The Ministry of State Security (MSS; 国家安全部, Guojia Anquan Bu) is the principal civilian intelligence service of the People's Republic of China. It was established in 1983 by merging the intelligence functions of the Ministry of Public Security with the investigations department of the Chinese Communist Party's Central Committee. The MSS reports to the State Council but operates under the direction of the CCP, and its current minister is Chen Yixin, appointed in 2022.
The agency's mandate spans foreign human intelligence collection, counterintelligence inside China, signals and cyber operations, and "political security" — meaning protection of the Party-state from perceived ideological and subversive threats. Unlike the United States, where these functions are split among the CIA, FBI, and NSA, the MSS combines them in a single ministry, with provincial and municipal State Security Departments and Bureaus carrying out much of the operational work.
In cybersecurity discourse, the MSS is most often discussed as the suspected sponsor of several Chinese advanced persistent threat (APT) groups. The 2020 U.S. Department of Justice indictment of two Chinese nationals (Li Xiaoyu and Dong Jiazhi) tied to the Guangdong State Security Department alleged a decade-long campaign targeting defense contractors, COVID-19 vaccine researchers, and dissidents. The July 2021 joint attribution by the United States, the EU, the United Kingdom, and NATO blamed MSS-affiliated actors for the Microsoft Exchange Server (Hafnium) compromise disclosed in March 2021. Researchers have publicly linked MSS provincial bureaus to APT3, APT10, APT40, and APT41, among others.
The MSS also enforces China's expanding legal framework on state secrets and national security, including the 2014 Counter-Espionage Law (revised 2023) and the 2015 National Security Law, which broaden the definition of espionage and grant the ministry wide investigative powers, including over foreign nationals and firms operating in China.
Example
In July 2021, the United States, EU, UK, and NATO jointly attributed the Microsoft Exchange Server hack to cyber actors affiliated with China's Ministry of State Security.
Frequently asked questions
The Ministry of Public Security (MPS) handles ordinary policing and domestic law enforcement, while the MSS focuses on foreign intelligence, counterintelligence, and political security. The MSS was carved out of the MPS in 1983.
Keep learning