Sensitive Military and Export Controlled Data to China
On July 13, 2016, in the Central District of California, Su Bin, also known as Stephen Su and Stephen Subin, a Chinese national and resident of the People’s Republic of China, was sentenced to 46 months’ imprisonment, a fine of $10,000 and one year of supervised release. Previously, on March 23, 2016, Su Bin pleaded guilty to participating in a yearslong conspiracy to hack into the computer networks of major U.S. defense contractors, steal sensitive military and export-controlled data and send the stolen data to China. A criminal complaint filed in 2014 and subsequent indictments filed in Los Angeles charged Su Bin, a China-based businessman in the aviation and aerospace fields, for his role in the criminal conspiracy to steal military technical data, including data relating to the C-17 strategic transport aircraft and certain fighter jets produced for the U.S. military. Su was initially arrested in Canada in July 2014, on a warrant issued in relation to this case. Su ultimately waived extradition and consented to be conveyed to the United States in Feb. 2016. In the plea agreement, Su admitted to conspiring with two persons in China from Oct. 2008, to March 2014, to gain unauthorized access to protected computer networks in the United States, including computers belonging to the Boeing Company in Orange County, California, to obtain sensitive military information and to export that information illegally from the United States to China. As part of the conspiracy, Su would email the co-conspirators with guidance regarding what persons, companies and technologies to target during their computer intrusions. One of Su’s co-conspirators would then gain access to information residing on computers of U.S. companies and email Su directory file listings and folders showing the data that the co-conspirator had been able to access. Su then directed his co-conspirator as to which files and folders his co-conspirator should steal. Once the co-conspirator stole the data, including by using techniques to avoid detection when hacking the victim computers, Su translated the contents of certain stolen data from English into Chinese. In addition, Su and his co-conspirators each wrote, revised and emailed reports about the information and technology they had acquired by their hacking activities, including its value, to the final beneficiaries of their hacking activities. Su’s plea agreement makes clear that the information he and his co-conspirators intentionally stole included data listed on the U.S. Munitions List contained in the International Traffic in Arms Regulations. Su also admitted that he engaged in the crime for the purpose of financial gain and specifically sought to profit from selling the data the he and his co-conspirators illegally acquired. This case was investigated by the FBI, the U.S. Air Force’s Office of Special Investigations, and the Justice Department’s CRM/OIA and NSD/CES.