’t get hosting by traditional services in the United States.

With the escalation of antisemitism in the United States, Jewish places of worship may need to increase their security to mitigate potential risks. As many of the incidents from December 2021 to the present day include vandalism, synagogues and Jewish community centers may want to invest more resources into their surveillance and monitoring capabilities.

By October of 2021, data breaches in 2021 had already exceeded data breaches in 2020 by 17%. In addition, an estimated 49 million Americans were victims of identity theft, resulting in a loss of $56 billion USD. According to Identity Force, which focuses on identity security and protection, “1 in 6 Americans lost money to a scam last year.”

The most common methods used by cyber-criminals to steal identities came from three social engineering attacks — phishing, smishing, and vishing. A social engineering attack is when a bad actor uses methods of deception to steal a person’s data.

A phishing attack is a social engineering attack where the perpetrator sends out a malicious email, text, or instant message, with the primary goal of stealing an individual or company’s personal data. A smishing attack is when a bad actor tries to collect login credentials by sending out a malicious text message. A vishing attack is when a caller pretends to be from a company and tries to manipulate their victim to disclose their personal information.

Phishing, by far, was the most prevalent type of social engineering attack aimed at American consumers in 2021. For this brief, Overwatch analysts focused on phishing attacks and the steps consumers can take to mitigate the risk of becoming victims of a social engineering attack to steal their data.

Phishing Attacks

Phishing attacks have grown by 65% in the last year, partially due to the remote workforce growing and cyber-criminals developing more sophisticated methods to target potential victims.

According to a report from Check Point Software Technologies LTD, the following six companies are the most imitated brands in phishing attempts for the last quarter of 2021.

1. DHL – 23%
2. Microsoft – 20%
3. WhatsApp – 11%
4. Google – 10%
5. LinkedIn – 8%
6. Amazon – 4%

In 2021 phishing attacks impersonating DHL, the world’s largest logistics company, were likely higher than Microsoft due to the holiday season and consumers buying gifts. Many phishing attacks from DHL impersonators come from fake package delivery notices. According to DHL, scammers use emails, text messages, and fake DHL social media accounts to launch their social engineering attacks.

Phishing attacks on Microsoft were prevalent for Office 365 users in the corporate environment. One common phishing email that 365 users received might have looked like this.

There are several red flags within this email. The first red flag is the sender’s email address, info@newsletter.cbc.ca. Any email about a server error in Office 365 would come from Microsoft domain email. The second red flag is the spelling and grammar in the notification, “Your microsoft office 365 account has encountered a server error. Acess To Your Email will be Expired.” Then the message tells the Office 365 user to change or reset the password, which of course, we won’t do. However, the attacker also knows that many people will see this kind of email and only skim the details, seeing the Microsoft logo, that there was a server error, and they need to reset their password, which is why cybercriminals target so many Microsoft accounts.

In 2021, many WhatsApp users, an encrypted messaging app with two billion users, received a code on their phone, then a WhatsApp message from a person on the WhatsApp user’s contact list. The attacker would then ask the friend to share the code, providing the cybercriminal with access to their WhatsApp account.

Google Docs has over 2 billion users, and in 2021 Google users were targets that asked them to download a document. Security Magazine reports on a phishing attack that was used on Google Docs. “The attacker wants the victim to ‘Click here to download the document,’ and once the victim clicks on that link, they will be redirected to the actual malicious phishing website where their credentials will be stolen through another webpage made to look like the Google Login portal.”

With LinkedIn, a platform with 800 million users, 2021 phishing attacks came from fake accounts offering false job opportunities to users. LinkedIn users would receive messages from phishing accounts by using a LinkedIn user’s job title, then asking their potential victim to help with projects or for consulting. The message would include a malicious link that would lead them to a login page to steal their credentials or attempt to manipulate them to open a malicious file.

In late 2021, Amazon users were targeted by a phishing attack that spoofed Amazon order notifications. However, like the Microsoft 365 email mentioned above, comparing what an Amazon order notification looks like vs. the fake notification shows that the two don’t match one another.

No payment is confirmed on the actual Amazon order notification or note about rare circumstances.

Many other companies and brands were victims of phishing attacks in 2021, but for brevity, Overwatch covered the top six brands used by hundreds of millions of Americans.

Contrary to popular belief, cyber-criminals do not solely target elderly individuals and those who aren’t tech-savvy. Instead, Cyber-criminals target people and companies with vast amounts of information readily available for exploitation.

Cyber-criminals leverage current events and modern technologies to create more effective and convincing scams. This adaptability to modern technologies has become increasingly evident as cyber-criminals have targeted younger individuals by spreading phishing scams through Instagram, TikTok, and SMS messaging in 2021.

Likewise, during the COVID 19 epidemic, cyber-criminals took advantage of the crisis and targeted individuals, posing as hospitals, the CDC, in addition to federal and state health departments.

The following is a list of vulnerabilities that cyber-criminals look for in potential victims.

• Individuals who use their work email to conduct private business such as online shopping or signing up for various services.
• Remote workers using less secure home networks.
• Individuals who do a large amount of online banking and shopping put important personal information on the internet.
• Those active on social media, posting photos of their homes, vehicles, or vacations.
• People who work in energy, technology, critical infrastructure, or logistics management.

Steps You Can Take to Mitigate Your Risk of Becoming a Victim –

1. Keep your browser up to date.

As browsers release security updates, users need to stay up to date to keep their devices and accounts secure. Loopholes within browsers – which are often exploited by cybercriminals – are patched by updates. The most used browsers, such as Google Chrome and Firefox, can be updated manually by the user whenever an update is available.

2. Limit the connection between email addresses, usernames, platforms, and personal finances.

The more an individual uses an email address or username to access online platforms, the higher the risk of an incident. To compromise an account, cybercriminals attempt to identify the account’s username based on an individual’s email address. They will then attempt to enter the account with a variety of techniques such as brute force and credential stuffing. If the attacker can access the account and subsequently identify financial information therewithin, the outcome can be detrimental to the account’s owner.

