A Chinese businessman is scheduled to receive jail time for his involvement in a conspiracy to hack several U.S. companies.
On Wednesday, Su Bin, a Chinese national, pleaded guilty to participating in a conspiracy to gain unauthorized access to the computer networks of several contractors for the United States military, steal sensitive and proprietary data, and sell that information in China.
“Su Bin admitted to playing an important role in a conspiracy, originating in China, to illegally access sensitive military data, including data relating to military aircraft that are indispensable in keeping our military personnel safe,” said the US Assistant Attorney General for national security, John Carlin. “This plea sends a strong message that stealing from the United States and our companies has a significant cost; we can and will find these criminals and bring them to justice.”
A statement issued by the Department of Justice reveals that between October 2008 and March 2014, Su conspired with two individuals in China in an effort to hack the protected computer systems of Boeing Company, among other U.S. defense contractors.
Su appears to have provided information on persons and technologies that the two individuals leveraged via social engineering attacks to gain access to each target company. Once the hackers gained access, the businessman specified which files he wanted stolen. Su then translated the files from English into Chinese and sent reports regarding the group’s exploits to the final beneficiaries of the hacking activities.
The DOJ statement does not name who in China was buying the stolen information.
Su was ultimately arrested in Canada in the summer of 2014 while he was trying to gain Canadian citizenship.
The businessman faces up to five years in prison for his participation in the conspiracy, with his sentencing set for July 13 before a federal judge in Los Angeles.
News of this conviction follows on the heels of the Chinese government calling for increased cooperation with the FBI on matters pertaining to internet security and counterterrorism.