Chinese intelligence officers charged in USA with jet engine hacking conspiracy

Elias Hubbard
October 31, 2018

This month, the Justice Department announced that an MSS intelligence officer was extradited to the Southern District of OH on charges that he attempted to steal trade secrets related to jet aircraft engines. Ten Chinese intelligence officers, hackers and company insiders face espionage charges.

The 10 people charged conspired to steal sensitive data "that could be used by Chinese entities to build the same or similar engine without incurring substantial research and development expenses", the indictment released by the U.S. Department of Justice said.

The indictment is among a small but growing collection of prosecutions that openly accuses the Chinese government of stealing US trade secrets.

The indictment, dated October 25, states that six hackers, two Chinese intelligence operatives and two insiders were involved in a conspiracy lasting from 2010 to 2015 to steal information related to turbofan engines that are used in commercial airliners in Europe and the U.S.

The engine was being developed through a partnership between a French aerospace manufacturer with an office in Suzhou, Jiangsu province, and a United States firm, it said.

In late September, a Chinese national who also enlisted in the US Army Reserve was arrested in Chicago for working for Chinese intelligence to recruit engineers and scientists, including some who worked for US defence contractors.

"At the time of the intrusions, a Chinese state-owned aerospace company was working to develop a comparable engine for use in commercial aircraft manufactured in China and elsewhere", the Justice Department said.

The companies were not named, but earlier indictments pointed to Cincinnati, Ohio-based GE Aviation, one of the world's leading aircraft engine manufacturers.

Experts have said that since then, China's cyber-enabled commercial spying has resumed, in particular by the Ministry of State Security (MSS), which conducts nonmilitary foreign espionage and handles domestic counterintelligence. The indictment identified 12 targeted companies - eight of them based in the United States - specialising in aerospace, technology or "critical infrastructure". The hackers first created their own email within the network, and later installed malware onto Capstone's website to make it a "watering hole". In another case, the Chinese used "Sakula" and "PlugX" malware. Can you take the Frenchmen out to dinner tonight?

Two indicted Chinese hackers, Gu Gen and Tian Xi "hacked the French aerospace manufacturer" with the assistance of the MSS, the statement said.

In a text message indicating malware had been planted in one of the targeted computers, Tian told a Chinese intelligence officer, "The horse was planted this morning".

The San Diego technology company was targeted by Chinese intelligence from August 2012 to January 2014 in a watering hole attack aimed at stealing commercial date.

"I believe that the novelty and rarity of this malware is evidence that only a small group of hackers knew of it and that they were working together", a San Diego cybersquad Federal Bureau of Investigation agent noted in the complaint against the malware broker, Pingan Yu. According to Crowdstrike, this trojan was used by Chinese nation-state group Deep Panda, thought to be behind the 2015 hack on the USA government's Office of Personnel Management (OPM).

Other reports by Click Lancashire

Discuss This Article