Espionage Threats

Conferences and conventions provide excellent cover for foreign state-backed espionage operatives to target key organizations and individuals. The open and collaborative environment of conferences fosters networking opportunities, but also allows private corporate or state-backed rivals to recruit sources and collect information on their competition. Threat actors can conceal ulterior motives at conferences by making carefully planned approaches appear to be purely coincidental to gain a contact at a company by posing as a potential vendor or — and even more attractive to the target — as a potential client. Such approaches can lay the groundwork for future interactions that can start off innocuously, but develop into hostile attempts to bribe or compromise an employee in order to gain an inside source to valuable intellectual property

Governments, especially those sponsoring or hosting an event, have even more recourse to underhanded tactics to collect intelligence on their rivals. Host governments control the broader environment, from the convention center itself to the hotels where attendees stay, the restaurants they dine at, the airports they fly in and out of, and the digital communications networks they rely on. Additionally, they can use their general control over the environment to orchestrate and exploit physical approach tactics outlined above. More aggressively, they can engage in physical intimidation, blackmail or other coercive activities to gain access to sensitive documents, compromise electronic devices or compromise an inside source — all of which can ultimately allow intelligence agencies to steal intellectual property.

Even though engaging with human sources remains critical for access, recent examples highlight the threat that state-backed cyberespionage campaigns can pose to conferences and events even when they are well outside their borders. As conferences have had to go virtual to accommodate COVID-19-related restrictions, the increased reliance on digital networks to plan and organize conferences gives state-backed hackers more options to target individuals virtually. Even as conferences return to in-person events, they are likely to incorporate more virtual attendance options following the pandemic — allowing hackers to continue using conferences to target individuals.

July 2021: Iranian-backed hackers stole digital login credentials from academics based in the United Kingdom and the United States by sending them invitations to a fake online conference purporting to cover U.S. security challenges in the Middle East.
July 2021: Chinese spies recruited a German political scientist to exploit his access to academic and political conferences, paying him to gain access to and share sensitive information for more than 10 years.
November 2019: Czech Republic intelligence officials warned that Chinese and Russian intelligence officers have focused on recruiting government officials, students, professors and other academics by inviting them to conferences or reaching out to them through LinkedIn.
2017/2018: Two Iranian intelligence agents surveilled Iranian opposition groups and high-profile critics by monitoring Mujahideen-e-Khalq conventions and rallies in Washington and New York. The two men were later arrested and sentenced to prison.