U.S. Accuses Chinese Executive of Hacking to Mine Military Data

 

An F-35A Joint Strike Fighter takes off on a training sortie in Florida in 2012. Reuters

WASHINGTON—The Justice Department has charged the owner of a Chinese aviation technology company with stealing reams of information from U.S. defense contractors about key American technology—the latest in an effort to criminally prosecute what American officials allege is rampant Chinese industrial espionage.

The charges against Su Bin, a Chinese citizen living in Canada, shed new light on an alleged hacking ecosystem that officials have long said poses a threat to many U.S. companies.

Tensions between the U.S. and China over cyberespionage remain high. Secretary of State John Kerry, visiting China this week, raised the "chilling effect" hacking has on U.S. firms. The Chinese, in turn, see themselves as victims of cyberespionage. On Friday, state broadcaster China Central Television called a location-tracking function offered by Apple Inc. AAPL -0.57% 's iPhone a "national security concern."

Prosecutors in Los Angeles unsealed a 50-page complaint accusing Mr. Su of working with two co-conspirators in China between 2009 and 2013 to break into computers at Boeing Co. BA -1.30% and other defense contractors, steal technology and pass it to entities in China, sometimes for a price.

The trio allegedly stole sensitive information about Boeing's C-17 military transport plane and two of the Pentagon's most advanced fighter jets, the F-22 and F-35, built by Lockheed Martin Corp. LMT -0.66% , among other projects.

Unlike five Chinese military officers who were charged in May with hacking into U.S. companies, Mr. Su appears to have been working for himself, according to the complaint

After a request from the U.S., Mr. Su was arrested June 28 in Canada, a spokeswoman for the Canadian Department of Justice said. He faces extradition proceedings. A lawyer for Mr. Su didn't respond to a request for comment.

The F-35 has been a long-standing target of suspected overseas hackers. The Wall Street Journal reported in 2009 that hackers, possibly Chinese, had penetrated Pentagon computers containing information about the program.

The complaint helped to answer one question about China's sprawling hacking-industrial complex. The country's cyberwarriors, some of whom work for the military and others on their own, hit so many targets and vacuum up so much information, that it can at times it can be hard to tell who is directing them, a former U.S. official said.

Many hackers work as freelancers, sometimes during off hours, then try to sell stolen information to state-owned firms.

"It's the equivalent of the [Tennessee Valley Authority] going out and hiring hackers to go spy on China," said James Lewis, a former State Department official and a cybersecurity expert at the Center for Strategic and International Studies.

In the Boeing case, the effort appeared to be directed not by China's central government but by Mr. Su, owner of a firm named Beijing Lode Technology Co. Ltd.

The firm describes itself as an aerospace technology company on its website. The complaint said the company "is in contact with military and commercial entities involved in aerospace technology" in China.

It remains unclear who employs the two unnamed Chinese hackers listed as co-conspirators. Most of China's cyberespionage activities are controlled by the Chinese army, U.S. officials say.

A spokesman for the Chinese embassy in Washington said he wasn't aware of Mr. Su's case, but said that in recent meetings, U.S. and Chinese officials have discussed the issue and that China told the U.S. to take a "constructive approach."

The complaint describes one of the unnamed hackers as the other's supervisor in various organizations. When picking targets, the duo saw "military technology intelligence as a main focus," according to an internal report cited in the complaint.

The complaint doesn't say how the two alleged hackers came to know Mr. Su.

The alleged hackers gave Mr. Su a 1,467-page list of the Boeing files they could steal, according to the complaint. Mr. Su would then tell them which files he thought would interest state-owned aerospace firms in China.

For instance, Mr. Su apparently wasn't interested in the "C-17 Demilitarization Plan" draft but wanted the "C-17 Hangar Requirements," according to the complaint.

Selling the allegedly stolen plans to Chinese businesses was sometimes challenging, according to the complaint. After repeated emails from one of the hackers, Mr. Su responded, "I understand that it's very urgent for you. It's not easy to sell the information."

He reminded his colleague that "the big money" could come later, according to the complaint

Two former U.S. officials said Chinese hackers often are paid little and take on side projects to make money.

"The value is decent," Mr. Su wrote of allegedly stolen information they were trying to sell to a Chinese company, according to the complaint. "In China, this information is what [an unnamed Chinese aircraft maker] needs. They are too stingy!"

It is unclear what data, if any, Mr. Su allegedly eventually sold into China. But the hackers boasted about the heist in internal memos, suggesting someone benefited from the data.The government says it didn't find evidence indicating whether Mr. Su took classified information, though the complaint said some of the data was subject to laws that restrict the export of military technology.

Boeing said it was informed by the FBI and Air Force investigators of the alleged breaches in 2012 and was continuing to cooperate with authorities. Lockheed said it is cooperating with the U.S. government.

Boeing delivered the first C-17 to the U.S. Air Force in 1993. The four-engine jet, able to carry troops and equipment to and from small airfields, won overseas orders from allies including the U.K., Australia and Canada.

But after a dearth of new orders, Boeing said last year it would end production and close the Long Beach, Calif. factory that assembles the jet in 2015.

China's state-controlled Xian Aircraft Corp. is developing its own four-engine military cargo jet, dubbed the Y-20, that flew for the first time last year. Western defense experts have said the plane bears similarities to the C-17, though other military transport planes also share attributes.

Any security breaches involving fighter jets are likely to cause more alarm. Pentagon officials have in recent months expressed concerns that the U.S. is losing its technological superiority in some areas.

"We remain deeply concerned about cyber-enabled theft of sensitive information," a Justice Department spokesman said. "The conspirators are alleged to have accessed the computer networks of U.S. defense contractors without authorization and stolen data related to military aircraft and weapons systems."