3. Refrain from using business email addresses for personal matters.

In addition, the more an email address is used for online services, the more likely it is to be shared. Some online services enable a “voluntary” information exchange that is only disabled when requested by the user. If a user’s business email address is being shared amongst services, it creates vulnerability to the business. Socially engineered attacks, such as phishing or smishing attempts, can then be directed toward the entire company.

4. Create an alternative email address to use for products and services.

To protect personal information from association to email addresses and websites, it is recommended that users create alternative email addresses to conduct certain online activities such as subscribing to services and newsletters, or online shopping. Utilizing additional email addresses to separate sensitive data (such as financial information) from your personal identifying information will enhance your online security.

5. Think twice before clicking!

If a hyperlink within your email inbox or online feels fraudulent, there is a chance it is. Before clicking an unfamiliar link, utilize open-source URL analyzer tools such as “URLvoid” (https://www.urlvoid.com/). This tool will display abnormalities of the link and enable the user to make an informed decision before deciding whether or not to click.

6.   Use A Password Management Tool

Password management tools are an effective way to store many login credentials and help ensure that you don’t use a simplified password or the same password repeatedly. Threat actors identify common passwords by researching their victims and conducting brute force attacks on their accounts. Choosing a strong password with twelve or more characters can help alleviate such risks.

Our Assessment

Following the personalized phishing attacks cyber-criminals developed in 2021, Overwatch assesses criminal tactics will be more challenging to detect in 2022 and beyond. Cyber criminals will employ various increasingly complex tactics leveraging more notable brands, capitalizing on remote workers on less-secure networks and more intricate social engineering.

Cyber-criminals will continue to follow a pattern of targeting notable brands like Microsoft and others because of the number of users each brand has. In addition, as more people use encrypted-messaging applications, attackers will devise new phishing attacks to attack those platforms, as they did on WhatsApp in 2021.

Cyber-criminals will focus on exploiting people who share an excess of personal information online, posting photos or videos showing their homes, vehicles, jewelry, and forms of income.Remote workers working from their home networks may present additional vulnerabilities when using devices on less secure home networks.

As more people use encrypted-messaging applications, attackers will devise new phishing attacks to attack those platforms, as they did on WhatsApp in 2021.

The effects of these attacks do not stop at the level of the individual either. Such was the case with the Colonial Pipeline Ransomware incident in 2021 and the Twitter Bitcoin scam in 2020, where initial social engineering attacks at the individual level led to much larger events. In the case of the Colonial Pipeline incident, critical energy infrastructure was targeted and led to panic and hoarding of gasoline in the areas most affected and a $5 million payout by the company to the Russian-based hacking group responsible for the ransomware attack. With the relatively low cost of these attacks, high payout, and increased competition in cyberspace between state actors and non-state actors, Overwatch determines this type of progression from individual social engineering scams to larger-scale cyber-attacks will become more common.

Individuals who don’t practice healthy digital identity management will likely find themselves more susceptible to a social engineering attack like phishing in 2022. These attacks may have repercussions beyond themselves. Attackers will continue to exploit data broker websites, which list people’s personal information, including first and last name, address history, phone numbers, emails, relationships/associates, and use that data for a social engineering attack.

What EAG Can Do for You

At Echo Analytics Group, we teach our clients how to protect themselves digitally, mitigating the level of risk of becoming a victim of a phishing attack or identity theft crime. We review your digital footprint and online vulnerabilities for this process. This review will also provide much information on better protecting yourself and practicing healthier digital footprint management.

In addition, Echo Academy, our training division, which has trained thousands of professionals on OSINT, can teach you how to better protect yourself digitally in a virtual or classroom setting.

Ensuring you and your employees have the necessary training and support will be vital as the rate and magnitude of cyber-attacks increase in 2022 and beyond.

Ask us more about our services today.

On Wednesday, Iranian President Ebrahim Raisi met with Russian President Vladimir Putin in Moscow, Russia. In his meeting with Putin, Raisi expressed his desire to expand the relationship between the Russian Federation and the Islamic Republic of Iran and handed Putin a 20-year agreement for enhanced strategic cooperation between the two countries.

In Moscow, Raisi mentioned how Russia and Iran’s cooperation in fighting terrorism, which has occurred since 2014 with the war in Syria, offers other areas of collaboration. Raisi said, “This experience can create the prerequisites for its expansion and exploitation in other fields. In the present circumstances, it is possible to develop cooperation in the fields of economy, politics, culture, science, technology, defense, and military spheres, as well as security and space issues.”

Iranian Foreign Minister Hossein Amir-Abdollahian traveled with President Raisi to Moscow as part of his delegation and met with Russian Foreign Minister Sergei Lavrov. Abdollahian posted a photo of him, Lavrov, to his Instagram, which Overwatch analysts had translated from Farsi to English. The message reads, “There are many issues of strategic cooperation between Russia and Iran. We consider Putin’s Russia to be different than the U.S.S.R. Despite unilateral sanctions, there is a lot of commerce between the two countries. Other issues of mutual interest are investments and neutralizing sanctions.”

For this Overwatch brief, we analyzed the relationship between Russia and Iran since December 2019 and their cooperation in defense, technology, and militarily. Our research focused on identifying information that indicates how increased Iranian-Russian cooperation poses a significant national security threat to the U.S.

From December 2019 to Present

Military: On December 27, 2019, Iran, Russia, and China held joint Naval drills in the Indian Ocean and Gulf of Oman.

Defense: On December 27, 2019, Russia supported Iran by rejecting an UN-approved Iran Arms Embargo extension.

Defense: On December 30, 2019, Russia and Iran jointly condemned U.S. airstrikes in Iraq and Syria, which killed members of Kata’ib Hezbollah.

Defense: On January 6, 2020, Russian Foreign Minister Sergei Lavrov said of the U.S. killing of Iranian Quds Force Commander Qassem Soleimani that the strike would have “grave consequences” for regional stability and that it was an “illegal military action.”

U.S. National Security: On April 21, 2020, the State Department reported that Russia, China, and Iran were pushing joint disinformation about COVID being a U.S. bioweapon.

Defense: On April 28, 2020, Russian Foreign Ministry spokeswoman Maria Zakharova supported the launch of Iran’s first military satellite and said that the action did not violate international law.

