Table of Contents
Introduction
I’ve spent my career straddling two worlds that rarely intersect: cutting-edge technologies and their risks, and counter-intelligence. My early days were spent thwarting intelligence threats, and from there, I transitioned into cybersecurity and industrial counter-espionage, advising some of the world’s largest aerospace, pharma, and manufacturing companies, including one of the top global semiconductor foundries, on industrial and economic counter-espionage. This work spanned everything from cyber defense and countering insider threats, to foiling human intelligence (HUMINT) operations and detecting surveillance tools like hidden cameras and nano-drones. Along the way I developed a comprehensive counter-industrial-espionage framework and tools now used by several Fortune 500 organizations. In short, I’ve seen the industrial and economic espionage threat up close.
After a period spent as a quantum technology entrepreneur, I returned to cybersecurity, and eventually back to quantum and founded Applied Quantum. Recently, as I’ve again become deeply immersed in the quantum ecosystem, collaborating closely with startups, research labs, and academic partners; I’ve observed a worrying resurgence of familiar espionage patterns. Surprisingly, even Applied Quantum, which primarily provides advisory services rather than core research, has been directly targeted. This tells me espionage actors are casting an extraordinarily wide net. They’re no longer selective; if you’re involved in quantum technology in any capacity, you’re on their radar.
Just to be clear: we, as Applied Quantum, don’t offer any related services. I won’t be able to strengthen your OPSEC (operational security) or perform TSCM (technical surveillance counter-measures). I’m not selling anything related – I’m writing this as a public service to my quantum tech network about a very real danger: the espionage campaign targeting quantum tech researchers.
This is not fiction or paranoid fantasy. It’s happening right now, often without the victims ever realizing it until it’s too late. If you’re skeptical, consider that every tactic I listed below I’ve encountered in my career, and many of them I’ve seen in action again recently. Even Western counter-intelligence chiefs have warned that fields like quantum computing face espionage “at real scale,” now extending beyond traditional government or military targets to hit startups, academic labs, and individuals who “may not think national security is about them”. FBI’s Quantum Information Science Counter‑Intelligence Protection Team has also warned that foreign adversaries, are now using “non‑traditional collectors, economic and academic influence, and other asymmetric intelligence operations” to penetrate companies, universities and national labs working on quantum research. German military counter‑intelligence also reports that Russia has doubled its hybrid‑espionage caseload in 2025 and is “more massive and more aggressive” in targeting NATO‑linked research – including cutting‑edge technologies such as quantum. Consider also some of the public reports I summarized below.
Catalyst in Vienna – Personal Spy Encounter That Sparked This Piece
Two weeks ago I found myself in Vienna, fittingly nicknamed the Spy Capital of the World, meeting an EU‑based quantum‑hardware start‑up and an Asian investor. The trip became an unexpected field exercise in trade‑craft.
I took the train from Salzburg. The carriage was empty, yet the only other passenger in the whole carriage chose the seat two rows behind mine. He kept standing up and “photographing the countryside” behind my shoulder. I knew better than to work on anything sensitive on my laptop, but my antennae were up.
After disembarking I jumped on a call and spent the next forty‑five minutes wandering Vienna’s Hauptbahnhof. When my conversation ended, I noticed the same individual still loitering near the platforms. Odd, but the second sighting doesn’t prove surveillance – at least not yet.
Hours later, while dining with the start‑up’s founders, I spotted the same man seated at the adjacent table – this time sporting thick‑framed glasses and a fresh outfit, obviously relying on a fact that a minor costume change is often enough to fool casual observers. A second appearance might be chance; a third is surveillance. I discreetly asked the hostess for a different table, citing “better lighting,” and kept our conversation strictly high‑level, just in case.
Back at the hotel I spotted the same man, this time stationed at the lobby bar. Now, convinced I am being tailed, I decided to test my hunch that it is because of my quantum tech involvement. I ordered a drink alone and, sure enough, eventually our amateur spy slid onto the neighboring stool. I introduced myself as an agricultural‑machinery salesman, but he kept steering the chat toward quantum technology, especially quantum sensing, claiming he’d just read an “eye‑opening article” and wanted my thoughts. Textbook elicitation: build rapport, feign ignorance, then fish for expertise. I spent a few minutes extolling the virtues of vintage Lamborghini tractors, watched his frustration grow, then politely excused myself.
Applied Quantum is an advisory shop; we might sometimes help clients tune algorithms, but we don’t fabricate qubit chips. If someone invested three separate touch‑points to profile me, imagine the scrutiny aimed at laboratories sitting on genuine breakthroughs.
Global Quantum Technology Espionage Incidents
Chinese Espionage Incidents in Quantum Technology
2019 – Chinese Talent Program Infiltration of Western Labs
A 2019 report by Strider Technologies revealed a long-running Chinese strategy of sending scientists to top U.S. and European quantum research labs, then calling them back to China to boost military-linked quantum projects. Researchers from institutions like MIT, University of Colorado, and Cambridge gained Western-funded quantum expertise and later helped China achieve breakthroughs (e.g. quantum satellites and sensors) for its defense industry. This covert talent recruitment, sponsored by programs such as the Thousand Talents Plan, enabled China to acquire cutting-edge quantum know-how without outright hacking or theft, blurring the line between academic exchange and espionage.
2019 – FBI Warns of Campus Recruitment
In mid-2019, the FBI issued a public warning that foreign intelligence agents were actively recruiting students and professors at U.S. universities to obtain emerging technology research. This warning followed incidents of suspicious approaches and offered incentives to researchers in fields like quantum information science. It reflected awareness that Beijing’s and Moscow’s intelligence services often use informal collectors (e.g. visiting scholars or business liaisons) in addition to hackers. The FBI alert was meant to harden academia against such espionage, which often goes unreported – a point underscored by FBI Director Wray’s characterization of intellectual property theft (including quantum IP) as “one of the largest transfers of wealth in history”.
Jan 2020 – Arrest of Harvard’s Charles Lieber
In January 2020, renowned Harvard nanoscientist Charles Lieber (then chair of Chemistry) was arrested for concealing his collaboration with China’s Thousand Talents Program. Lieber had secretly become a Wuhan University of Technology “strategic scientist,” earning $$50,000 per month, plus living expenses and over $1.5 million in research grants from China, all while receiving millions in U.S. funding. In exchange, he agreed to share research and establish a lab in China. Lieber’s undisclosed ties (uncovered under the DOJ’s China Initiative) exposed how China’s talent-recruitment programs effectively bribed insiders to transfer quantum and nanotechnology research. He was convicted in Dec 2021 of lying about foreign ties, underscoring the espionage risks in academic partnerships.
