(Jim Sciutto’s post from The CNN USA on 14 May 2019.)
‘The Shadow War’: How a Chinese spy stole some of
the Pentagon’s most sensitive secrets. To his American friends and contacts,
Stephen Su was an affable businessman and gregarious guy. “People liked him,”
Bob Anderson, the FBI’s former head of counterintelligence, told me. “They
didn’t think he was an asshole and I know that sounds stupid, but people are
people and that’s how it started.”
Stephen Su, who also went by his Chinese name Su
Bin, lived in his native China but traveled frequently to the United States and
Canada, to build a business in the aviation and aerospace sectors. His company,
Lode-Tech, was a small player in a field of giants. However, from 2009 to 2014,
Su steadily and deliberately built a network of close business contacts inside
far bigger US and Canadian defense contractors who held some of most sensitive
US military contracts.
“So, he cultivates you over time,” Anderson recalled. The information Su was most interested in related to three of the most advanced US military aircraft ever built, the Lockheed Martin F-35 and F-22 stealth fighters and the Boeing C-17 Globemaster transport aircraft.
Though they were the products of two of the
Pentagon’s biggest military contractors, each drew on thousands of components
sourced from dozens of smaller suppliers. That supply chain provided numerous
ins for Su—as well as a convenient explanation for any partners who grew
concerned about the kind of information he was looking for.
“Su would say, ‘I’m not asking you to give me the
F-35, but what’s it matter if I get one system out of it that we could sell to
a friend or a perspective client?’” said Anderson. “And then go from there, and
it takes time.”
Unfettered access for three years
As it turns out, Su and his partners would have
unfettered access inside Boeing’s network for three years before the intrusion
was first discovered. During that time, they would claim to have stolen some
630,000 digital files – totaling a gargantuan 65 gigabytes of data – on the
C-17 alone. They stole tens of thousands more files on the F-22 and F-35. It
was an extraordinary trove of information on some of America’s most advanced
and sensitive military projects.
Su’s team, while enormously successful, was just
one small part of a massive army of Chinese hackers dedicated to stealing
America’s most sensitive government and private sector secrets. Over the last
two decades, China has built an enormous infrastructure charged with cyber
espionage.
The Office of the US Trade Representative estimates
that the United States loses up to $600 billion per year in intellectual
property. Since it deems China “the world’s principal IP infringer,” the USTR
believes China may be responsible for bulk of those losses.
China’s theft of US trade and government secrets is
not bad behavior by rogue Chinese individuals or organizations, it is
government policy – and it is one of the issues at the root of the trade war
raging between the US and China today. One senior US law enforcement official
described China’s espionage apparatus to me as akin to a “tapeworm,” feeding
off tens of thousands of US institutions and individuals, to siphon away
America’s most treasured asset: its ingenuity.
Beijing’s goal is nothing short of surpassing the
United States as the world’s most powerful and most technologically advanced
superpower. Chinese leaders would prefer to do so peacefully, but if there is a
war, they want to level the battlefield.
‘This is about world domination’
“This is about world domination and when or if
there has to be a conflict—and unfortunately there probably will be one—they
want to be mano-a-mano, if not better than the US, and that’s what they’ve set
their sights on for the last thirty or forty years,” Anderson explained.
The exact number of spies like Stephen Su is hard
to pinpoint but Anderson estimates that, at any one time, there are dozens of
teams like his operating in the United States. And behind them in China,
Anderson says, are far more hackers at work, some employed full-time by Chinese
security services, others working on a part-time basis.
“You’d go to jail here, but the Chinese have tens
of thousands of young kids—like our MIT’s or Stanford’s best—hacking against
the US,” says Anderson. “They pay them to do that. That is quite routine for
them. “And they’re very calculated in what they do, they have requirements just
like the United States intelligence community has requirements,” said Anderson.
They are also extremely ambitious in their goals.
In a 2011 email, Su’s team claimed with a flourish that the information they
were stealing would “allow us to rapidly catch up with US levels … To stand
easily on the giant’s shoulders.” The Chinese government refused to respond to
repeated requests for comment on the allegations contained in the book.
Su’s run as one of the most damaging Chinese spies
of his generation would end in the summer of 2014, when he was arrested in
Canada on a US-issued warrant five years after he sent his first instructions
to his co-conspirators in China detailing targets for hacking inside the United
States.
A Justice Department statement announcing his
indictment said he had “worked with two unindicted co-conspirators based in
China to infiltrate computer systems and obtain confidential information about
military programs, including the C-17 transport aircraft, the F-22 fighter jet,
and the F-35 fighter jet.” Two years later, in February 2016, Su consented to
be sent to the United States, where he pleaded guilty in California.
Su’s indictment in 2014 was a victory for the FBI
and an example of good cyber police work. Despite Su and his team’s prodigious
efforts to cover their electronic tracks, FBI analysts successfully followed
their electronic trail across the globe, through multiple countries and
multiple “hop points,” and traced it all back to one friendly and gregarious
Chinese businessman.
However, for every one hacker the US identifies and
indicts, many more get away or are never spotted at all. “There’s hundreds if
not thousands of these people in my opinion that are here or in our friendly
partner countries because now it’s a global business environment,” he added.
Overwhelmed and overmatched
More alarmingly, Anderson warns that the FBI’s
cyber division is aware of, perhaps, 10 percent or less of all cyber intrusions
like the one carried out by Su and his partners. They are simply overwhelmed
and often overmatched.
For the US military, the extent of the damage from
the hacking by Su and his partners is not entirely clear. China has since
deployed similar aircraft with similar capabilities. However, US military
officials have told me, often with some derision, that China’s J-31 fighter and
Y-20 transport are, at best, cheap facsimiles.
Bob Anderson is less sanguine. He is not a military
commander. He has spent his entire professional life in law enforcement.
However, he has seen the intelligence. And when I asked him how much sensitive
data Su and his team had stolen relating to some of America’s most advanced
military aircraft, his answers were disturbing. For the C-17 he said, simply,
“A lot, a lot.” For the F-35, he went a little further: “A lot, enough to where
I think it’s a huge problem.”
China, in the span of five years and with just
three operatives, had at least narrowed the gap with the United States on three
of its most advanced military aircraft—aircraft that had taken more than a
decade for the United States to develop and tens of billions of dollars to
design and manufacture. Anderson and other intelligence and law enforcement
officials I’ve interviewed speak of China with a spy’s grudging respect for
their adversary.
“We are looked at as the most significant adversary
they’ve got and they’re gonna lie, cheat, and steal … to figure out how they’re
gonna get ahead of us,” Anderson told me. “I don’t think people look at it that
way.”
