A Chinese aviation and aerospace businessman last week pleaded guilty to participating in a conspiracy to steal sensitive military and export-controlled data from major U.S. defense contractors and send the information to China, according to the U.S. Department of Justice.
Su Bin, also known as Stephen Su and Stephen Subin, a resident of the People’s Republic of China, entered the plea before Judge Christina A. Snyder of the Central District of California.
An indictment was issued against Su in 2014, alleging he was part of a criminal conspiracy to steal military technical data, including data relating to the C-17 strategic transport aircraft and other fighter jets produced for the U.S. military.
Su was arrested in Canada in 2014 and was transported to the United States, after waiving extradition, in February.
“This plea sends a strong message that stealing from the United States and our companies has a significant cost; we can and will find these criminals and bring them to justice,” said John P. Carlin, assistant attorney general for national security.
In his plea agreement, 50-year-old Su admitted to conspiring with two people in China from October 2008 to March 2014 to intrude into protected computer networks in the United States, including computers belonging to Boeing in Orange County, California, to obtain sensitive military information and export it from the United States to China.
Through email, Su would let his conspirators know who and what to target after penetrating a computer network, the DoJ said.
The co-conspirators would then send Su lists of files and folders that were accessed during an intrusion, and he would tell them which files and folders they should steal.
Su translated stolen files and folders from English to Chinese. Along with his co-conspirators, he would write reports about the stolen data, including its value to its final beneficiaries.
No State Connection
While the United States hascriticized China for sponsoring cyberespionage to obtain national security data, there was no mention of Su and his co-conspirators working for Beijing.
“The plea agreement steers clear of accusing China of being behind it, even though Su Bin was working with two members of the military,” said Richard Stiennon, chief research analyst withIT-Harvest.
“The two co-conspirators were identified as Chinese military officers, but it seems like these guys were moonlighting,” said Jeffrey Carr, CEO ofTaia Global.
“This was not a PLA [People’s Liberation Army] operation. If it was, they wouldn’t have needed Su Bin,” he told TechNewsWorld.
“Neither would one of the co-conspirators be trying to buy malware on the dark Web,” Carr added. “The PLA doesn’t have to buy malware on the dark Web to attack a targeted company.”
From a threat perspective, the use of Su, a businessman with knowledge of aeronautics, was a diversion from the norm, Stiennon told TechNewsWorld.
“Hackers are focused computer people, and they really know how to look for stuff about computers, but they don’t have the first clue about design data of an aircraft,” he said.
What U.S. law enforcement uncovered in this case is part of a much larger problem, observed Mark Graff, CEO ofTellagraff and former CISO of Nasdaq and Lawrence Livermore Lab.
“This is just a glimmer of the massive amounts of intellectual property, especially with military focus, moving from the U.S. to China,” he told TechNewsWorld.
Su will be sentenced in July. He faces a maximum five years in prison and a fine of $250,000 or twice the gross gain or loss from the offense, whichever is greatest.
“Five years is pretty light,” Taia Global’s Carr said.
“Five years would be light for military espionage, but they’re treating this like industrial espionage,” IT-Harvest’s Stiennon noted.
Su should receive a five-year sentence, according to Graff. “If the judge doesn’t take that maximum opportunity, that would be even more disappointing.”