2022–2023 – Stanford “Charles Chen” Spy Case
In 2023, Stanford University uncovered that a suspected Chinese Ministry of State Security agent had posed for years as a Stanford student under the alias “Charles Chen”. This impostor aggressively targeted U.S. students and researchers working on sensitive tech topics, even offering a Stanford student researching China’s AI policy an all-expenses-paid trip to Beijing and attempting to shift communications to monitored platforms like WeChat. The ruse, revealed by a student and reported in 2025, is emblematic of China’s “non-traditional collectors” tactic, using students or visiting scholars as spies. In this case, the agent’s goal was to recruit future talent or glean research insights, and it was foiled when the student involved alerted authorities. Experts note this incident is part of a broader pattern of Chinese intelligence gathering on campus, beyond traditional cyber theft.
2023 – Espionage Warnings and Ongoing Cyber Theft
By 2023, Western security agencies publicly warned of intensified Chinese espionage targeting advanced tech sectors “from quantum technology and robotics to biotechnology”, driven by Beijing’s strategic plans. Chinese state-backed hacker groups have been caught infiltrating a wide array of companies and labs to steal intellectual property. For example, Dutch intelligence revealed in 2024 that a Chinese cyber campaign had breached “dozens” of Western government and industry networks. U.S. officials likewise attest that China is running a “well-resourced and systematic campaign” to acquire quantum innovations by any means – including illicit transfer via insiders, cyber intrusions, and front companies. These efforts have led to multiple FBI arrests and indictments (e.g. for trade-secret theft), and prompted the creation of a DOJ “Disruptive Technology Strike Force” in 2023 to protect critical tech like quantum computing. (No specific quantum company has been named publicly as compromised, but the broad pattern of Chinese economic espionage has explicitly included quantum information science on its target list.)
Russian Espionage Incidents in Quantum Technology
2015 (Exposed 2018) – Russian Spy Infiltration Sting in New York
A Russian deep-cover agent, Evgeny Buryakov, operated in New York under the guise of a bank employee, with orders from the SVR (Foreign Intelligence Service) to infiltrate U.S. academic and tech circles. His true mission was to obtain next-generation quantum encryption and computing research tied to U.S. intelligence agencies. Along with two Russian officials posing as diplomats, Buryakov attempted to cultivate insiders at universities and even solicited technical papers on cutting-edge encryption. The FBI, which had been surveilling the group, launched a sting operation – an undercover agent offered Buryakov fake quantum technology white papers – leading to his arrest in 2015. The case (made public by 2018) highlighted Moscow’s use of human spies to steal quantum secrets, and it foreshadowed the intensified Russian focus on U.S. quantum R&D efforts.
2018–2021 – Russian Cyber Attacks on Quantum Research
Throughout the last ten years, Russian state-backed hacking units increasingly targeted Western quantum programs via cyber-espionage. Intelligence reports (later declassified in part) noted that Russian hackers had breached or probed U.S. university networks to steal classified quantum encryption research. Institutions such as the University of Maryland’s Joint Quantum Institute and the Chicago Quantum Exchange were flagged by U.S. agencies as “high-risk targets” after detecting intrusion attempts linked to Russian actors. These operations sought to pilfer quantum algorithms and sensitive data before security upgrades (like post-quantum cryptography) could lock them down. Although specific incidents remained largely classified, the pattern became clear: Russian cyber operatives were “digging for ways to access” advanced quantum research.
2022-2025 – Procurement Fronts
Recent U.S. indictments have exposed Russian “procurement front” networks that illicitly acquired advanced Western technologies for Moscow’s intelligence and military agencies. One 2022 case targeted Serniya Engineering and Sertal LLC, a Moscow-based shell-company network that smuggled highly regulated electronics and sophisticated testing equipment (including quantum-computing components) to Russian state end-users. According to the indictment, the Serniya/Sertal operation was directed by Russian intelligence and obtained dual-use tech for clients like Russia’s Ministry of Defense, the SVR (Foreign Intelligence Service), and components of the FSB. In a related 2023 complaint, Greek businessman Nikolaos “Nikos” Bogonikolos, ostensibly a NATO-linked defense contractor, was accused of helping the same network acquire prototype quantum cryptography hardware and other sensitive military tech on behalf of Russian intelligence, under cover of his company’s NATO-country contracts. Another co-conspirator, Vadim Konoshchenok (a suspected FSB officer), was arrested in Estonia and extradited to the U.S.; court filings allege this network sought to procure export-controlled electronics usable in nuclear, hypersonic and quantum‑computing applications to bolster Russia’s war-fighting capabilities.
2010-2025 – Deep‑Cover Academics
Russian spy agencies have also deployed “illegals”, deep-cover operatives posing as ordinary civilians, to infiltrate academic and research institutions in the West. One example is GRU officer Mikhail Mikushin, who lived for years under the alias José Assis Giammaria. Posing as a Brazilian student, he earned degrees in Canada and eventually secured a research position at the University of Tromsø (Norway’s Arctic University) before being unmasked and arrested in 2022 on espionage charges. Another GRU operative, Sergey Cherkasov, similarly built a false Brazilian identity (Victor Muller Ferreira) and obtained an impressive academic résumé – including a political science degree from Trinity College Dublin and a master’s from Johns Hopkins University – to blend into Western academia. In 2022, Cherkasov attempted to leverage this cover to intern at the International Criminal Court in The Hague, but Dutch security services identified him as a spy and deported him; he was later imprisoned in Brazil for fraud related to his fake identity.
Ongoing
Officials have reported other attempts by Russian agents to pose as students or visiting scholars in order to enter U.S. and European quantum labs. For example, investigators have scrutinized unusual enrollments in quantum physics programs and suspicious approaches at tech conferences. In one known case, a Russian scientist with dual affiliations attempted to obtain proprietary quantum chip designs from a European startup (outcome kept private). While few of these incidents reach headlines, NATO counterintelligence officials acknowledge that Russia’s spy agencies aggressively scramble to reverse-engineer every shred of quantum research they can get, whether through open collaborations or covert theft. The implications are sobering: if Russian operatives succeed in siphoning off critical quantum encryption knowledge, they could undermine Western security (e.g. by cracking sensitive communications) long before such technologies are deployed. Thus, the “quantum espionage war” is recognized as already underway on a global scale.
United States – Deep-Tech Espionage and Manipulation
The United States is a special case. More strategic, more insidious, and likely more impactful than any other examples I listed. The U.S. approach to global deep-tech has been two-pronged: clandestine espionage to capture valuable information and beat out competitors, paired with calculated manipulation of laws, allies, and markets to entrench American tech supremacy. Through its intelligence apparatus and power, the U.S. has extracted foreign innovations and steered global tech markets to its advantage. The tactics and impacts so far have been so complex that I might have to leave this for a separate post.