Military: On May 2, 2020, Iran’s Ambassador to Pakistan, Seyyed Mohammad Ali Hosseini, called for a new alliance of 5 countries, including Iran, Pakistan, China, Russia, and Turkey.

Military: On May 29, 2020, the Russian state condemned the U.S. for withdrawing from the Open Skies Treaty and for removing sanctions waivers from countries that do business with Iran.

U.S. National Security: On September 10, 2020, Microsoft reports that Iran, Russia, and China tried to disrupt the presidential election with cyberattacks.

U.S. National Security: On October 21, 2020, former Director of National Intelligence John Ratcliffe said that Russia and Iran obtained U.S. voter registration data.

Technology: On December 10, 2020, Iran called on the Russian state to develop a substitute payment system for the SWIFT international banking system, which is used by ten thousand banks worldwide. The substitute payment system would lessen the impact of sanctions on Iran.

Defense: On January 26, 2021, the Russian state joined Iran in demanding U.S. President Joe Biden lift economic sanctions if he wants to save the Iran Nuclear Deal and have Iran’s nuclear program remain within the rules of the deal.

Technology: On January 26, 2021, Iran agreed to use Russia’s Sputnik V COVID-19 vaccine, with plans to import and produce the product.

Technology: On January 26, 2021, Iran and Russia signed a cooperation agreement for cybersecurity. Iranian state media reports that the agreement focuses on, “strengthening information security, fight against the crimes committed with the use of information and communications technology, technical and technological assistance, and international cooperation including detection, coordination, and collaboration in regional and international organizations to ensure national and international security.”

Military: On February 16, 2021, Iran’s armed forces participated in a naval drill with the Russian Navy in the north of the Indian Ocean designed to increase maritime security.

Defense: On March 09, 2021, the Russian state encouraged the U.S. to revive nuclear deal talks with Iran but suggested the United States needs to end “the meaningless policy of maximum pressure on Iran.”

Technology: On April 13, 2021, Iran and Russia signed a cooperation agreement following the cyberattack on Iran’s Natanz nuclear plant. The details of the deal were not made public.

Defense: On September 17, 2021, The Shanghai Cooperation Organization agrees to grant Iran full membership in its organization. The Shanghai Cooperation Organization (SCO) is an international organization led by China, which consists of Russia, India, Pakistan, Kazakhstan, the Kyrgyz Republic, Tajikistan, and Uzbekistan. SCO member countries aim to build closer cooperation politically, economically, culturally, and in the area of security to stabilize their regions.

Military: On October 18, 2021, Iran’s Chief of Staff of Armed Forces Major General Mohammad Hossein Baqeri said that Iran and Russia would “strengthen” military cooperation and recognized Iran’s recent acceptance as a full member of the SCO.

Assessment

Moscow and Tehran’s militaries have worked together since Russia’s entrance into the Syrian Civil War in 2014. Initially, the relationship was based on military cooperation between the two countries to counter the United States (U.S.) and its western allies within Syria.

Overwatch analysts assess that Iran will continue to expand relations with Russia as Tehran views Moscow as a world leader to counter U.S. power and influence. The Russian and Iranian relationship will continue to expand beyond their respective militaries.

With Moscow’s resources, investments, and cooperation, Iran could potentially achieve cyber, economic, and technological advancements at a faster pace. A potential outcome of the cyber agreement between both countries is additional Advanced Persistent Threat (APT) groups targeting U.S. cyber interests.

As Iran achieves economic and technological advancements, it will provide financial support and military-grade resources to organizations like Hezbollah and numerous Shi’a extremist militias in the Middle East. Overwatch analysts assess Russia’s funding of Iranian development could indirectly contribute to attacks on U.S. entities, such as the recent rocket attacks on U.S. troops and bases in Iraq.

Further, as Overwatch assessed the relationship between Russia and China, Iran also seeks to limit the leverage of diplomatic sanctions by asking the Russian state to develop an alternative to SWIFT. Iran will continue to build its partnerships with Russia and China, seeking to erode U.S. influence and power, as Overwatch analysts determined in our January 6, 2022, brief.

On November 20, 2021, RT, (Russian-state media) interviewed Capitol Rioter Evan Neumann. Neumann, 49, is facing fourteen criminal counts for his involvement on January 6, 2021, in the Capitol Riots, the most severe among them — assaulting a police officer, engaging in physical violence on restricted grounds, and obstruction of law enforcement. [1]  

While most individuals who were arrested for their actions on January 6, 2021, remained in the U.S., Neumann instead fled to Eastern Europe. Mr. Neumann gave his interview to RT [2] while in Belarus, a dictatorship in Eastern Europe that does not have an extradition treaty with the U.S. Mr. Neumann also interviewed with Belarusian-state TV and shared more details about being on the run. 

According to Neumann, he “traveled by train to Switzerland, boarded a car and left for Germany, then Poland, and by March 13, he was in Zhytomyr, Ukraine.” However, Mr. Neumann’s time in Ukraine was short-lived, claiming he spotted surveillance from the SBU (Ukrainian Intelligence), and from there, he decided to leave Ukraine for Belarus. 

Considering Mr. Neumann’s unusual behavior following the Capitol Riots and appearance on Russian and Belarusian state media, our analysts chose to investigate him further. The purpose of our investigation was to see if Mr. Neumann had any possible connections to Russia and, if possible, gather more information about his actions and motives on January 6, 2021. 

Investigative research on Mr. Neumann determined that he does have business interests in Russia and Ukraine. Additionally, several years before the riots, he openly considered how he would illegally hide his money if he were to find himself in a situation where his finances were under threat. 

According to public records, Mr. Neumann started multiple businesses in the past, with only one currently active. The company, Aslaen Vaugn, makes custom high-end handbags. [3] Research into Aslaen Vaugn shows that their handbags appeared at a fashion show in Moscow at the Wheel of Time Restaurant on September 14, 2020. [4] Anastasia, a New York-based fashion magazine, sponsored the event. High-profile Russian military officers and recipients of the Hero of the Russian Federation – Major General Sergei Anatolyevich Lipovoi and Andrey Nikolaevich Zvyagintsev, were at the event.  

