San Francisco, CA — A federal grand jury has unsealed a three‑count indictment charging two men with acting as unregistered agents of the People’s Republic of China (PRC), conspiring to recruit U.S. Navy personnel while funneling cash payments through clandestine communication systems and ordinary mobile phones.
Yuance Chen, 38, a legal permanent resident living in Happy Valley, Oregon, and Liren “Ryan” Lai, 39, who arrived in Houston from China in April on a tourist visa, are accused of working under the direction of officers from the PRC Ministry of State Security (MSS) from at least 2015 through June 2025.
Alleged Operations and Charges
| Alleged tradecraft | Key details from the indictment |
| CoVCom tools (short for “covert communications”) | Proprietary, real‑time communications devices supplied by the MSS for sensitive traffic. |
| Mobile‑phone links | Conspirators used regular cellphones to take surveillance photos, surreptitiously record meetings with potential recruits, and exfiltrate naval recruitment information from US recruitment centers. |
| Dead‑drops & cash | At least four drops, each with amounts of $10,000, $20,000, $30,000, and another $20,000, were left in lockers, cars, or parking garages from Livermore, CA, to Phoenix, AZ. |
| Targeting packages | Chen allegedly kept dossiers on a current Navy sailor and a retired service member at his Oregon home. |
| On‑the‑ground surveillance | Chen and his spouse filmed Navy recruiting offices, Naval Base Kitsap (WA), & the USS Abraham Lincoln during guided tours, forwarding the imagery to MSS handlers. |
Both Lai and Chen face charges for “Conspiracy to act as agents of a foreign government” (maximum five years) and “Acting as an unregistered foreign agent” under 18 U.S.C. § 951 (up to ten years per count).
Both face charges for activities between 2021 and 2025.
Bigger picture: An insider‑threat warning
The case highlights the evolving tactics of insider threats, in which hostile intelligence services blend custom, encrypted channels with ubiquitous consumer devices. By leveraging everyday smartphones, operatives minimize their operational footprint while exploiting personal connectivity within sensitive U.S. sectors.
Federal officials have repeatedly warned that mobile phones—because they are carried everywhere, constantly connected, and often lightly secured—remain one of the most fertile vectors for insider compromise. The indictment illustrates how fleeting text exchanges and innocuous photo‑sharing can translate into strategic intelligence losses when orchestrated through covert command‑and‑control systems.
What happens next
Initial appearances are expected in the Northern District of California later this week. Prosecutors have not said whether additional arrests are imminent, but the indictment references at least three unnamed MSS officers and multiple co‑conspirators still abroad. The FBI urges anyone with information on unexplained approaches by foreign intelligence services—particularly those involving covert messaging apps or unsolicited cash offers—to contact its Counterintelligence Division.
Why Bastille Matters Now: Closing the Mobile‑Insider Gap
Hostile intelligence services have learned that a single smartphone in the wrong place at the right time can exfiltrate more data than a briefcase full of documents. Lai and Chen allegedly exploited that reality by using off‑the‑shelf phones to:
- photograph restricted areas,
- record recruiting pitches, and
- push the material out through ordinary cellular channels.
Bastille’s Wireless Airspace Defense platform is purpose‑built to stop exactly this blend of covert tradecraft and consumer technology.
- Full‑spectrum RF visibility, indoors and out: Bastille’s distributed sensor arrays scan 100 MHz–7.125 GHz in real time, locating every cellular, Wi‑Fi, Bluetooth/BLE, and other signals within (and immediately outside) a facility. Whether a handset is hidden in a visitor’s pocket or transmitting from a parking garage, its transmissions appear on a live, 3‑D floor plan with 1-3 meter‑level precision.
- Anomaly detection that spots covert channels: The platform’s AI-powered Fusion Center provides high‑confidence anomaly alerting the moment an unauthorized device speaks or makes anomalous connections
- Policy enforcement for no‑phone and classified areas: Bastille continuously enforces wireless device restrictions mandated by DoD, DOS, FedRAMP, and NIST 800‑53 controls for federal information systems. Security teams receive instant SIEM-integrated alerting when a phone crosses into unauthorized areas, long before exfiltrated photos or audio can reach a foreign handler.