Other Actors
2013-2017 – Iran
An Iranian state-sponsored hacking campaign (the Mabna Institute) targeted universities and companies worldwide, stealing 31 TB of research data including advanced science/tech information. Hackers linked to Iran’s Revolutionary Guard Corps spear-phished professors and staff to exfiltrate intellectual property – very likely encompassing quantum science and encryption research given the broad scope. Method: Cyber intrusions via compromised email credentials. Outcome: Massive IP theft benefiting Iran’s R&D; nine Iranian nationals were indicted in 2018 for economic espionage (they remain at large).
2024 – North Korea
North Korean operatives have been caught infiltrating tech firms under false identities. In one case, a U.S. cybersecurity company (KnowBe4) unwittingly hired a North Korean agent who faked credentials and even AI-generated profile images. Once employed, he attempted to install malware on the company’s network – an insider threat tactic to steal sensitive data. This ploy was part of a broader DPRK scheme of placing “remote IT workers” in Western companies to commit IP theft and espionage. Method: Deceptive recruitment (fake LinkedIn/WhatsApp job offers) and insider malware deployment. Outcome: The insider’s activities were detected and stopped by the firm’s security team, exposing Pyongyang’s novel approach to obtain cutting-edge tech (potentially including quantum algorithms or software) for its strategic programs.
2021 – Iran–North Korea via Singapore/Japan (2021)
A procurement network based in Singapore and Japan (Singapore affiliate of Chinese Corad Technology) was sanctioned by the U.S. for covertly acquiring and exporting quantum-related technologies to adversaries. The firm acted as a front company to funnel Western tech (including quantum computing components) to Iran’s military, North Korean fronts, and Chinese defense entities. Method: Use of overseas shell companies to illegally purchase U.S.-origin quantum cryptography and computing hardware, evading export controls. Outcome: In 2021, the U.S. Commerce Department added Corad’s offices in Singapore and Tokyo to the Entity List for aiding Iran’s space/missile programs and North Korea, effectively shutting down its tech transfers. This bust highlighted how even third-country firms facilitate quantum tech espionage for sanctioned states.
2008 – France–Iran
A French company, Cryostar SAS, illicitly supplied ultra-cold technology to Iran in violation of export laws. Cryostar pleaded guilty to conspiring to export cryogenic submersible pumps to Iran without a license. Such pumps, which achieve extremely low temperatures, have dual-use applications – from rocket launch systems to superconducting quantum equipment. Method: Front-door export violations (falsified end-users) to skirt embargoes on high-tech machinery. Outcome: The firm was criminally sentenced in U.S. court. This case underscored how Iran’s procurement networks sought quantum-capable hardware (e.g. cryogenics critical for quantum labs) via willing suppliers outside Russia/China.
2023 – Malaysia and Japan in Australia
Australia’s security chiefs warned that its nascent quantum industry is already a target for foreign espionage, not only by traditional adversaries but even by some neighboring states. In recent espionage scandals, operatives from countries like Malaysia and Japan were implicated, suggesting a wide net of interest in Australia’s quantum computing and encryption breakthroughs. Method: Likely a mix of human recruiting and cyber intrusions – e.g. spies cultivating researchers via LinkedIn or conferences, and hacking attempts against quantum R&D centers. Outcome: Ongoing investigations and tighter counter-intelligence around quantum labs. Australian officials have publicly stressed that “bleeding-edge” quantum secrets are under active foreign pursuit, prompting strengthened security vetting and alliance cooperation to protect this sector.
China, Russia, and Iran may grab the headlines, but they are hardly the only actors in the quantum‑espionage arena. Numerous other intelligence services, as well as some multinational corporations, run their own intelligence‑collection programs. During my counter‑intelligence years, even close allies such as Japan, France, the United States, the United Kingdom, and others maintained vigorous efforts to acquire strategic technology abroad. The landscape has only probably broadened since then.
Each incident shows that the espionage around quantum tech is global. From cyber-hacks and insider moles to illicit export networks and influence operations, a range of nations have been tied to efforts to steal or unlawfully obtain quantum computing know-how, encryption devices, and sensitive quantum hardware. The outcomes range from successful IP theft and illegal tech transfers to arrests, sanctions, and heightened security measures once such schemes come to light.
Espionage Tactics Targeting Quantum Researchers
To the untrained eye, espionage against scientists can be nearly invisible – it blends into everyday academic or business activity. But certain red flags and tactics surface again and again. Below is a consolidated list of common espionage methods (many from my own firsthand cases) used to target quantum tech researchers and organizations:
Unvetted “Visitors” or Posing Researchers
A friendly international delegation or a visiting scholar arrives at your lab. Eager to collaborate, they ask detailed questions and wander freely. In one startup, a “visiting researcher” from an overseas quantum hub spent days inspecting a lab’s equipment and peppering the team with technical queries. Only later did the lab suspect he was surreptitiously gathering intel when they realized that they can’t find any papers written by the visitor or any public information about him.
The open, collegial culture of science can become an open door for spies. Always verify who’s coming in – a stranger with a smile and a CV can mask a foreign agent on a scouting mission. Do your due diligence on anyone who you give access to your lab.
Unauthorized Devices & Tech Implants
Beware of “gifts” or gadgets that mysteriously appear in your workspace. We once found multiple USBs branded with the lab’s own logo, appear in multiple publicly accessible places in and around the lab. I also once caught a “visiting entrepreneur” trying to plug a USB stick into a quantum lab computer when he thought no one was looking. Spies will attempt to inject malware or copy data in seconds if given the chance.
Likewise, be alert for objects left behind after meetings – a forgotten pen or USB drive could house a tiny recorder or beacon. In one facility tour, a delegate “forgot” a smartphone in a conference room; it was found recording audio. We’ve even encountered covert devices like hidden cameras planted in labs to film proprietary equipment, and have detected nano-drones around sensitive areas in a large semiconductor foundry. Tiny drones and bugging devices make covert surveillance easier than ever, so treat any unexplained gadget as suspicious and consider doing regular TSCM (bug sweeps) of sensitive areas and internal meeting rooms. And separate internal meeting rooms from those where you meet external people.
Pretext Invitations and Travel Traps
An invitation arrives for an all-expenses-paid trip – perhaps to speak at a conference, attend a “collaboration workshop,” or visit a cutting-edge lab abroad. Flattering, right? But exercise caution: adversaries often use conferences or tours as bait. Their goal might be to get you on their turf, where they have home-field advantage. For instance, upon traveling to certain countries, researchers have had their laptops or phones seized at the border for ‘inspection’ and quietly cloned (all data copied) or malware implanted. I’ve seen cases where nothing was stolen out of scientist’s hotel room except the devices – a sign it was no random thief, but a targeted operation.