The CEO of Anastasia is Ksenia Bychenkova, a California-based model. According to Mr. Neumann’s Venmo history, he paid Ms. Bychenkova for “social media services.” Ms. Bychenkova goes by the alias, Anastasia Xena, on her Instagram profiles. [5] Analysts could not determine anything further about the relationship between Mr. Neumann and Ms. Bychenkova or her possible connections to Russian military officers.

Our investigative team also discovered that Mr. Neumann’s handbags are sold in-store in Ukraine called One Shot. [6] On November 3, 2021, One Shot posted a photo of an Aslaen Vaugn handbag. However, the shop in Ukraine is not listed as one of the retail locations for Aslaen Vaugn products on its company website. [7]

Mr. Neumann’s history with Eastern Europe goes back even further. According to open-source research, Mr. Neumann lived in “Dresden, when it was still East Germany, Munich, Vorarlberg, Austria, Prague, Moscow, and Kyiv.” [8] Additionally, Mr. Neumann’s Etsy account details how he is a self-described “mad-scientist” who had informal tech training in Moscow in 1992. [9] 

Continuing research Mr. Neumann provided additional details about his interests/behaviors. In an interview with Designers [10], Mr. Neumann discusses how he likes to make bombs as a hobby. Further, in response to a 2015 online post from an unidentified person going through potential financial ruin, Mr. Neumann offers advice on how to cover his financial tracks. Under his alias, Jsalathe, Mr. Neumann commented, “Borrow against your properties and siphon that off too, but to cash, not a bank or investment account. You can start putting some in offshore accounts like the Cayman Islands or Switzerland. The problem here is that it is illegal and has the potential for prison if a trail is found. If you do this, take cash on the plane, no wire transfers.” [11] The comment from Mr. Neumann suggests a possible motive for his travels to Switzerland after fleeing to the United States.

Mr. Neumann’s actions at the U.S. Capitol are well-documented, with bodycam footage showing him beginning to harass police officers at 1:45 PM EST. At 1:55 PM EST, Mr. Neumann says, “I am willing to die, are you?” Soon after, Neumann uses the bike rack barricade line at the base of the West Front of the Capitol building as a weapon to push back against police, assaulting them. He is joined by other rioters who are then able to break the police line at or around 1:57 PM EST. While Neumann’s actions at the bike rack barricade led to others joining him to attack law enforcement, it remains unclear if he had any connections to the others who joined in on the assault.

Mr. Neumann is currently one of the FBI’s Most Wanted in relation to the Capitol Riots. In interviews with Russian and Belarusian media, Mr. Neumann says that Capitol rioters are “treated in Guantanamo-like conditions [12], that he doesn’t see why “Russia is an enemy,” and that he wanted to flee to a country that is “tough on the West.”

After the Capitol Riots, Mr. Neumann sold his California home, where he lived for several years. With the lower standard of living in a country like Belarus and other less-developed areas of Eastern Europe, Mr. Neumann may be using the money to support himself for an extended period of time.

In addition, Mr. Neumann went to great lengths to scrub his digital footprint. Our analysts identified his most significant posts from his online alias through reviewing archived and deleted data.

ASSESSMENT

Overall, Mr. Neumann’s actions and behaviors warrant significant concern. While we couldn’t assess any other information about his history with Russia, his background of living in the country, business interests and Russian connections, pro-Russian attitudes, and tradecraft used to reach Belarus, could suggest more than criminal behavior with Mr. Neumann. Russian intelligence wouldn’t see Mr. Neumann as a high-level asset, but with his multiple appearances on Russian state media and long history in Eastern Europe, they could see him as a propaganda tool to push disinformation about the Capitol Riots and anti-American narratives.

 

[1] Case 1:21-mj-00331, United States of America V. Evan Neumann, United States District Court for the District of Columbia, 3/23/2021, https://www.justice.gov/usao-dc/case-multi-defendant/file/1411351/download

[2] From Capitol Riot to Belarus, YouTube, uploaded by RT, 20 November 2021, https://www.youtube.com/watch?v=T_ttH7XXJiM

[3] Open Corporates, Aslaen Vaugn, LLC, Registered Agent, Evan Neumann, https://opencorporates.com/companies/us_ca/201932310540

[4] Presentation of the New York Magazine about High Fashion, 14 September 2020, https://karachenkov.ru/press-tsentr/informatsionnye-stati/prezentatsiya-nyu-jorkskogo-zhurnala-o-vysokoj-mode/

[5] AnastasiaXena, Instagram, https://www.instagram.com/anastasiaxena/

[6] One_Shot_Resale_Shop_Instagram, 3 November 2021, https://www.instagram.com/p/CVzgAyrKG7S/

[7] Aslaen Vagun, Store Locator, https://aslaenvaugn.com/pages/store-locator

[8] A’Design Award and Competition, Designs Interview with Evan Neumann, https://competition.adesignaward.com/legends-interview.php?profile=262535

[9] Etsy, Jsalathe, https://www.etsy.com/people/jsalathe

[10] Designers, Interview with Evan Neumann, http://designers.org/profile.php?ID=262535

[11] Forums.red, Wife cheating – Is it Worth a Divorce?, https://www.forums.red/p/AskTRP/2201/wife_cheating_is_it_worth_a_divorce/222299

[12] An American who fled to Belarus spoke about the “home Guantanamo” in the USA, 13 November 2021, https://www.ntv.ru/novosti/2633422/

On Sunday, talks between the United States and the Russian state in Geneva, Switzerland, saw no progress, with the U.S. reaffirming its unwavering commitment to NATO and Europe’s national security. During the meeting, the U.S. opposed security guarantees Russia drafted in December, which concern Ukraine’s possible membership in NATO (North Atlantic Treaty Organization).

Russian Deputy Foreign Minister Sergei Ryabkov said, “For us, it’s absolutely mandatory to make sure that Ukraine never, never, ever becomes a member of NATO (North Atlantic Treaty Organization).” Ryabkov also claims that Russia has no intention to invade Ukraine.

