Centre for China Analysis and Strategy

CHINA-US: HI-TECH CYBER THEFT AND INDIAN DATA

The arrest of Chinese national and businessman, Su Bin, by the US is the first time that the FBI has issued a warrant against a foreigner charged with an act of cyber espionage via a network attack that has till now been attributed solely to state actors like the PLA. The role of Su Bin @ Stephen Su, was to help his partners identify valuable military aviation technology to steal and then find buyers for the stolen data. His company's logo as portrayed on the Lode-Tech.com website advertises: "We will track the world's aviation advanced technology." Essentially they offered a 'hackers-for-hire' service.

Su Bin has been the owner and manager of Beijing Lode Technology Company Ltd., since 2003. Lode-Tech is a cable harness equipment company that serves the aviation and space market. The company has offices in Beijing, Shanghai, Guangzhou, Shenzhen, Chengdu, Xi'an, Shenyang and Changchun. Lode-Tech is also a representative and distributor of related aerospace products for a number of companies including DIT-MCO in Kansas City, MO. This company proudly announces that its equipment "was used on the early "Hawk Missile," the first intercontinental Atlas missile, the Polaris missiles for the Navy, the Titan missiles for the Air Force, and the Patriot Missile used so successfully in the Desert Storm War, as well as almost all the aircraft used by the Air Force, Army and the Navy.”

Su Bin identified valuable technology and sent them to two entities in China who are, in turn, affiliated with numerous other organisations in China. They focussed mainly on "military technology intelligence". According to the charges filed by the FBI, they have an unidentified funding source that provided working capital in seven figures RMB, a hierarchial structure, and engage in business development. They've been working with Su Bin since at least August, 2009.

Among the important data successfully targetted by this group are:

i) data on the Boeing C-17 project;

ii) F-22 data from Lockheed Martin;

iii) stole 20GB of data from a U.S. military contractor via the company's FTP server;

iv) acquired a list of contractors and suppliers for a U.S. Unmanned Aerial Vehicle project and performed network reconnaissance; and

(v) accessed a Russian-Indian joint missile development program by "controlling" the company's website and "awaiting the opportunity to conduct internal penetration".

(NOTE: The name of the company is redacted in the report but it may be referring to the Brahmos 2 missile developed by Brahmos Aerospace, a joint venture between India's DRDO and Russia's NPO Mashinostroyenia.)