Once you’re there, the hospitality can hide other traps: your hotel room might be bugged, your phone calls monitored (some nations legally intercept all foreign communications), and friendly “escorts” may hover around to probe for information. Even the conference Q&A session can be an intelligence-gathering exercise.
By all means, embrace legitimate travel and collaboration opportunities, just go in with your eyes open. If a trip comes out of the blue from an entity you barely know, ask why they’re so eager to host you.
Suspicious Collaboration or Funding Offers
Quantum professors and startups frequently get unsolicited emails like “We admire your work and would love to collaborate” or “Our investment fund sees huge potential in your technology.” On the surface, these feel great – who doesn’t want a new collaborator or interested investor? But bad actors exploit this eagerness. An academic “collaborator” from overseas might start veering off-topic, subtly digging for proprietary details beyond the agreed scope. A supposed investor might push for deep technical disclosures during due diligence, or insist on touring your facility’s every corner. An investment due diligence could really be an IP harvesting mission. One red flag is when questions begin zeroing in on exact “how does it work” technical or process info that you wouldn’t normally share so early. Another red flag is lavish offers with vague background – e.g. a fund with no track record offering above-market money.
Do some homework: verify who these people really are and be mindful of what you share. Sometimes, the best response to an unsolicited offer is “No, thanks.”
Assertive Summons by Powerful Agencies
Here’s a chilling scenario that really happened: A quantum scientist (a foreign national living abroad) received a no-explanation “invitation”, that was more like a demand, to immediately report to the embassy of a powerful country (not even his own homeland). Once he showed up, confused, he ended up in an interrogation-room setting together with intelligence officers and a fairly famous scientist from this powerful country. Interrogators, claiming that the quantum scientist’s recent research infringed on powerful country’s secret research (a pretext), accused him of espionage and insisted on the scientist divulging every detail of their research. Seasoned counter-intel folks know this tactic. It’s an attempt to get a scientist alone under the watch of intelligence officials who will apply intimidation and pressure to cooperate. In that meeting, they might use other tactics as well, such as hint at your visa status for their county, or subtly intimidate you by showing they know many details about your family back home, or talk about your career prospects to strong-arm you into assisting them.
Some countries even have laws that can compel citizens (and sometimes foreigners) to assist in intelligence work if asked – effectively legalizing this coercion. For example, China’s National Intelligence Law (2017) requires Chinese citizens and organizations to “support, assist, and cooperate” with state intel efforts if requested. But it’s not only China; any major power might flex its influence in such a way.
The key point: if you ever get an unorthodox “request” to meet officials (especially in a non-neutral setting like an embassy) with no clear reason, treat it as suspect. You have every right to consult your employer and your own authorities before ever complying. I’ve seen young scientists feel they “had no choice” – exactly what the coercers want them to think. You do have a choice: get help and don’t go in blind.
Phishing, Cyber Attacks & Device Thefts
Not all espionage involves face-to-face deception; much of it is digital and stealthy. State-sponsored hacker groups (and savvy competitors) are constantly trying to breach networks of quantum labs and companies. A common entry is spear phishing – highly tailored scam emails that look legitimate. Imagine getting an email that appears to be from a colleague, referencing a recent quantum computing paper, with a PDF attachment labeled “QubitResults.pdf.” If you click it, you’ve installed malware. I know quantum researchers who’ve received emails impersonating journal editors, conference organizers, even FedEx delivery notices – all with malicious links or files. Once inside your system, hackers quietly exfiltrate data. Small startups and academic labs are juicy targets because they often lack enterprise-grade cyber defenses.
Another threat comes when traveling: if you present groundbreaking results at a conference, an adversary might attempt to steal your laptop or phone while you’re there. In one case, a researcher’s laptop vanished from his hotel during a major quantum tech expo – nothing else was taken, just the laptop full of research data. The likely culprits? Agents aiming to clone the drive and return it, or just keep the device for intel. (It never reappeared.) These digital attacks are often silent – you often won’t know you’ve been hacked or copied. By the time a breach is discovered (if ever), months of sensitive emails or design files may have leaked. When data is stolen, it’s not like a physical theft you notice; the victim may never realize something was copied. Don’t make the mistake of thinking “I’m just a scientist, who would hack me?” – the answer is plenty of people, if you’re working on something valuable.
Honey Traps and Kompromat
Classic espionage “honey traps” from the movies are very much alive today. This is where an attractive or charming person initiates a personal or romantic relationship to lower a target’s guard. The target might be lured into sharing secrets during pillow talk, or even set up in a compromising situation (e.g. sexual, financial) that’s recorded for blackmail (kompromat) later. One real example: a postdoc at a conference was befriended by an unexpectedly flirtatious woman at the hotel bar. She seemed extremely interested in his quantum research, far beyond casual small talk. Sensing something was off, a colleague intervened before he overshared. But not everyone is so lucky – many smart people have been ensnared by flattery and allure. Don’t assume intelligence equals immunity to manipulation. In fact, spies often target scientists’ egos: “Your work is so amazing, I’m dying to understand it!” can make even a guarded person start bragging. Chinese and Russian intelligence services, among others, are notorious for using honey traps and blackmail operations. They know it works.
Also beware of less obvious social exploitation: the overly helpful new “friend” or the charismatic fan who hangs on your every word. They might be aiming to build trust only to exploit it. Remember, anything you do in private could potentially be recorded. Some spies will try to compromise you (with drugs, sex, etc.) and then use the evidence to coerce cooperation. It’s a nasty game. The best defense is to avoid putting yourself in situations that could spiral – and keep your work topics out of casual personal chat with strangers.
Insider Recruitment, Bribery and Blackmail
Not all threats come from outside your organization; some develop inside. An adversary might attempt to recruit an insider on your team. This could be a colleague who has family back in an adversary’s country, or someone struggling financially, or even someone with a hidden grievance. I’ve seen cases where foreign students and employees were approached by their home country’s agents and pressured to “share a little information – nothing too important – for the motherland.” Some were offered money (bribes) or lucrative future jobs for copying data. Others were subtly threatened – “It’d be a shame if your family back home ran into trouble.” One FBI report described a plot where a Chinese spy tried to extort a Chinese PhD student into stealing quantum research from his American university, by implying harm to his family if he refused. This hostage-like coercion is thankfully rare, but it does happen. More common is the appeal to ideology or patriotism (“Help our country prosper!”) or plain appeals to ego (“You’d be a hero back home with your knowledge”). Kompromat can play a role too: if an insider has a secret (an affair, a debt, an addiction), spies might exploit that to ensure cooperation.
