Chinese Soldiers Accused in Hacking Conspiracy Against US Military
Two Chinese government soldiers have been accused of engaging in a hacking conspiracy led by an aerospace entrepreneur living in Canada, and targeting contractors working for the US Military, according to court-filed documents.
New details about the extradition case against Chinese-born, Vancouver resident Su Bin and two “co-conspirators” emerged following a request from The Globe and Mail. The prosecution originally was launched in June 2014 when Su was arrested on a US warrant.
According to the documents, the three individuals attempted to steal secrets relating to the engineering aspects of F-35s and other US war planes by hacking secure databases belonging to contractors.
Su allegedly led the two hackers to break into email accounts of American aviation engineers. Afterward, Su instructed the China-based hackers to sift through corporate networks for engineering manuals relating to F-35, C-17 and F-22 military jets, according to court documents.
Emails between Su and the co-conspirators indicate potentially profiting from selling the stolen data.
The court documents make no explicit mention of a potential role by the People’s Liberation Army of China, and they describe the two hackers as “affiliated with multiple organizations and entities.”
US authorities, however, identified them as “two Chinese military officers” after intercepting email attachments containing the image of one co-conspirator with “Chinese military identification showing his photograph, name, rank, military unit, and year and month of birth.”
Intercepted photos also allegedly show the other co-conspirator wearing a Chinese military uniform and bearing his “Hong Kong identification.”
The documents don’t make it clear whether the hackers intended to relay their stolen data back to military officials or whether they only intended to sell the data to firms.
Adam Segal, a scholar and author of the upcoming book The Hacked World Order, says both scenarios are common in China.
“The problem has always been the hackers seem to do the same work from 9 to 5, and then 5 to midnight when they got home,” he tells The Globe and Mail. “So it’s very hard to very clearly say this guy is a freelancer, this guy is a PLA hacker. Sometimes they are doing it under the direction of the PLA, sometimes they are doing it as freelancers to make money.”
When asked why prosecutors have not charged the hackers if their identities are known, US Justice Department spokesperson Thom Mrozek cited the ongoing investigation.
“I’m going to decline to comment on the matter at this time, as the extradition proceeding is ongoing in Canada,” Mrozek said.
In September, a Canadian judge ordered the extradition of Su. However, he remains in Vancouver awaiting an appeal that will be heard later this year.
Su is not accused of being a hacker.
However, the documents show that executives with Airbus, Boeing and Lockheed Martin are preparing to testify that Su’s emails indicate he helped hackers steal engineering documents from secure servers in a move that essentially could give China access to details of jet projects that cost the US military billions to develop.