Chinese Intelligence Officers Charged In US With Jet Engine Hacking Conspiracy

news
U.S. Air Force/Sgt. Brian E. Christiansen

Two Chinese intelligence officers and a group of alleged hackers have been charged in San Diego on accusations of infiltrating the computer networks of private companies in the U.S. and abroad to steal plans for a turbofan engine to be used in commercial airliners, according to the indictment unsealed Tuesday.


The five-year conspiracy was led by Zha Rong, a division director of the Jiangsu Province Ministry of State Security, and Chai Meng, a section chief — both supervisors overseeing human intelligence and intellectual property theft operations within the ranks of the Chinese government, according to the indictment.

The indictment is among a small but growing collection of prosecutions that openly accuses the Chinese government of stealing U.S. trade secrets.

Earlier this month, an intelligence officer from the same Chinese intelligence branch was extradited from Belgium to Ohio to face intellectual property theft charges relating to jet aircraft engines.

According to the indictment, Yanjun Xu, a deputy division director, targeted experts who worked as leaders in the aviation field in private companies — including GE Aviation — and invited them to China to give university presentations as a way to steal trade secrets.

In September, a Chicago federal grand jury indicted a Chinese-born U.S. Army Reserves soldier who is accused of working as an agent for the same intelligence group. His role was to help recruit Chinese nationals working in the U.S. as scientists and engineers to become spies, according to the indictment.

On Thursday, arrest warrants were issued for 10 people in the most recent case, however, all defendants are believed to be in China.

"This action is yet another example of criminal efforts by the (Ministry of State Security) to facilitate the theft of private data for China's commercial gain," U.S. Attorney Adam Braverman said in a statement. "The concerted effort to steal, rather than simply purchase, commercially available products should offend every company that invests talent, energy, and shareholder money into the development of products."

Related: Chinese National Who Enlisted In US Army Accused Of Helping To Recruit Spies »

The officers are accused of deploying a group of hackers to steal information on the technology of a turbofan engine being developed by an unnamed French aerospace manufacturer and a U.S.-based company. The indictment does not name the U.S. company nor say where it is located.

A state-controlled aerospace company in China had been working to develop similar technology for an engine to use in commercial airliners in China at the time, the indictment alleges.

The intrusion, beginning in 2010, stretched beyond the two main companies involved and targeted several businesses through the U.S. — from Massachusetts to Arizona to Oregon — that were developing parts for the engine, according to the charges. Other victims included a company in Wisconsin, companies based in the United Kingdom, and a "multinational conglomerate."

The intelligence service also repeatedly tried to hack into a San Diego-based technology company as part of the conspiracy from 2012 to 2014 to steal commercial information and use its website as a "watering hole," meaning anyone who visits the website could be vulnerable to infection. On top of the official conspiracy, two alleged hackers are also charged with orchestrating a separate attack on the company for their own criminal motivations, the U.S. Department of Justice said.

The first attack occurred on Jan. 8, 2010, when hackers got inside the networks of Capstone Turbine, a gas turbine manufacturer based in Los Angeles. The hackers first created their own email within the network, and later installed malware onto Capstone's website to make it a "watering hole." The malware, called Sakula, was designed to exploit vulnerabilities in the Internet Explorer web browser.

The hackers infiltrated an Arizona aerospace company in 2012 by sending an email that encouraged targets to click on a website that had been set up purporting to be Capstone Turbine, its domain misspelled by one letter.

The conspiracy also used two insiders working for the French aerospace company to operate as moles, according to the indictment. The company had offices in Suzhou, Jinagsu province.

In November 2013, an intelligence officer told Tian Xi, a product manager for the French company: "I'll bring the (Trojan) horse (malware) to you tonight. Can you take the Frenchmen out to dinner tonight? I'll pretend I bump into you at the restaurant to say hello. This way we don't need to meet in Shanghai," the indictment states.

A month later, the officer allegedly asked Xi three times if he had "plant(ed) the horse."

Another restaurant meeting occurred in January 2014 between the officer and Gu Gen, the French company's information technology infrastructure and security manager.

Within weeks, Xi texted the officer: "The horse was planted this morning."

The prosecution is linked to another San Diego case that accuses a Shanghai malware broker of providing the Sakula program for the Capstone Turbine attacks.

"I believe that the novelty and rarity of this malware is evidence that only a small group of hackers knew of it and that they were working together," a San Diego cybersquad FBI agent noted in the complaint against the malware broker, Pingan Yu.

Sakula is a rare program that was used in the theft of U.S. Office of Personnel Management hacks discovered in 2014 and 2015 that compromised the data of thousands of federal employees. The OPM breaches are not mentioned in either prosecution, however.

Yu, 37 pleaded guilty to a computer hacking conspiracy in September relating to the Capstone case.

When Yu was arrested in August 2017 at the Los Angeles airport, Chinese Foreign Ministry spokeswoman Hua Chunying told reporters on Friday that China opposes of all forms criminal internet activity, according to a report by Reuters.

———

©2018 The San Diego Union-Tribune. Distributed by Tribune Content Agency, LLC.

WATCH NEXT:

Casperassets.rbl.ms

Benjamin Franklin nailed it when he said, "Fatigue is the best pillow." True story, Benny. There's nothing like pushing your body so far past exhaustion that you'd willingly, even longingly, take a nap on a concrete slab.

Take $75 off a Casper Mattress and $150 off a Wave Mattress with code TASKANDPURPOSE

And no one knows that better than military service members and we have the pictures to prove it.

Read More Show Less
(The 621st Contingency Response Wing/Flickr)

The commandant of the U.S. Coast Guard called the ongoing partial government shutdown "unacceptable" following reports that some Coast Guardsmen are relying on donations from food pantries while their regular paychecks remain on hold.

"We're five-plus weeks into the anxiety and stress of this government lapse and your non-pay," Adm. Karl Schultz said in a video message to service members. "You, as members of the armed forces, should not be expected to shoulder this burden."

Read More Show Less

The U.S. Department of Veterans' Affairs will implement changes next month that will simplify the process for how veterans make appeals.

Read More Show Less

Editor's Note: This article by Richard Sisk originally appeared on Military.com, a leading source of news for the military and veteran community.

The bigger and faster electromagnetic weapons elevator on the new aircraft carrier Gerald R. Ford is finally ready for use, an achievement the Navy called a "major milestone" for the program and other Ford-class carriers to be built in the future.

Navy Secretary Richard V. Spencer said earlier this month that he had bet his job on getting all the Ford's elevators to work, telling President Donald Trump that the project would be done by this summer "or you can fire me."

Read More Show Less

Airman 1st Class Isaiah Edwards has been sentenced to 35 years in prison after a military jury found him guilty of murder in connection with the death of a fellow airman in Guam, Air Force officials announced on Tuesday.

Read More Show Less