Chinese Intelligence Officers Charged In US With Jet Engine Hacking Conspiracy

U.S. Army Pfc. Holt Duggins, from the North Carolina Army National Guard, looks through his binoculars in San Luis, Ariz., July 26, 2006.
U.S. Air Force/Sgt. Brian E. Christiansen

Two Chinese intelligence officers and a group of alleged hackers have been charged in San Diego on accusations of infiltrating the computer networks of private companies in the U.S. and abroad to steal plans for a turbofan engine to be used in commercial airliners, according to the indictment unsealed Tuesday.

The five-year conspiracy was led by Zha Rong, a division director of the Jiangsu Province Ministry of State Security, and Chai Meng, a section chief — both supervisors overseeing human intelligence and intellectual property theft operations within the ranks of the Chinese government, according to the indictment.

The indictment is among a small but growing collection of prosecutions that openly accuses the Chinese government of stealing U.S. trade secrets.

Earlier this month, an intelligence officer from the same Chinese intelligence branch was extradited from Belgium to Ohio to face intellectual property theft charges relating to jet aircraft engines.

According to the indictment, Yanjun Xu, a deputy division director, targeted experts who worked as leaders in the aviation field in private companies — including GE Aviation — and invited them to China to give university presentations as a way to steal trade secrets.

In September, a Chicago federal grand jury indicted a Chinese-born U.S. Army Reserves soldier who is accused of working as an agent for the same intelligence group. His role was to help recruit Chinese nationals working in the U.S. as scientists and engineers to become spies, according to the indictment.

On Thursday, arrest warrants were issued for 10 people in the most recent case, however, all defendants are believed to be in China.

"This action is yet another example of criminal efforts by the (Ministry of State Security) to facilitate the theft of private data for China's commercial gain," U.S. Attorney Adam Braverman said in a statement. "The concerted effort to steal, rather than simply purchase, commercially available products should offend every company that invests talent, energy, and shareholder money into the development of products."

Related: Chinese National Who Enlisted In US Army Accused Of Helping To Recruit Spies »

The officers are accused of deploying a group of hackers to steal information on the technology of a turbofan engine being developed by an unnamed French aerospace manufacturer and a U.S.-based company. The indictment does not name the U.S. company nor say where it is located.

A state-controlled aerospace company in China had been working to develop similar technology for an engine to use in commercial airliners in China at the time, the indictment alleges.

The intrusion, beginning in 2010, stretched beyond the two main companies involved and targeted several businesses through the U.S. — from Massachusetts to Arizona to Oregon — that were developing parts for the engine, according to the charges. Other victims included a company in Wisconsin, companies based in the United Kingdom, and a "multinational conglomerate."

The intelligence service also repeatedly tried to hack into a San Diego-based technology company as part of the conspiracy from 2012 to 2014 to steal commercial information and use its website as a "watering hole," meaning anyone who visits the website could be vulnerable to infection. On top of the official conspiracy, two alleged hackers are also charged with orchestrating a separate attack on the company for their own criminal motivations, the U.S. Department of Justice said.

The first attack occurred on Jan. 8, 2010, when hackers got inside the networks of Capstone Turbine, a gas turbine manufacturer based in Los Angeles. The hackers first created their own email within the network, and later installed malware onto Capstone's website to make it a "watering hole." The malware, called Sakula, was designed to exploit vulnerabilities in the Internet Explorer web browser.

The hackers infiltrated an Arizona aerospace company in 2012 by sending an email that encouraged targets to click on a website that had been set up purporting to be Capstone Turbine, its domain misspelled by one letter.

The conspiracy also used two insiders working for the French aerospace company to operate as moles, according to the indictment. The company had offices in Suzhou, Jinagsu province.

In November 2013, an intelligence officer told Tian Xi, a product manager for the French company: "I'll bring the (Trojan) horse (malware) to you tonight. Can you take the Frenchmen out to dinner tonight? I'll pretend I bump into you at the restaurant to say hello. This way we don't need to meet in Shanghai," the indictment states.

A month later, the officer allegedly asked Xi three times if he had "plant(ed) the horse."

Another restaurant meeting occurred in January 2014 between the officer and Gu Gen, the French company's information technology infrastructure and security manager.

Within weeks, Xi texted the officer: "The horse was planted this morning."

The prosecution is linked to another San Diego case that accuses a Shanghai malware broker of providing the Sakula program for the Capstone Turbine attacks.

"I believe that the novelty and rarity of this malware is evidence that only a small group of hackers knew of it and that they were working together," a San Diego cybersquad FBI agent noted in the complaint against the malware broker, Pingan Yu.

Sakula is a rare program that was used in the theft of U.S. Office of Personnel Management hacks discovered in 2014 and 2015 that compromised the data of thousands of federal employees. The OPM breaches are not mentioned in either prosecution, however.

Yu, 37 pleaded guilty to a computer hacking conspiracy in September relating to the Capstone case.

When Yu was arrested in August 2017 at the Los Angeles airport, Chinese Foreign Ministry spokeswoman Hua Chunying told reporters on Friday that China opposes of all forms criminal internet activity, according to a report by Reuters.


©2018 The San Diego Union-Tribune. Distributed by Tribune Content Agency, LLC.


Photo: Twitter

For an organization that is constantly shining a light on things that would rather be kept out of the public eye, the moderators of U.S. Army WTF! Moments have done a remarkably impressive job at staying anonymous.

That is, until Monday.

Read More Show Less

For U.S. service members who have fought alongside the Kurds, President Donald Trump's decision to approve repositioning U.S. forces in Syria ahead of Turkey's invasion is a naked betrayal of valued allies.

"I am ashamed for the first time in my career," one unnamed special operator told Fox News Jennifer Griffin.

In a Twitter thread that went viral, Griffin wrote the soldier told her the Kurds were continuing to support the United States by guarding tens of thousands of ISIS prisoners even though Turkey had nullified an arrangement under which U.S. and Turkish troops were conducting joint patrols in northeastern Syria to allow the Kurdish People's Protection Units, or YPG, to withdraw.

"The Kurds are sticking by us," the soldier told Griffin. "No other partner I have ever dealt with would stand by us."

Read More Show Less

Defense Secretary Mark Esper has confirmed that a nightmare scenario has come to pass: Captured ISIS fighters are escaping as a result of Turkey's invasion of Kurdish-held northeast Syria.

Turkey's incursion has led to "the release of many dangerous ISIS detainees," Esper said in a statement on Monday.

Read More Show Less
ABC News anchor Tom Llamas just before his network airs grossly inaccurate footage

Video footage of a purported "bombing of Kurd civilians" by Turkish military forces shown on ABC News appeared to be a nighttime firing of tracer rounds at a Kentucky gun range.

Read More Show Less

The U.S. military's seemingly never-ending mission supporting civil authorities along the southwestern border will last at least another year.

On Sept. 3, Defense Secretary Mark Esper approved a request from the Department of Homeland Security to provide a total of up to 5,500 troops along the border until Sept. 30, 2020, Lt. Gen. Laura Richardson, commander of U.S. Army North, said on Monday.

Read More Show Less