The US Department of Justice put out a statement on Wednesday about the plea agreement it struck with the 50-year-old Chinese national, Su Bin, also known as Stephen Su and Stephen Subin.
The DOJ said Su was involved in a years-long conspiracy to hack into computer systems at major defense contractors, to steal sensitive military and export-controlled data, and to send the stolen data to China.
A criminal complaint was first filed in 2014 against Su, a China-based businessman who worked in the aviation and aerospace fields. He was arrested in Canada in July 2014 and eventually waived his extradition rights.
Subsequent indictments were subsequently filed in Los Angeles.
Su is now admitting to stealing data relating to Boeing’s C-17 strategic transport aircraft and certain fighter jets produced for the US military.
Between October 2008 and March 2014, Su worked with two people in China to help them intrude into US networks and steal the data.
He would email his co-conspirators to tell them who to target at which companies and what technologies to focus on during their intrusions.
One of them would gain access to the sensitive data and email Su directory file listings and folders showing the data that he or she had been able to dig up.
Then, Su would tell the cyber intruder which files and folders he or she should steal.
After the intruder stole the data, using unspecified techniques to avoid detection, Su translated some of it into Chinese.
Then, Su and his accomplices would each write up, revise and email reports about the information and technology they’d gotten their hands on, including its value, sending the reports on to their financial backers.
He did it for the money, Su said.
Su’s facing a maximum sentence of five years in prison and a fine of $250,000 or twice the gross gain or gross loss resulting from the offense, whichever is greatest. He’s due to be sentenced on 13 July, 2016.
Granted, maximum sentences are rarely handed out.
But the US just might throw all of its weight against Su in this case, given that it’s been steaming over China’s espionage for the past few years.
Recent incidents in the ongoing US-China cyber espionage wars include one in June, when China allegedly hacked the US government and stole data on millions of current and former federal employees.
In the aftermath of the breach, President Obama was reportedly considering sanctions against the attackers, under the authority of an executive order he signed in April to punish individuals or entities engaged in cyberattacks against the US.
Those sanctions haven’t come to pass – at least, not yet – despite pressure from members of Congress and several presidential candidates to retaliate over the attack.
A few months after the breach, in August, the Obama administration was reportedly working on a package of economic sanctions against Chinese individuals and companies – not for hacking the US government, but for theft of trade secrets from US companies, according to a report from the Washington Post.
Those sanctions were reportedly designed to send a message to Beijing that the US is ready to fight back against cyber-espionage.
If they ever get put into play, it would be the first use of new authority granted under the April executive order, according to officials who requested anonymity when talking to the Post.
The newspaper’s sources said that the US may be conducting its own covert cyber activity in response to the breach of US government personnel records.
It’s believed that those attacks were meant to scoop up national security intelligence, as opposed to being profit-motivated.
Nonetheless, sources told the Post that the administration wants to confront China publicly over economic espionage that it says is harming US businesses.
Profit-motivated Su might have handed the US the chance to do just that.
The DOJ’s statement quotes Assistant Attorney General for National Security John P. Carlin, who said that the Feds aren’t taking these cyber muggings lying down:
Su Bin admitted to playing an important role in a conspiracy, originating in China, to illegally access sensitive military data, including data relating to military aircraft that are indispensable in keeping our military personnel safe.
This plea sends a strong message that stealing from the United States and our companies has a significant cost; we can and will find these criminals and bring them to justice. The National Security Division remains sharply focused on disrupting cyber threats to the national security, and we will continue to be relentless in our pursuit of those who seek to undermine our security.
Image of Top Secret Files courtesy of Shutterstock.com