Want to know whether she’s a bumbling Chinese spook or an innocent tourist who loves her hi-tech devices?
Perhaps Zhang’s pool excuse was a quick and casual line to pass through the first security perimeter without many questions. Did she actually have a better cover story, or maybe a verifiable true story, she was able to present under more intense questioning? Zhang reportedly underwent four-and-a-half hours of questioning by the Secret Service. How did this go? What explanation did she give for her visit to Mar-a-Lago in this high-stakes setting? Did her explanation fit with answers she gave when applying for a visa to enter the country? Zhang reportedly previously traveled to the United States, in 2016 and 2017. Does her explanation for those trips match information she gave when applying for a visa, and how do those trips fit with her current itinerary and actions?
If Zhang isn’t a spy, or up to other nefarious things, why is it that she “lies to everyone,” as the prosecutor said in court? Could she simply be confused or did she communicate poorly because English is not her native language? Investigators, particularly those who questioned her, know better than we do about Zhang’s command of English. The Miami Heraldreported that she “appeared to speak English” to a lawyer in court and she took notes during the hearing, but a translator was also present.
How would Zhang have operated inside Mar-a-Lago?
The president’s vacation abode is a target-rich environment. There are the obvious marks: The president and his inner circle. But those people are hard to access. Better targets might be the multitudes of people at Mar-a-Lago who aren’t in the president’s inner circle but who have access to those who are and can influence and glean information from them.
A casual observer could also gather a load of information simply by being present at Mar-a-Lago.
- Who is there?
- Who is trying to get access and influence people? Who interacts with whom?
- What activities do they participate in?
- What schedule do they follow?
This could help a foreign intelligence service target people for recruitment as assets. It could also tell a foreign intelligence service what other countries are running operations there and which individuals they are targeting using what methods. This is important counterintelligence information for any spy agency, a window into other countries’ priorities and how close they are to achieving them.
It’s also possible Zhang wanted to observe the security situation at the resort, laying the groundwork for some future operation. She might have witnessed how Secret Service and resort security worked (or didn’t work) together and how freely Trump and his people move around, to determine what kind of access might be available.
But Zhang’s more than $8,000 worth of cash (in U.S. and Chinese currency) was found in her hotel room at the Colony Hotel about two miles from Mar-a-Lago, not on her person. Unless she planned to enter the resort a second time, it seems very unlikely she was there to pay an asset for information.
Some tourists do indeed travel with loads of cash. Although Zhang has a Wells Fargo account in the United States that she could have accessed. And that account raises new questions. When and why did she set up this account and how has she used it in the past? Is her use of this bank account consistent with the investor and consulting business she claims to run? Or did she set it up years ago in an attempt to build her cover story while laying the groundwork for an intelligence operation? Investigators will try to find answers to those questions.
But an intelligence officer might also have multiple phones and SIM cards. Good spies follow the “one phone, one operation” rule. That is, they don’t call different assets using the same phone, because then they become linked, and key in any intelligence operation is to keep information compartmented. Much like you don’t want to send private texts on your work phone, you don’t want communications with multiple assets on a single device.
There is also the question of what kinds of phones these are. Are they burner phones, which are pay-as-you-go and not registered to an individual and therefore not easily traceable back to the purchaser and user? A spy would most likely use a burner phone. Or, maybe she was delivering burner phones to assets inside the resort to make communication easier? Or are these regular phones, registered in Zhang’s name or her company’s name? Investigators will certainly run traces on the phones and SIM cards to see if they link to anyone of interest or if they suggest a strange pattern of behavior, such as communicating with someone in a way that is meant to hide the contact.
Thumb drives are pretty normal in business, but malware isn’t. The fact that the first thumb drive Secret Service looked at had malware on it does not look good for Zhang.
It’s possible that a spy would want to use malware to destroy a network at the resort. But a foreign intelligence service would more likely be interested in using it to gather useful information. There is very little chance (if any) that Zhang could have gotten the malware anywhere near a government computer. But to slip a program into the resort’s network that would allow an intelligence service to see guest lists, schedules and itineraries, room assignments, and who is coming and going? Yes, that would be of interest.