The insider threat comes in many flavors – from willing traitors to unwitting dupes to reluctant informants. Regardless of motive, an insider has the advantage of authorized access to systems and labs, making them incredibly dangerous. Companies and labs need to be alert to signs like an employee accessing data unrelated to their project, or one who suddenly begins living beyond their means (possible payoff), or who shows undue curiosity about things outside their remit. Insiders can be cultivated slowly over time. An innocuous request (“Could you just run this calculation for me? My computer’s down.”) can snowball into regular data leaks. Spies will often test a potential insider with small asks, then reel them in deeper. It’s vital to foster a workplace culture where employees feel safe reporting any suspicious approaches or moral conflicts – catching a recruitment attempt early can prevent disaster.
Planted Moles and False Interns
A bolder approach adversaries take is placing their own operative inside a target organization. This might be a “mole” who applies for a job or a PhD position under a false or exaggerated identity. They’ll come with stellar credentials (sometimes actually earned, sometimes fabricated) and a convincing backstory. Their aim is to gain long-term insider access. Intelligence agencies have been doing this for ages – during the Cold War, the KGB famously planted moles inside Western institutions for years. Today, a “mole” in a quantum lab could be an agent of a nation-state or even an operative hired by a competitor company. They might not steal anything immediately; instead, they blend in, build trust, and identify the crown jewels over months. Then, when the time is right, they exfiltrate data or install backdoors.
A real-world case involved a Russian spy ring in the U.S. known as the “Illegals” – they lived under deep cover as ordinary professionals for years. One was even working at a tech startup. While that case wasn’t about quantum, it shows the lengths some services will go. In the corporate realm, there have been instances of rival companies hiring away engineers solely to obtain their previous employer’s secrets (one case resulted in charges of a Chinese firm stealing microchip designs this way).
How do you guard against moles? Rigorous hiring vetting helps (check references and backgrounds thoroughly), but it’s tough – a well-trained operative will have a solid cover story. Thus, also rely on internal security: the mole might eventually slip up by asking for data outside their project, or violating security protocols. Encourage teams to follow “need-to-know” principles and not overshare sensitive info with every friendly coworker. It’s not about paranoia; it’s about prudent compartmentalization.
Open-Source Intelligence (OSINT) and Social Media Mining
Spies don’t always need to break in to learn about you – you might be giving away clues for free. Public sources can reveal a trove of intelligence. Adversaries routinely scrape social media, research papers, conference abstracts, patent filings, even lab job postings to map out who’s doing what. For example, a LinkedIn update from a grad student – “Excited to be working on a 1000-qubit prototype!” – is pure gold to a competitor or foreign agent. I’ve seen cases where a seemingly mundane Facebook post (“Heading to <City> for a project meeting!”) tipped off an interested party to track that person’s travel. Job listings can divulge sensitive directions (“seeking engineer with experience in cryogenic ion traps for aerospace applications” – hmm, working on quantum inertial navigation perhaps?). Even your institution’s newsletters might brag about “Project X’s recent breakthrough” without realizing adversaries are reading them too. Beyond online info, consider real-world OSINT like conference talks – a spy could attend your talk and note every comment you make during Q&A, or chat you up after for more tidbits (a form of elicitation). And yes, even your trash can be treasure – so-called dumpster diving is a very real tactic. Discarded lab notes, prototype parts, or “broken” devices thrown out might be retrieved by someone digging through your garbage. (In one anecdote, a competitor reputedly pieced together shredded documents from a tech company’s dumpster to get product formulas.) Similarly, e-waste like old hard drives or USBs tossed without proper wiping have yielded sensitive files in the past.
All these “open” sources help spies build a detailed picture of your work and vulnerabilities without ever hacking or meeting you. Combining bits of information from multiple open sources can build a surprisingly accurate picture of your research, even if each individual piece of information released seemed completely risk-free. It’s a reminder to think before you share. Does your entire follower list need to know the precise day your team is testing a new quantum chip? Probably not. And invest in a good shredder or data destruction protocol.
Physical Surveillance and Eavesdropping
High-value scientists can become targets of old-fashioned surveillance too. If a nation-state is truly interested, they might assign agents to physically follow and observe you. This could mean someone tailing you on your commute, or sitting near your regular café table to overhear conversations. Offices, labs, and even homes have been bugged with listening devices to pick up sensitive discussions. One team during a TCSM discovered hidden microphones in cubicle panels. It appears that during a recent outfit of the new lab, adversaries somehow managed to intercept the delivery of office furniture and inserted their bugs without ever stepping into the target’s office. If you think that bugging happens just in movies, consider that there is reliable customs data showing that 100,000 surveillance bugs are imported annually into Australia from China. With the sales of bugs from other countries, as well as homemade ones, some estimates claim that there are half a million operational surveillance bugs in Australia at any time. In a country of ~25M people.
Likewise, be mindful of where you discuss work when outside the lab. Spies have been known to reserve adjacent tables in restaurants when a group of engineers or scientists regularly dines there, simply to eavesdrop. High-end attackers might deploy remote eavesdropping tech: laser mics that capture conversations through window vibrations, or directional antennas to intercept your facility’s Wi-Fi from a van parked down the street. We’re essentially in the realm of spy movies here, but with modern tech it’s surprisingly doable. And while it’s unlikely you’ll be chased down dark alleys by agents, you might very well have your voicemail intercepted or your office phone tapped if you’re working on something truly strategic. One form of “lawful interception” occurs when traveling: certain countries legally record all phone calls and internet traffic by foreign visitors and sift them for keywords. So that phone call you make back to the lab from abroad might not be private.
The bottom line: sophisticated adversaries will use any channel available, digital, human, or physical, to get the edge. Most quantum researchers won’t face all these tactics, but facing some is increasingly common.
Why Quantum Tech Draws Spies Like Flies
Why would spies be so interested in quantum research in the first place? For a broader context, see my previous post “Physics at the Heart of the New Cold War.” But, simply put, quantum technology is strategically priceless. Few fields (perhaps aside from nuclear or aerospace tech) hold such disruptive potential. A mature quantum computer could one day perform calculations in minutes that would take today’s fastest classical supercomputers billions of years. The implications are staggering. For national security, a quantum computer that can break public-key encryption (the kind that secures everything from online banking to military comms) is like a Pandora’s box. Whoever opens it first could eavesdrop on the world’s secrets. Intelligence agencies are keenly aware of this, which is why the NSA and others have classified programs devoted to post-quantum cryptography. In fact, hostile actors aren’t waiting for a full quantum decryption breakthrough – experts believe they’re already stockpiling encrypted data now, anticipating they can decrypt it later when quantum advances. This “Store Now, Decrypt Later” strategy means even if your research seems theoretical today, if it relates to encryption or sensitive data, adversaries may grab it just in case it’s useful in the future.