In contrast, a State Department press release reports that the U.S. pressed its responsibility to NATO during the meeting and that the United States is prepared to impose high “political and economic costs” on Russia if it invades Ukraine.

Additionally, on Monday, Deputy Secretary of State Sherman assured that the U.S. would not close the doors on countries that seek to join NATO and will not agree to Russia’s demands about Ukraine’s potential membership within the international military alliance.

Overwatch focused on the situation in Ukraine and the U.S. response for this brief.

The Situation in Ukraine

Currently, Russia has built up 100,000 troops on the Russia-Ukraine border. In addition, reports indicate that tanks, fighter jets, and helicopters are moving towards the Russia-Ukraine border.  The Russian state claims that the military buildup is a routine troop movement, but the U.S. and most NATO partners assess that Russia may launch a second invasion into Ukraine.

The last time Russia invaded Ukraine, February 2014, was with special forces from its Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU), eventually resulting in the annexation of Crimea. Fighting in Ukraine has continued since 2014, with an estimated 14,000 casualties. The frontline of the war in Ukraine is Donbas, which is in the south-eastern part of the country. The Donetsk’s People’s Republic (DPR) and Luhansk’s People’s Republic (LPR) are in Donbas and claim autonomy from the Ukrainian government. The DPR and LPR declared their independence from Kyiv in 2014 and continue to receive financial support from the Kremlin.

Pro-Russian leaders govern both the DPR and LPR, where the Russian Rouble is used instead of the Ukrainian Hryvnia. In December of 2021, Russian President Vladimir Putin invited DPR leader Denis Pushilin and LPR leader Leonid Pasechnik to join the United Russia Party, which Pushilin and Pasechnik both accepted.

On Tuesday, Ukrainian President Volodymyr Zelensky called for a summit with France, Russia, and Germany to end the conflict in Ukraine. As Zelensky takes a more diplomatic approach to the tense situation on his border, The Security Service of Ukraine, (SBU)(which deals with counterintelligence and counterterrorism matters) reports it arrested a Russian military intelligence agent planning to commit acts of “sabotage” and “terrorism” in Odessa, Ukraine.

U.S. Investment in Ukraine

According to open-source reporting, the United States provided $200 million USD to Ukraine in late December 2021. Further, the U.S. is open to Ukraine’s potential membership in NATO, an interest expressed by President Zelensky since the country’s new National Security Strategy was drafted in 2020, with aims to join NATO. Ukraine remains a strategic partner of the United States, with U.S. government funding since 2014, totaling over 2.5 billion dollars, and the continued sale of arms and munitions.

The U.S. is increasing its volume of Intelligence, Surveillance, and Reconnaissance (ISR) collection with the Russia/Ukraine conflict. ISR collects information regarding an enemy by observing and tracking their movement and communication. ISR platforms incorporate sea, air, land, and space assets to deliver time-sensitive assessments of enemies. Specifically, the U.S. utilizes the Army’s airborne reconnaissance and target exploitation multi-mission system (ARTEMIS) platform, recently pulled out of a vital testing exercise to monitor Russian troop movement.

The new ARTEMIS platform integrates sensor technology on a jet capable of flying faster and higher than traditional ISR aircraft. On January 11, 2022, an ARTEMIS-enabled plane was identified, conducting an ISR flight pattern in the Black Sea and near Russian borders. The introduction of experimental aircraft, such as ARTEMIS, shows the use of major U.S. resources to monitor events in Ukraine.

While the U.S. is providing financial support to Ukraine, the Biden Administration has ruled out sending in troops should the Russians invade.

Assessment:

With the significant military buildup on the Russia-Ukraine border, the situation between both countries could erupt into a major conflict, destabilizing more than the Donbas region, where the fighting has persisted since 2014. Should the Russians invade, their forces would support the Russian Separatists fighting for the Donetsk People’s Republic and Luhansk’s People’s Republic. Further, as Russian President Vladimir Putin annexed Crimea in 2014, he could potentially annex the DPR and LPR and station Russian troops in both territories. President Putin may also use the GRU and Foreign Intelligence Service of the Russian Federation (SVR) to build more support networks in Ukraine, as he has in the DPR and LPR, giving his political party, United Russia, additional influence in the country.

With the U.S.’s continued pledge of financial support for Ukrainian defense, non-state Russian actors could initiate cyber-attacks on U.S. entities or politicians that have advocated for broader support of Ukraine. Also, should Putin invade Ukraine a second time, Russian disinformation would see a significant increase, likely with conspiracy theories meant to distort the image of the U.S. military and government. On December 21, 2021, Russian Defense Minister Sergei Shoigu said that the U.S. was using U.S. mercenaries to plan a chemical attack in Ukraine.

While NATO has an open-door policy for countries interested in joining, the question of whether Ukraine will become part of the military alliance hasn’t been determined at this time. Overwatch analysts assess that the U.S. will not intervene militarily in Ukraine in the interim. While better equipped to handle Russian aggression than in 2014, the Ukrainians still lack critical defense systems and technology to mitigate the Russian threat. The U.S. response to a second Russian invasion of Ukraine would likely come in sanctions, but to do little to deter Russia from continuing a military campaign in Ukraine.

Further, a potential second invasion of Ukraine will likely lead to other NATO countries that share a border with Russia, increasing their security posture and lead to questions about NATO, the U.S., and its allies’ ability to deter Russian aggression in Eastern Europe. Since Russia’s hardline stance that Ukraine can never become a member of NATO, other U.S. European allies that are not members of NATO said they have a right to join the organization, including Finland and Sweden. Finland and Sweden’s comments about NATO show how the U.S.’s European allies outside of NATO have a significant interest in deterring Russian aggression.

Quality of life in Afghanistan continues to deteriorate daily. Many Afghans lack proper food, financial resources or suffer from the Taliban’s acts of violence and brutality, despite the Taliban’s claims of inclusiveness, benevolent rule and granting amnesty to dissenting Afghans. The Taliban’s last amnesty claim was made on December 30, 2021. However, both open-source reports and human sources indicate otherwise.

Overwatch focused on the situation on the ground in Afghanistan for this brief, interviewing three sources about their latest experiences and what they’ve seen inside the country that no longer has a U.S. military or diplomatic presence. We interviewed a civilian who had to flee from the Taliban, an Afghan who worked in intelligence collection with U.S. partners, and a journalist from the Panjshir Province.

