My thoughts on the Mar-A-Lago incident: Nut job? Freelance? or both?
The evidence to date points to a self-inspired economic espionage effort employing simplistic technical collection means targeted at business leaders. Consider the following:
1. If this effort was espionage, there is no reason for Beijing to send someone from Shanghai when it can be accomplished locally. It is much cheaper to get access to business leaders through a member, recruit a maid, or to have someone get a job on the cleaning staff. These means are standard for intelligence and criminal organizations and are far less likely to raise suspicions (which has obvious consequences).
2. Yujing Zhang has a background in finance and stocks. In Shanghai, she is an investor and consultant for a private equity firm. The Mar-A-Lago resort would be an excellent location to learn privileged business information.
3. Zhang had nine cellphones, nine USB drives, and five USB cards, a laptop, and a camera detector. Since I can’t come with a plausible reason for anyone other than a drug dealer or phone salesman to have nine cellphones, there is another possibility. Nine cellphones could be configured to act as listening and transmitting devices. Personally, if I were doing this, I would plug them in and tape each one under a bed or night stand. It is simplistic but it will work (at least for a while). If she has computer based telephone numbers (e.g. Google voice) in the contact list that should be another flag.
4. Assuming one could capture some sensitive business related discussions, the information would probably be valuable for investments (and she did that) or for sale.
5. Depending on the detection device Zhang had, it could be used to detect hidden cameras prior to operational activity. If it was only wireless detection then she runs the risk of missing hard wired CCTV‘s (which are far more common).
6. Analysis of the malware she had as well as the content of her laptop and USB cards will likely be critical in determining her intentions. It will probably take federal investigators several days or more to comprehend the data and software. It will be interesting to learn if the malware or other software in her possession was designed to provided access for her laptop or cellphones to the Mar-a-Lago wireless network .
7. If Zhang was trying to spy, then it appears she was detected during the initial surveillance stage which is essential before any operational activity.