Beyond code-breaking, quantum tech promises breakthroughs in sensors, materials, AI optimization, pharmaceuticals, you name it. The first to achieve certain quantum milestones could dominate industries or military domains for decades. It’s no wonder that multiple nations have declared quantum information science a strategic priority and are pouring billions into it. But pouring money is only one approach – stealing leapfrog secrets is faster. If a rival can’t keep up in the lab, they can try to lift your results and claim the prize without the fundamental R&D cost. It has happened before in other domains (from jet engines to bioengineering, stolen IP has repeatedly leveled playing fields). Quantum is just the latest arena for this high-stakes shadow competition.
Consider a proprietary quantum algorithm that dramatically improves, say, supply chain optimization or drug molecule simulation. That algorithm could be worth billions to the company that owns it (think Google or Alibaba developing a proprietary quantum advantage). Such innovations will be “invaluable, shrouded in secrecy, and fiercely guarded” – and thus prized targets for corporate and state espionage. As a 2025 cybersecurity report put it, those proprietary quantum algorithms will become prized corporate assets and, inevitably, prized targets, because in the hands of a competitor or hostile nation, they could tilt economic and political power balances overnight. We’re essentially looking at an emerging arms race for information dominance.
The players in this race include national intelligence agencies and multinational corporations. Don’t think it’s just the usual suspects like China and Russia. I don’t quite know the global situation today, but at my time even countries like Japan, France, US, UK all had very active national economic espionage gathering programs. China, in particular, has been extremely aggressive in economic and tech espionage. The head of MI5 noted in 2023 that Chinese spying is happening at “real scale,” with 20,000 clandestine approaches on LinkedIn alone and thousands of British organizations targeted – especially in fields like quantum computing where China seeks an edge. He warned that China and others are not focusing just on defense contractors anymore, but “promising startups, academic research, and people who don’t think national security is about them”. The FBI Director has echoed this, calling the Chinese government “the number one threat to innovation,” citing that his agency runs 2,000+ counterintelligence investigations related to China and opens a new one every 12 hours. About 80% of all economic espionage cases the U.S. Justice Department prosecutes involve activity that would benefit China – though Russia, Iran, North Korea and others certainly engage as well in stealing tech secrets. Corporate competitors also play dirty: if Company A thinks Company B is about to beat them to a quantum breakthrough, A might quietly hire a contractor or hacker to see what B is up to. It’s industrial espionage 101.
All of this paints a big red target on the backs of those who innovate in quantum technology. Your hard-won research results, design architectures, fabrication techniques, and algorithms are viewed as crown jewels to be acquired by any means. The cost to develop them is high, but the cost to copy them (if someone else already did the work) is much lower. Unfortunately, that dynamic incentivizes theft. One study estimated that theft of intellectual property (from trade secrets to technical data) costs the U.S. economy up to $600 billion annually. Quantum-related IP will soon occupy a notable slice of that pie if we’re not careful. We’ve already seen state actors try to invest in or purchase quantum tech companies through cut-outs to gain access to their IP, as well as incidents of research data being stolen from top universities.
The takeaway for quantum scientists and engineers is this: your work is strategic, even if it’s early-stage or niche. Adversaries may target it for what it could become or enable in the future. That means you have to adopt a bit of a security mindset even as you push the frontiers of science. In practical terms, protecting your science is now part of doing your science. This doesn’t mean descending into paranoia or abandoning the open collaborative spirit of research. It does mean taking sensible precautions and staying alert.
Common-Sense Defenses: How to Outsmart the Spies
By now, the threat should be on your radar. The good news is, you don’t need to live in fear or turn your lab into a fortress. A few pragmatic practices can significantly reduce your risk and thwart most espionage attempts. Or at least make spies’ job a whole lot harder.
Cultivate Healthy Skepticism
Be open to new people and ideas, but maintain a hint of skepticism with any unsolicited approach. Not everyone who shows interest in your work is a benign actor. If a conversation or message starts probing into sensitive areas, pause and ask yourself why this person needs to know. It’s okay to politely deflect detailed questions: “That’s actually proprietary, I’m afraid I can’t discuss those specifics.” Genuine colleagues will understand such boundaries; spies will often push or use manipulation like “We’re all friends here, you can trust me.” Trust your gut – if something feels off or too good to be true (the overly eager collaborator, the unusually flattering recruiter), step back. It’s far better to be slightly guarded than to regret an overshare. Oversharing is the lifeblood of espionage. You can be friendly and collegial without giving away the crown jewels of your research.
Guard Your Research and Data
Practice basic OPSEC (operational security) for your projects. Limit the sharing of unpublished results or designs to people who truly need access. For sensitive discussions, use secure communication channels – assume regular email or messaging could be monitored. If exchanging important files, consider encryption or at least a secure file transfer service rather than open email attachments. Be mindful of what you post publicly: discussing your field in general is fine, but avoid posting specifics like “Our lab finally achieved <XYZ> performance today!” on social media or forums. (That’s exactly the kind of nugget that attracts unwanted attention.) When submitting papers or grant proposals, remember that foreign intelligence entities often scrape public databases – so, for instance, don’t include extra technical appendices in a public arXiv submission that you wouldn’t want widely seen. Also, sanitize metadata on documents you do share; a simple PDF property or Git commit history can leak info like software used or internal project names. In short, treat critical data with the same care you’d treat a valuable physical asset: lock it up, keep copies only where necessary, and share sparingly. You can always reveal more later, but you can’t undo a leak that’s already happened.
Cyber Hygiene Matters
Many spying attempts can be defeated by basic cybersecurity hygiene. Use strong, unique passwords (or a reputable password manager) and enable two-factor authentication on all accounts (email, cloud drives, Git repos, etc.). Keep your devices and software updated to patch known vulnerabilities. Be very wary of unsolicited emails – especially those urging you to click a link or open an attachment. Spear phishing emails can look extremely convincing (they might even reference real conferences or recent news in your field). So double-check sender addresses and context. If you get an email from a colleague that seems slightly off (odd phrasing, unexpected attachment), verify through another channel. Never plug in random USB drives or devices you find or are given at events; use only trusted media. It sounds obvious, but remember: the majority of successful breaches start with someone clicking or plugging something they shouldn’t. If your lab has an IT department, heed their security policies – they’re not there to annoy you, but to protect your work. Use the VPN if they provide one for remote access. Don’t disable protections because they are slowing your simulation down – work with your IT. These small inconveniences pale in comparison to the nightmare of a compromised network. Think of cyber hygiene like lab safety protocols: routine and maybe boring, but crucial to prevent disasters.