Since the Taliban took over Kabul in the summer of 2021, Omar has feared for his life. Last August, the Taliban posted a flier at the mosque nearby Omar’s house, naming him and his family members as threats, forcing them to leave their home and relocate. Omar told Overwatch that the situation is only becoming worse in Afghanistan. “They continue to go to peoples’ homes to target them. The Taliban does whatever it wants. They are taking revenge and killing those who have raised their voice against them.”

Omar’s claims were confirmed by Farshad, who previously worked in intelligence and counterterrorism with U.S. government partners. Farshad said the Taliban has killed 50 NDS employees since taking over the government. The NDS, Afghanistan’s National Directorate of Security, was responsible for Afghan national security interests and mitigating terrorist threats. “An NDS employee was killed in the area of Wazira Akbar Khan last week,” said Farshad. Wazira Akbar Khan is a neighborhood in Northern Kabul.

Farshad also said there had been an increase in Al Qaeda members coming into the country, which, to some degree validates comments from Marine Corps General Frank McKenzie, head of U.S. Central Command. Gen. McKenzie said, “There’s a presence. We thought it was down pretty small, you know, toward the end of the conflict. I think some people have probably come back in. But it’s one of the things we look at.”

Natiq Malikzada, a well-known Panjshiri, anti-Taliban activist, and journalist, has closely followed events in Afghanistan. Malikzada has lost family members to the Taliban, including his uncle, Mojer Haqjo, a former officer in the Afghan National Defense and Security Forces. Malikzada said of his death, “The Taliban had a list of all former government employees and Afghan, National Defense & Security Forces (ANDSF) in Panjshir, but because my uncle was a security officer, they shot him in the head and cut his throat. His body was left on the street for two days, and the Taliban did not allow anyone to bury him.”

Malikzada said that the Taliban also guarded his grandparents’ home for months. “The Taliban patrolled my grandparents’ house for months, and they did not allow any of our relatives to come to visit for the funeral ceremony to prevent my grandparents from giving any interviews to the media.” Malikzada added, “I also lost three cousins to the Taliban.”

ASSESSMENT

The Taliban will continue to target members of the Afghan National Army and Afghanistan’s National Directorate of Security. The targeted killings of these individuals aren’t only for revenge but to prevent U.S. combat-trained individuals from fomenting unrest throughout Afghanistan.

There is a growing humanitarian crisis and significant lack of resources in Afghanistan. Considering the Taliban’s history of using kidnapping of foreign nationals to fund their activities, the remaining American Citizens, Lawful Permanent Residents, and Green Card Holders in the country could be all be at risk of being taken as hostages. Foreign hostages may serve as leverage for the Taliban to raise money through ransoms or payments from insurance policies. Additionally, claiming to arrest remaining American citizens or persons with preferred status and charging them as foreign spies provides the appearance of legitimate order and government, in the hopes of starting diplomatic negotiations.

After the Taliban took over Afghanistan, both Russia and China expressed an interest in helping them “rebuild” the country. Russian and Chinese involvement in Afghanistan coincides with Overwatch’s assessment they intend to erode the U.S.’s image and global influence.

As Al-Qaeda’s presence increases inside Afghanistan, other terrorist groups will likely follow and see the country as a haven that closely follows Islamic Fundamentalism. Were such a terrorist inpouring to occur, the U.S. would likely find itself with radicalized Americans traveling to Afghanistan, as they did in Syria and Iraq when ISIS controlled significant swaths of territory.

In 2021, the People’s Republic of China (PRC), and the Russian Federation referred to their relations as “unprecedented,” evidencing how close the two superpowers are now with one another. Both countries continue to act aggressively on the world stage, with tens of thousands of Russian troops currently on the Russia-Ukraine border and China continuously sending its military fighter jets into Taiwan’s Air Defense Identification Zone.

The PRC supports Russian President Vladimir Putin’s position on Ukraine, while the Russian State defends the Chinese State’s behavior towards Taiwan. Overwatch analyzed the growing relationship between Russia and China over the last thirteen months. We assessed that Russia and China are progressing towards an alliance around mutual objectives to expand global influence and threaten the U.S. and its interests.

The following information is a timeline of key events in Russia-China relations from December 2020 – January 2022. Events are categorized as either tech, political, economic, or military.

TIMELINE OF RUSSIA-CHINESE RELATIONS
DECEMBER 2020 – JANUARY 2022

Tech: On December 12, 2020, China and Russia designated 2020-2021 as the China-Russia year of Scientific and Technological Innovation. With the announcement, Xu Xinchao, the Vice Chairman of the Beijing Municipal Science and Technology Commission, said, “Beijing looks forward to extensive, continuous and in-depth cooperation with Moscow in sci-tech innovation.”

Political: On December 24, 2020, Chinese Foreign Minister Lin Wang and Russian Foreign Minister Sergei Lavrov agreed to oppose U.S. moves that “crackdown on Russia and China” and to strengthen their strategic cooperation.

Political: On December 29, 2020, Chinese President Xi Jinping and Russian President Vladimir Putin said that ties were the “highest” in their nation’s history.

Political: On March 7, 2021, Russia and the PRC agreed to work together to fight disinformation and color revolutions. Color revolutions are protest movements that attempt to influence or completely change a government.

Political: On April 27, 2021, the PRC called Russia a strategic partner of coordination in a New Era.

Economic: On May 19, 2021, Russia and the PRC held a virtual groundbreaking ceremony for the Tianwan Nuclear Power Plant, which is a result of a 2018 nuclear energy agreement between both nations. The project is estimated to cost 3 billion USD.

Political: On May 26, 2021, Russian President Vladimir Putin pledged to work with China to restore global stability.

Tech: On July 3, 2021, China and Russia pledged further cooperation on data security, the Arctic, and infrastructure. China and Russia have significant scientific, military, and territorial interests in the Arctic.

