eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Not all Chinese hackers are actually in China. Case in point is a newly revealed case against Su Bin, who is alleged to have been stealing secrets from U.S. defense contractors, including Boeing and Lockheed Martin.
According to a Canadian media report in The Province, Su was arrested in Richmond, British Columbia, on June 28 and has a bail hearing set for July 18. Su was arrested after the U.S. government made a request to the Canadian government to apprehend Su on allegations of computer hacking. Su had been seeking to gain permanent resident status in Canada.
According to the criminal complaint, Su is the owner of Lode-Tech, a China-based company that also has an office in Canada.
The United States alleges that since at least August 2009, Su worked with a pair of unnamed hackers to collect data from U.S. companies. The targeted information includes data on the Boeing C-17 strategic transport aircraft as well as the Lockheed Martin F-22 and F-35 fighter jets.
An NBC News report stated that Su allegedly wrote in an email that the data he was collecting would help China rapidly catch up with U.S. levels of technology.
The complaint also alleges that Su’s unnamed accomplices had contact with military and commercial entities involved in aerospace technology in the People’s Republic of China. There is not yet a clear picture of how Su or his accomplices were able to breach the security at the U.S. defense contractors.
The arrest of Su is one of the first such arrests of a Chinese national in North America for hacking U.S. companies. The United States is well aware of others located inside China who are also directly hacking U.S. companies, though actual arrests have not yet been made.
On May 19, U.S. Attorney General Eric Holder announced an indictment naming Chinese military officers attached to the Chinese People’s Liberation Army (PLA) Unit 61398 as being allegedly responsible for attacking U.S. companies. The May indictment specifically identifies an eight-year period from 2006-2014 during which attacks took place against Westinghouse Electric; U.S. subsidiaries of SolarWorld AG; U.S. Steel; Allegheny Technologies (ATI); the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union; and Alcoa.
In February 2013, security firm Mandiant first disclosed the activities of Chinese People’s Liberation Army (PLA) Unit 61398, which is tasked with launching cyber-espionage campaigns against the United States.
Even more recently—just last week—the New York Times reported that hackers from China had allegedly gained access to the Office of Personnel Management, which is the U.S. government agency that houses information on federal government employees.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.