Secure Your Physical Workspace
Just as you wouldn’t leave dangerous chemicals unattended, don’t leave your sensitive information easily accessible. Control access to your lab and office. Politely enforce sign-ins for visitors and verify identities – if someone shows up saying “I’m a repair technician” or “I’m here to visit Dr. X” and you weren’t informed, check before letting them roam. For tours or guest visits, pre-plan what areas or equipment are off-limits or covered up. (It’s perfectly acceptable to curtly guide a tour away from that whiteboard with your secret formula on it.) Consider simple measures like privacy screens on monitors, locking your screen when you step away, and locking file cabinets or lab doors after hours. If you find an unfamiliar device attached to a computer or network port, report it – it could be a rogue plug-in like a keylogger or a Raspberry Pi sniffer. Likewise, beware of the “evil maid” scenario: don’t leave laptops or unlocked documents out overnight in places where cleaning or maintenance staff (or others) can access. A bit of tidiness helps security. If you’re handing out USB sticks at a conference booth or receiving any as swag, have IT scan them before use (or better yet, avoid using them – cloud transfers are safer). For ultra-sensitive projects, some labs even forbid personal electronic devices inside certain rooms to prevent covert recording – consider if any of your work merits a similar precaution. The goal isn’t to turn your lab into a paranoid bunker; it’s to raise the bar so that casual espionage attempts fail. Make spies work for it, such that they might move on to easier targets.
Travel Vigilantly
When you travel abroad (especially to countries known for espionage activity), operate under the assumption that your devices and communications will be targeted. If your organization can supply a loaner laptop/phone for travel, use it – that way you’re carrying minimal data and no saved passwords. If not, before travel, remove any sensitive files from your devices (you can always download them securely if needed while abroad, then wipe again after). Use full-disk encryption and power-off devices when going through customs (some spyware can activate while your device is on). Avoid public USB charging stations (they can be modified to extract data, a.k.a. “juice jacking”). And never leave devices unattended – not in hotel rooms, conference cloakrooms, nowhere. If you must leave a laptop in your hotel, use the room safe – though even those aren’t foolproof if someone has inside access. Consider that your hotel room could be under surveillance – it’s not common for academics, but high-profile corporate or government researchers have found hidden cameras in hotel lamps, etc. So don’t have sensitive phone calls or private meetings in your hotel room if you can avoid it. Use a VPN for all internet access (some countries block certain VPNs; find one that works or use your institution’s). And be cautious about free Wi-Fi – a rogue access point could be set up to snoop on you, so at least avoid doing sensitive logins on unknown networks without a VPN. When talking shop in public (airports, taxis, bars), remember that anyone listening might understand your language or jargon more than you think. One trick: if you need to debrief with colleagues while traveling, consider doing it in an open outdoor area rather than indoors, as it’s a bit harder to bug an open space. The key is to be mindful: you’re in a different threat environment when abroad. That doesn’t mean cancel the trip – just go prepared, like an experienced adventurer in the wild.
Learn to Spot Elicitation
Elicitation is the subtle art of extracting information through casual conversation, and it’s one of the spy’s favorite tools. The reason it works is people love to talk about what they know, especially if prompted in the right way. Training to resist elicitation has been around for decades (in fact, one of my public slide decks from 1998, originally an extract from a course I taught nearly 30 years ago, outlines how social engineers use conversational tricks to gather info). So what kind of tricks should you watch for? Flattery is a big one – “You’re the expert on quantum error correction; I’m just a layman, I bet no one else could simplify it for me like you can…” This ego stroke might lead you to overshare in “dumbing it down.” Naïveté is another: “I’m not a tech person at all, what does a qubit even do?” – feigning ignorance to get you to go into teacher mode. Quid pro quo: the person shares a little secret or gossip with the expectation you’ll reciprocate with your own juicy info. Complaints: a savvy elicitor might gripe about a problem hoping you chime in, e.g. “Our lab’s cryostat has been acting up; these things never reach the temps advertised.” If you respond, “Tell me about it, our new model XYZ cryostat is also only hitting 8 mK, we had to tweak the shielding…” – you just gave away useful info. Bracketing is a crafty one: they’ll throw out an intentionally wrong guess – “So your prototype must cost, what, $5 million?” – you reflexively correct, “Oh no, not that much, more like $2 million.” And they got the real number without directly asking. There are many such techniques – the common factor is they don’t feel like interrogations. It just feels like chatting. To defend, you don’t have to be stone-faced; just stay aware of what you’re divulging and to whom. If you notice someone frequently steering conversations toward your work’s details, that’s a red flag. It’s perfectly fine to politely dodge: “Haha, oh it’s complicated – say, how’s your project going?” and pivot the topic, or give a very high-level answer that sounds like you answered but reveals little. Also, value the power of silence – if you feel someone is fishing, you can smile and not take the bait. They might change subject if they sense you’re not biting. It can even be turned into a bit of a game once you’re wise to it – you’ll start recognizing these tactics and it actually becomes satisfying not giving spies what they want on a silver platter.
Stay Unpredictable
Spies and other snoops thrive on predictability. If they can anticipate your routine, it’s much easier for them to eavesdrop or intercept you at the perfect moment. You don’t have to live in paranoia – just inject a little randomness into your daily life. For instance, if a restaurant hostess leads you to a table or a hotel assigns you a room, politely ask for a different one on a whim. It’s a small inconvenience for you, but imagine the spy’s frustration if they had bugged your usual or your assigned spot only to find you’re not there. Likewise, vary your commute or work schedule occasionally, or take a different path through campus. Within reason, avoiding a rigid routine makes it exceedingly difficult for someone to gather information on you. The idea is to deny adversaries the luxury of knowing your habits. As security experts often train diplomats and executives: even minor route changes or schedule shifts force watchers to scramble. Besides the security benefit, there’s a psychological bonus – it can be almost fun picturing any would-be spy throwing up their hands when you don’t behave predictably. You’re not being paranoid; you’re keeping them on their toes.
