US Indicts 10 Chinese Intelligence Agents Following ‘Hack On US And European Aviation Companies’

The US Justice Department has charged a group of Chinese agents with trying to steal aviation technology from US companies, the third such indictment in less than two months in an escalating effort to halt cyber-espionage allegedly orchestrated from China.

A group of 10 people, led by agents of the Jiangsu provincial arm of China Ministry of State Security (MSS) tried to hack into the computer systems of a US company and a French company with an office in Suzhou, China, both manufacturers of a turbofan engine used in commercial airliners, the Justice Department (DoJ) alleged on Tuesday. Members of the group also targeted other US aerospace companies producing parts for the engine makers, it said.

“The threat posed by Chinese government-sponsored hacking activity is real and relentless,” John Brown, a special agent in charge of the FBI’s San Diego Field Office, said in the DoJ notice, which alleges that the hacking conspiracy likely ran from January 2010 to May 2015.

“Today, the Federal Bureau of Investigation, with the assistance of our private sector, international and US government partners, is sending a strong message to the Chinese government and other foreign governments involved in hacking activities.

The DoJ says that the primary intelligence officers were MSS agents Zha Rong and Chai Meng, while their co-conspirators included Zhang Zhang-Gui, Liu Chunliang, Gao Hong Kun, Zhuang Xiaowei and Ma Zhiqi. The indictment identified 12 targeted companies – eight of them based in the US – specialising in aerospace, technology or “critical infrastructure”. Two of the aerospace companies are French and one is British. The list also includes one Australian domain registrar.

The only victim company identified by the indictment by name is Los Angeles-based Capstone Turbines.

Chinese Foreign Ministry spokesman Lu Kang said the charges were groundless.

“The relevant accusations are pure fiction and totally fabricated,” he told reporters in Beijing without elaborating, according to Reuters.

The DoJ announcement comes little more than two weeks after it publicised the “unprecedented” extradition of another Jiangsu division MSS intelligence official for allegedly attempting to steal trade secrets from GE Aviation and other US aerospace companies after luring the suspect to Belgium.

Xu Yanjun, who also uses the names Qu Hui and Zhang Hui, was arrested in Belgium on April 1 and extradited to the US with help from Belgian authorities.

He is accused of seeking “to steal trade secrets and other sensitive information from an American company that leads the way in aerospace”, John Demers, an assistant attorney general for national security, said in a DoJ announcement on October 10.

Beijing has made its aviation industry a key part of its “Made in China 2025” development plan to turn China into a world leader in technology, but – as reported by the South China Morning Post on Monday – it is struggling, with experts estimating that its jet engine technology is about 20-to-30 years behind its competitors.

Hackers named in the latest DoJ indictment are accused of using a range of techniques, “including spear phishing, showing multiple different strains of malware into company computer systems, using the victim companies’ own websites as ‘watering holes’ to compromise website visitors’ computers, and domain hijacking through the compromise of domain registrars”.

The turbofan engine the alleged hacking conspirators sought to replicate was developed through a partnership of the French company with an office in Suzhou and a US company, according to the indictment, which was filed in the Southern District of California.

“Members of the conspiracy hacked [the French company] and other companies that manufactured parts for the turbofan engine … to steal sensitive data from these companies that could be used by Chinese entities to build the same or similar engine without incurring substantial research and development expenses,” the indictment said.

Acting on orders from agents in the MSS’s Jiangsu division, Tian Xi, another co-conspirator named in the indictment, installed Sakula malware in the French company’s computer network in order to transfer critical information, the court document said.

“This is just the beginning” of efforts to crack down on cyber-espionage originating in China, John Demers, assistant attorney general for national security, said in Tuesday’s announcement.

“Together with our federal partners, we will redouble our efforts to safeguard America’s ingenuity and investment.”

Author: Robert Delaney

Source: SCMP

Leave a Reply

Your email address will not be published. Required fields are marked *