The recent sentencing of Yaoning “Mike” Sun to 48 months in federal prison on February 10, 2026, underscores a persistent and evolving national security challenge: covert foreign agents embedding themselves in U.S. political, community, and local governance structures. Sun, acting as an unregistered agent of the People’s Republic of China (PRC), exploited his role as a campaign advisor to help elect a city council member in Southern California, operated a pro-PRC news website, surveilled high-profile foreign dignitaries (such as Taiwan’s President during her 2023 visit), disseminated propaganda, and solicited PRC funding for influence activities—all without disclosure to U.S. authorities.
This case illustrates hybrid insider threats: individuals leveraging legitimate access and trusted positions to advance foreign agendas through low-visibility actions like coordination meetings, real-time reporting, photo surveillance, and content manipulation. Such operations often evade traditional perimeter defenses because they rely on human behaviors rather than overt cyberattacks.
As a trusted partner to our government customers—particularly in high-stakes federal environments—TMPC, Inc. stands ready to assist government agencies, departments, and partners in strengthening defenses against these threats. TMPC is the recognized leader in Department of War (DoW) Insider Threat User Activity Monitoring (UAM) services and provides specialized Vendor Threat Mitigation capabilities. With over 12 years of proven experience, TMPC delivers proactive, tailored solutions that deter, detect, and disrupt insider risks while fully aligning with DoW policies (e.g., DoDI 5205.16), CISA guidance, NIST standards, and Zero Trust principles.
TMPC’s Leadership in DoW Insider Threat UAM Services
TMPC excels in building and operating Insider Threat programs for DoW components and related federal partners. Our UAM-focused approach follows the “Deter, Detect, Disrupt” model, enabling early identification of concerning behaviors before they escalate to harm.
Key ways TMPC assists government partners:
- Real-Time Behavioral Analytics and UAM Deployment: TMPC implements scalable UAM systems that establish baselines for normal user activity (e.g., email patterns, file access, communications, data handling) across networks and endpoints. Anomalies—such as frequent encrypted contacts with foreign entities, unusual photo uploads during sensitive events, or drafting documents soliciting foreign funds—trigger automated alerts for analyst review. In scenarios like Sun’s, UAM could flag irregular patterns in campaign-related communications or surveillance-related digital artifacts.
- Custom Insider Threat Program Design and Implementation: TMPC helps partners develop comprehensive programs with policy frameworks, mandatory awareness training, behavioral indicator recognition, secure reporting channels, and incident response protocols. For government entities (including local/state partners interfacing with federal missions), this includes tailored training on foreign influence indicators, disclosure requirements for contacts, and integration of UAM for digital footprints.
- Proactive Deterrence and Risk Reduction: Through least-privilege access controls, ongoing audits, risk scoring, and employee engagement, TMPC minimizes opportunities for covert actors. Regular program maturity assessments ensure alignment with DoW’s DITMAC (DoW Insider Threat Management and Analysis Center) thresholds and reporting standards.
- High-Performance Outcomes: In DoW environments, TMPC’s UAM solutions have supported high-volume transactions across distributed sites with 99.9%+ uptime and zero unauthorized access incidents in monitored systems—demonstrating reliability for mission-critical operations.
Vendor Threat Mitigation: Safeguarding Third-Party and Partner Risks
Many influence operations exploit “vendors,” collaborators, or community affiliates (e.g., media partners, consultants, or local organizations). TMPC’s Vendor Threat Mitigation services extend protections to these external vectors:
- Rigorous Onboarding and Due Diligence: TMPC conducts deep audits of third-party access, compliance, and foreign ties before granting privileges. Contracts include Zero Trust requirements, mandatory breach reporting, and encrypted sharing.
- Continuous Monitoring and Audits: Post-onboarding oversight detects anomalous behaviors from partners, such as unusual data flows or communications that could indicate foreign direction.
- Supply Chain and Partner Risk Integration: TMPC evaluates collaborators for insider-like risks, closing gaps exploited in cases involving pseudo-legitimate entities used for propaganda or coordination.
In Sun’s case, the pro-PRC news website and campaign coordination could have been identified during partner/vendor vetting—preventing amplification of foreign narratives and joint operations.
Integrated Support for Government Partners
TMPC combines UAM with Vendor Threat Mitigation for layered, holistic protection:
- Behavioral Baseline + Anomaly Detection — UAM monitors digital indicators of foreign-linked activities.
- Human + Policy Layers — Training and policies promote reporting of unreported foreign contacts or suspicious surveillance.
- Third-Party Controls — Vendor audits catch hybrid threats involving external partners.
- Rapid Mitigation — Alerts and response teams enable swift action (e.g., access revocation, escalation to authorities like FBI or DCSA).
- Full Compliance — Aligned with FISMA Moderate, NIST 800-53, Zero Trust, CISA resources, and DoW directives—ensuring privacy protections and civil liberties safeguards.
By partnering with TMPC, our government customers gain a proactive edge: transforming reactive investigations into preventive defenses that protect democratic institutions, national security, and sovereignty from foreign subversion.
TMPC is prepared to support any government partner—federal, state, or local—with tailored consultations, program assessments, UAM deployments, or full Insider Threat/Vendor Mitigation implementations.
https://www.justice.gov/opa/pr/political-operative-sentenced-48-months-federal-prison-acting-covert-agent-peoples-republic