Be Wary of Unsolicited Gifts and Favors
Another seemingly friendly but common espionage tactic is offering gifts, perks or “free” help that comes with hidden strings. As a researcher, you might encounter the generous investor who suddenly offers to fly you to a luxury conference, or a new acquaintance who insists you accept a “souvenir” gadget. Sure, it’s flattering, but pause and scrutinize. Why the generosity? Intelligence agencies have literally used trick gifts to spy on targets. (Even China’s own counter-espionage agency warned that scholars are prime targets for “surveillance-equipped gifts” – ordinary items like keychains or USB trinkets modified to hide cameras or trackers.) So, beware of strangers bearing gifts. That cute conference swag or “free” device could be a Trojan horse. Likewise, if someone you barely know is unusually eager to do you favors, like offering expensive dinners or easy money for “consulting”, consider what they might want in return. It’s perfectly fine to accept hospitality from legitimate colleagues, but if your gut nags that a gift or favor is too lavish or random, thank them and politely decline. Remember, in the world of espionage there’s no free lunch. Staying a bit guarded with unsolicited generosity will frustrate those trying to buy or charm their way into your research.
Mind Your Public Footprint
Spies don’t always need fancy gadgets or secret meetings – often you’ll tell on yourself without realizing it. In the digital age, a huge amount of targeting is done through open-source intelligence (OSINT). That means your social media, personal blog, conference bios, even casual conversations at events are all rich pickings. To outsmart them, be mindful of what you broadcast to the world. For example, think twice before posting real-time updates about your travel plans or new project milestones. (Sharing a photo after you’ve returned from that big conference is much safer than live-tweeting your location every day you’re there.) Official guidelines put it simply: “Think before you post” and limit personal details like whereabouts or identifiable info online. Also consider turning off geotagging on photos and avoiding reveal-all “About me” pages. The less an adversary can learn about your habits, contacts, and schedule from Google or social networks, the harder their job becomes. This applies offline too, be mindful of chats in public spaces where outsiders might overhear sensitive info. You need not go into hiding, just practice a bit of discretion. By shrinking your public footprint, you force any spy to actually work for each scrap of information, rather than finding it served on a platter. In the end, a little privacy and prudence in what you share will keep them guessing and your work safer.
Fortify Your Institution’s Policies
If you lead or influence a lab, startup, or department, push for some baseline security policies. They need not be draconian, even simple steps make a difference. For example, implement a rule that visitors must be escorted before entering research areas. Establish an approval process for any international collaborations or material transfers (so there’s at least a second set of eyes evaluating unusual requests). Make sure your IT team has a robust backup system and an incident response plan for cyber attacks – if something is breached, how quickly can you isolate and recover? Conduct occasional security awareness training for staff and students. (Many brilliant PhDs have never been taught a single thing about espionage tactics – a one-hour briefing can open their eyes.) You don’t have to cover everything, but highlight key threats like phishing, social engineering, and the importance of reporting odd incidents. Encourage a culture where it’s okay to speak up: if a researcher says “It’s probably nothing, but this one guy I met at a conference has been emailing me weekly asking a lot of questions,” don’t dismiss it – reward that awareness. Some companies run internal phishing tests and give kudos to those who report suspicious emails. In academia, you might not have a security office like a corporation does, but you can still designate a point of contact for any team member to consult if they feel uneasy about something (perhaps a trusted senior professor or an IT manager). Another policy angle: screen your trash, seriously. If your lab is working on something sensitive, consider instituting a shred-all policy for paper and wiping/degaussing for electronics before disposal. It sounds paranoid, but as mentioned, dumpster diving is a thing; don’t make it easy. Lastly, when hiring, perform due diligence – verify degrees, talk to references in depth, and make sure that the references are who they say they are. A bit of extra effort at onboarding can weed out obvious red flags (like inconsistent stories or unexplained gaps in a CV) that might suggest a fake identity.
Plan for “What-If” Scenarios
Despite all precautions, things can still go wrong. It’s important to have a plan (at least in your own mind, if not formally) for various scenarios. Ask yourself: What would I do if I realized my data was stolen or leaked? For starters, don’t cover it up out of embarrassment or fear. Report it to your leadership or security office immediately; the faster experts can respond, the better.
What if you’re approached by someone asking you to spy for them, e.g., “Just pass me some inside info from your lab and I’ll make it worth your while”? The answer should be a firm “No” – and then you report that approach (to authorities, your org, or both). Intelligence agencies often test multiple people to see who bites; by saying no and reporting, you not only protect yourself, you help authorities track espionage activity.
What if you get that coercive summons from an embassy or a phone call from someone hinting at threats if you don’t cooperate? Your plan: do not go alone into any such situation. Notify your employer and your local authorities (in many countries, contacting the counter-intelligence or security service is the right move – they have protocols for helping people in these binds). You will not get in trouble for seeking help in such cases; on the contrary, governments want you to come forward if you’re being pressured by a foreign power.
Another scenario: you suspect a colleague might be leaking info (perhaps you notice them plugging in strange USBs or meeting off-campus with competitors). Tread carefully, but it’s worth discreetly raising it to a supervisor or security point person rather than ignoring it.
Have a plan for travel incidents too: e.g., if your laptop gets stolen abroad, who do you call? (Ideally, you have your IT/security team’s contacts and you carry only an empty or backed-up device, so you can purge any sensitive accounts remotely.)
Having these “pre-mortems” in mind will make you much more decisive and calm if something does occur. It’s like fire drills – you hope to never need them, but knowing what to do can be the difference between a close call and a catastrophe.
Finally, perhaps the most important defense is a mindset shift. Realize that protecting your work from espionage isn’t someone else’s job – it’s everyone’s job, including yours. If you’re in quantum tech, you are on the frontier of a new technological revolution. That puts you on the radar of powerful interests. Embrace that reality. It doesn’t mean you have to become a mistrustful hermit or see spies behind every lab bench. It means integrating security awareness into your normal routine, the same way labs integrated safety protocols over time. Decades ago, a chemist smoking in the lab and pipetting toxins by mouth was normal – today we’d be aghast because safety culture evolved. I suspect that in the coming years, security culture will similarly evolve in high-tech fields. Scientists will routinely get a bit of counter-espionage training along with ethics training. Sharing certain information will be recognized as unwise, much like not wearing goggles is unwise. We’re not quite there yet, but you can be ahead of the curve.
One can absolutely strike a balance between the open exchange that drives discovery and the safeguards that protect innovation. It’s not an all-or-nothing choice. As the FBI has advised, “Nurture a collaborative environment, but lock the doors to your secrets.” Continue collaborating and publishing and building international friendships – those are the lifeblood of science – and take commonsense steps to lock down what truly needs protecting. Think of it as “open science, closed secrets.” Share knowledge, discuss theory, but compartmentalize the sensitive details (the engineering specs, the source code, the exact experimental setups) until you’re sure it’s appropriate to share them.