Political/Economic: On July 26, 2021, China and Russia offered their support to Syrian President Bashar Al Assad. Russian has supplied Syria with arms and military support since the civil war started in 2011. However, the PRC does not have a pattern of supporting Syria and invited Syria to join China’s Belt and Road Initiative to help repair its war-torn economy and infrastructure.

Military: On August 9, 2021, the Russian military joined the People’s Liberation Army for five days of military drills in the Ningxia Hui Autonomous Region. The drill marked the first time that the Russian military used Chinese-made weapons.

Political/Economic: On August 27, 2021, Russia and China told the Taliban they would help them rebuild Afghanistan.

Military: On September 4, 2021, the Russian Federation offered Sukhoi Su-35 multipurpose combat aircraft to the PRC. In May 2020, China bought 24 Sukhoi Su-35s from Russia for $2.5 billion.

Military: On September 21, 2021, both nations held anti-terror drills together in Orenburg, which is in Southwest Russia.

Tech: On September 24, 2021, Russia announced that it would install GLONASS monitoring systems in China. GLONASS is a satellite system for both civilian and military use. While Russia is installing GLONASS in China, the PRC will install Beidou, the country’s response to the U.S.-owned GPS system.

Political: On October 12, 2021, Russia supports China’s policy on Taiwan, referring to the island as part of China.

Military: On October 15, 2021, Russia and China held Naval Drills in the Sea of Japan.

Military: On October 16, 2021, China tested a hypersonic missile. In response, Russia said, “China is developing arms systems within the framework of its international obligations.”

Military: On October 28, 2021, General John Hyten, Vice Chairman of the Joint Chiefs of Staff and Washington’s second-most-senior military officer, warns China’s military could surpass the U.S.

Tech: On November 4, 2021, Putin referred to China as a key partner in AI technology.

Military: On November 8, 2021, the PRC and Russia signed a contract to develop a heavy helicopter together.

Tech: On November 17, 2021, China and Russia established the China-Russia Consortium Space Weather Center.

Military: On November 19, 2021, Chinese and Russian aircraft enter South Korea’s KADIZ (Korea Air Defense Identification Zone).

Military: On November 24, 2021, China and Russia signed a roadmap to military cooperation.

Tech: On November 30, 2021, China and Russia launched a joint project in art, tech, science, trade, and research in Qingdao.

Economic: On December 3, 2021, China and Russia said they are developing a long-haul jet together.

Economic: On December 15, 2021, China and Russia agreed to develop an independent financial system aimed at circumventing U.S. sanctions or the U.S. financial system.

Political: On December 24, 2021, President Putin said there is “no limit” for Russia-China cooperation.

Political: On December 31, 2021, China’s Ambassador to Afghanistan, Wang Yu, met with the Taliban’s Acting Deputy Prime Minister, Mullah Abdul Ghani Baradar. In the meeting, Wang expressed China’s desire to help with reconstruction of the country and independent development.

Political: On January 4, 2022, Taliban Deputy Prime Minister Mawlawi Sahib Abdul Salam Hanafi met with Russian investors in Afghanistan to discuss oil refineries and the production of a cement plant in the country.

ASSESSMENT

Overwatch assesses continued economic, technological, and military cooperation between China and Russia focused on mutually eroding the U.S. as a global power and enticing investments into European and Asian countries. Russia and the PRC will do more than provide humanitarian aid to Afghanistan but invest in the Afghan economy and its infrastructure, creating a larger space for influence over the Taliban and giving both Russia and China some degree of control over Afghanistan’s natural resources.

China and Russia’s stated goals to develop a financial system that circumvents U.S. sanctions illuminates how both nations aim to decrease the power of the U.S. financial network and its reach to punish aggressive acts on the world stage. In the event that the PRC and Russia successfully develop their independent financial system, the U.S. could lose the effective diplomatic leverage of sanctions.

Cooperation between Russia and China is more about common grievances against the United States. The One China policy insists Taiwan is an inalienable part of China that will eventually reunite with mainland China and its government. Similarly, Russia continues to pursue having Ukraine back under Russian control, as it did before the breakup of Soviet states under the USSR. China’s motivations with Taiwan mimic Russia’s motivations for bringing Ukraine back under the Russian state, economic position, and historical cultures. Both motivations share the interest of removing the U.S.’s dominant influence in the region and improving the attraction for other countries to enter into partnerships and trade agreements that bolster China and Russia’s economies.

The increase in joint military exercises, Russian troops using Chinese-made weapons, and the agreement from nations for military cooperation indicate that the relationship between China and Russia’s armed forces will only continue to advance.

In addition, suggesting that China and Russia are now “allies” is premature since the diplomatic definition of an “alliance” is that one will come to the defense of another if attacked. However, expect the tacit cooperation to weaken U.S. influence.

Further, Russia and China will continue to act aggressively globally, which will lead to condemnation from the U.S. That condemnation will likely result in Russia and China launching disinformation campaigns that incite social division within the United States.

Quantum technology, which was once seen as something more science-fiction than feasible, is a significant area of interest for Google, IBM, Honeywell, and Amazon, all of whom are all developing quantum computers. Currently, Google’s quantum computer can process data a hundred and fifty-eight million times the speed of the world’s fastest supercomputer. China claims that its quantum computer, Zuchongzhi 2.1, is a million times faster than Google’s quantum computer. And there is a concern that as the technology advances, a nation-state actor like the People’s Republic of China could use the technology to break the most secure encryptions for U.S. military-grade systems and develop superior AI-enabled technology.

While quantum technology is still in its beginning stages of development, the Office of the Director of National Intelligence considers quantum one of the most significant national security threats to the U.S.

Several different institutions in China focus on the development of quantum technology. Overwatch analysts focused on Tsinghua University’s Quantum Center for Information for this brief.

With the Chinese government still spreading its influence across the U.S., and 34 of its Confucius Institutes continuing to operate on U.S. campuses, our focus on Tsinghua is part of a much larger picture regarding the Chinese state’s influence in America. Tsinghua University, the equivalent of an Ivy League School in China, also has a partnership with UC-Berkeley in California. The two schools built the Tsinghua UC-Berkeley Shenzen Institute in China, which focuses researching environment science and new energy technology, information data technology and data science, and precision medicine and healthcare.

