Espionage Case Study: Michael Charles Schena and China's Ministry of State Security

Overview of the Espionage Incident

From 2022 to 2025, Michael Charles Schena conducted espionage against the United States on behalf of China’s Ministry of State Security. Schena was a Foreign Affairs Officer with the US Department of State for nearly 19 years. He was not a diplomat but had multiple overseas trips working in US diplomatic missions for up to six months each. Prior to joining the State Department, he taught English in Shaoxing, China, for three months.

Recruitment and Initial Contact

On April 11, 2022, Schena received a message on LinkedIn from an individual named “Jason.” Jason claimed to work for an international consulting company and inquired about Schena's interest in collaborating with them. Over the following weeks, Schena and Jason attempted to schedule video teleconference calls. They also sought a successful method for Jason to pay Schena. Eventually, Jason sent Schena $500. Approximately six hours after that payment was made, Jason requested Schena to resend the "pictures" with a higher quality resolution.

Exchange of Sensitive Information

On June 19, 2022, Schena emailed Jason text from a State Department document that had sensitive but unclassified (SBU) markings. However, he removed some of the classification markings from the document before sending it. Two days later, on June 21, 2022, there was an online payment of $500 to Schena’s account.

In May 2022 and again in March 2023, Schena received payments from various account names. There were at least ten transactions from the MSS officer(s) Schena was engaging with online. For these money transfers, Schena used his wife’s online accounts.

Meeting in Peru

In August 2024, Schena traveled to Peru and met an MSS officer, likely his handler Jason. During this meeting, he received $10,000 and an iPhone 14 cellphone. The iPhone 14 was intended as a covert communication device for Schena to image and/or transmit information.

Unauthorized Access and Data Theft

On February 17, 2025, Schena accessed the Department of State computer system from his home in Alexandria, Virginia, and downloaded an SBU document. He then attempted to email the document from his work email account to his personal email account. After receiving an alert that emailing the SBU information may violate State Department policy, Schena reclassified his email as UNCLASSIFIED and sent it to his personal email account. He then deleted the document from his work laptop.

Schena accessed at least five documents from the State Department’s classified computer system (CLASSNET), which contains documents up to the SECRET level. He photographed five SECRET documents displayed on his computer screen using the Apple iPhone 14 given to him in Peru. He then opened an application on the iPhone and typed a message. He inserted the photographs he had just taken into the messages. Schena deleted the photographs from the camera roll shortly thereafter. He left the State Department building and was arrested.

Conclusion

Status: Guilty

Motivation: Money

Tradecraft Used by Schena

• Schena was targeted, approached, and recruited online through social media.

• MSS officers used the cover of an international consulting company.

• MSS officer(s) utilized multiple online accounts to transfer funds.

• A third-country meeting occurred in Peru.

• MSS provided a sterile phone for collection.

• Schena took photographs of computer screens.

• He destroyed evidence of the photos from his phone.

• Payments were made in cash and online.

• Schena used his wife’s online accounts to receive some funds.

• The MSS uses invoices. Schena’s iCloud had an invoice (in Chinese) for the receipt of $10,000 and an iPhone 14 mobile device from Jason.

• Schena had access to SBU material at home through his work-issued laptop computer.

  
  

It is likely that Schena was introduced to “David,” Jason’s supervisor in Peru.

This case highlights the vulnerabilities that exist within government agencies and the methods employed by China's MSS to exploit them. Understanding these tactics is crucial for organizations aiming to protect themselves against espionage and covert influence.