This report illuminates ties between Tsinghua’s Quantum Center, the United Front Work Department, China’s People’s Liberation Army (PLA), and Quantumctek which was recently added to the U.S. Department of Commerce’s Bureau of Industry and Security’s Entity List.

UNITED FRONT WORK DEPARTMENT

The Quantum Center for Information, led by Professor Andrew Chi-Chih Yao, a Harvard and University of Illinois alumni, is influenced by the United Front Work Department. The United Front Work Department is an arm to the Chinese State, with a focus on building support for the Chinese Communist Party (CCP) and foreign influence operations. Chinese President Xi Jinping has referred to the United Front as a “magic weapon.” Regarding foreign influence, the U.S. – China Economic Security Review Commission says of the United Front, “UFWD directs overseas Chinese work, which seeks to co-opt ethnic Chinese individuals and communities living outside China, while a number of other key affiliated organizations guided by China’s broader United Front strategy conduct influence operations targeting foreign actors and states.”

In 2017, Xu Kuangdi, then Vice-Chairman of the 10th National Committee of the Chinese People’s Political Consultative Conference, visited Tsinghua’s Quantum Center for Information. The Chinese People’s Political Consultative Conference is a critical piece of the United Front and targets non-CCP members to promote and advance the goals of the Chinese Communist Party. According to the report from Tsinghua, Xu provided insights into the “achievements, teaching, and research” at the university. While analysts did not identify any other visits from the United Front to the Quantum Center for Information through open-source research, the United Front does have its own office at Tsinghua, indicating a certain level of importance to the Chinese State.

Our research also discovered that most professors working in the Quantum Center with Professor Yao studied in U.S. schools, including Yale University, University of Michigan, University of Texas, and University of Maryland. Professor Yao himself is a member of the Communist Party and met with former Chinese President Hu Jintao in 2011 for the 100^th anniversary of Tsinghua University.

PLA INFLUENCE

Since 2011, the PLA and Tsinghua University have worked on education initiatives for students to join the military subsequently. That influence has not waned, and in 2020, the PLA Academy of Military Science and Tsinghua announced a joint program for the training of Ph.D. students in computer science and technology.

Further, in September 2021, the Center for International Security and Strategy of Tsinghua University held its 20^th Security and Strategy Seminar. The seminar’s main topic was the Australia, U.K., and U.S. (AUKUS) — security agreement. This agreement sparked controversy between President Biden and President Macron of France as Australia ended its 2016 contract with France to purchase U.S. nuclear-propelled submarine technology. Students weren’t the only ones in attendance. The event included experts from Peking University, PLA National Defense University (China’s West Point), Party School of the Central Committee of the CPC, PLA Academy of Military Science, and the Ministry of Foreign Affairs.

Additionally, Tsinghua has worked on COVID-19 research with the Academy of Military Medical Sciences, recently added to the Department of Commerce’s Bureau of Industry and Security Entity List for its involvement in developing biometrics and “brain control” technology to oppress the Uyghur Muslim population in Xianjing. In 2021, Tsignhua co-hosted a symposium on mechanical engineering and biotechnology manufacturing with the Academy of Military Medical Sciences.

QUANTUMCTEK

On November 24, 2021, the Department of Commerce’s U.S. Bureau of Industry and Security placed Quantumctek Co. Ltd. on its Entity List, for supporting the PLA with its quantum technology.

Overwatch research into Quantumctek found a few connections with Tsinghua’s Center for Quantum Information.

Jiajun Mu, a Ph.D. student, was a researcher at the Quantum Information Center from 2012 – 2017 and currently works for Quantumctek as a researcher. Bing Bai, who served in the PLA as an engineer from 2001 – 2018, works as an engineer for Quantumctek. Both Tsinghua Quantum Information Center professors, Yu Lan San and Xiongfeng Ma, are part of the ITU Workshop on Quantum Information, along with Quantumctek’s CEO, Yong Zhao.

Additionally, we identified a Ph.D. student at the University of Berkeley that studied at the Quantum Center for Information. That student, Yunchao Liu, studied under Professor Yao and works on quantum research with members of IBM’s Quantum Research Team, suggesting Tsinghua’s significant influence on U.S. companies developing quantum technology and the university’s reach goes beyond China’s borders.

ASSESSMENT

Overwatch research suggests that Tsinghua University’s Quantum Center for Information is influenced by the United Front Work Department, as evidenced by the 2017 visit of Xu Kuangdi, Vice Chairman of the 10th National Committee of the Chinese People’s Political Consultative Conference.

Tsinghua and the PLA’s Academy of Military Science’s joint program for training doctoral students in computer science and work on strategic issues with PLA National Defense University indicates a significant partnership between the university and the Chinese state’s military-industrial complex.

Jiajun Mu and Bing Bai’s links to Quantumctek also pose the question: What other computer science companies working with the PLA employ students from Tsinghua’s Quantum Center for Information? Further, are students from Tsinghua’s Quantum Center for Information coming to the United States to further their education, or are they working on behalf of the interests of the Chinese State?

With the FBI opening a new counterintelligence investigation into China every twelve hours, the U.S. should consider the impact that Tsinghua students could have and their access to sensitive information as researchers at U.S. universities. That information could be collected for the benefit of the Chinese State and have ramifications, which could at some level compromise U.S. efforts to develop quantum technology and give China a military and technological edge.

Suppose the PRC achieves quantum supremacy before the United States. Such a breakthrough would likely impact the lives of everyday Americans as most computers have basic encryptions, which quantum technology could easily break.

China’s potential ability to crack the encryption on electronic banking, credit cards, cellular communications, our critical infrastructure, hybrid vehicles, autonomous systems, and medical record encryption would require a significantly larger investment in budgetary allocations and manpower to continue to be on the defense for every little potential impact. These impacts would regularly inconvenience Americans to the point where many would demand the government solve the problem, influencing elections and politicians, affording the PRC at some level, the ability to shape U.S. government policy. Further, China could target Taiwan’s semiconductor production through weaponizing quantum technology, disrupting the global supply chain, and forcing countries to rely heavier on the Chinese State for the chips that power their computers and smart devices.