Adapted from “The Shadow War: Inside Russia and China’s Secret Operations to Defeat America” by Jim Sciutto. Copyright © 2019. Available from Harper Collins.
To his American friends and contacts, Stephen Su was an affable businessman and gregarious guy.
“People liked him,” Bob Anderson, the FBI’s former head of counterintelligence, told me. “They didn’t think he was an asshole and I know that sounds stupid, but people are people and that’s how it started.”
Stephen Su, who also went by his Chinese name Su Bin, lived in his native China but traveled frequently to the United States and Canada, to build a business in the aviation and aerospace sectors. His company, Lode-Tech, was a small player in a field of giants. However, from 2009 to 2014, Su steadily and deliberately built a network of close business contacts inside far bigger US and Canadian defense contractors who held some of most sensitive US military contracts.
“So, he cultivates you over time,” Anderson recalled.
The information Su was most interested in related to three of the most advanced US military aircraft ever built, the Lockheed Martin F-35 and F-22 stealth fighters and the Boeing C-17 Globemaster transport aircraft. Though they were the products of two of the Pentagon’s biggest military contractors, each drew on thousands of components sourced from dozens of smaller suppliers. That supply chain provided numerous ins for Su—as well as a convenient explanation for any partners who grew concerned about the kind of information he was looking for.
“Su would say, ‘I’m not asking you to give me the F-35, but what’s it matter if I get one system out of it that we could sell to a friend or a perspective client?’” said Anderson. “And then go from there, and it takes time.”
Unfettered access for three years
As it turns out, Su and his partners would have unfettered access inside Boeing’s network for three years before the intrusion was first discovered. During that time, they would claim to have stolen some 630,000 digital files – totaling a gargantuan 65 gigabytes of data – on the C-17 alone. They stole tens of thousands more files on the F-22 and F-35. It was an extraordinary trove of information on some of America’s most advanced and sensitive military projects.
Su’s team, while enormously successful, was just one small part of a massive army of Chinese hackers dedicated to stealing America’s most sensitive government and private sector secrets. Over the last two decades, China has built an enormous infrastructure charged with cyber espionage. The Office of the US Trade Representative estimates that the United States loses up to $600 billion per year in intellectual property. Since it deems China “the world’s principal IP infringer,” the USTR believes China may be responsible for bulk of those losses.
China’s theft of US trade and government secrets is not bad behavior by rogue Chinese individuals or organizations, it is government policy – and it is one of the issues at the root of the trade war raging between the US and China today. One senior US law enforcement official described China’s espionage apparatus to me as akin to a “tapeworm,” feeding off tens of thousands of US institutions and individuals, to siphon away America’s most treasured asset: its ingenuity. Beijing’s goal is nothing short of surpassing the United States as the world’s most powerful and most technologically advanced superpower. Chinese leaders would prefer to do so peacefully, but if there is a war, they want to level the battlefield.
‘This is about world domination’
“This is about world domination and when or if there has to be a conflict—and unfortunately there probably will be one—they want to be mano-a-mano, if not better than the US, and that’s what they’ve set their sights on for the last thirty or forty years,” Anderson explained.
The exact number of spies like Stephen Su is hard to pinpoint but Anderson estimates that, at any one time, there are dozens of teams like his operating in the United States. And behind them in China, Anderson says, are far more hackers at work, some employed full-time by Chinese security services, others working on a part-time basis.
“You’d go to jail here, but the Chinese have tens of thousands of young kids—like our MIT’s or Stanford’s best—hacking against the US,” says Anderson. “They pay them to do that. That is quite routine for them.
“And they’re very calculated in what they do, they have requirements just like the United States intelligence community has requirements,” said Anderson.
They are also extremely ambitious in their goals. In a 2011 email, Su’s team claimed with a flourish that the information they were stealing would “allow us to rapidly catch up with US levels … To stand easily on the giant’s shoulders.”
The Chinese government refused to respond to repeated requests for comment on the allegations contained in the book.
Su’s run as one of the most damaging Chinese spies of his generation would end in the summer of 2014, when he was arrested in Canada on a US-issued warrant five years after he sent his first instructions to his co-conspirators in China detailing targets for hacking inside the United States. A Justice Department statement announcing his indictment said he had “worked with two unindicted co-conspirators based in China to infiltrate computer systems and obtain confidential information about military programs, including the C-17 transport aircraft, the F-22 fighter jet, and the F-35 fighter jet.” Two years later, in February 2016, Su consented to be sent to the United States, where he pleaded guilty in California.
Su’s indictment in 2014 was a victory for the FBI and an example of good cyber police work. Despite Su and his team’s prodigious efforts to cover their electronic tracks, FBI analysts successfully followed their electronic trail across the globe, through multiple countries and multiple “hop points,” and traced it all back to one friendly and gregarious Chinese businessman. However, for every one hacker the US identifies and indicts, many more get away or are never spotted at all.
“There’s hundreds if not thousands of these people in my opinion that are here or in our friendly partner countries because now it’s a global business environment,” he added.
Overwhelmed and overmatched
More alarmingly, Anderson warns that the FBI’s cyber division is aware of, perhaps, 10 percent or less of all cyber intrusions like the one carried out by Su and his partners. They are simply overwhelmed and often overmatched.
For the US military, the extent of the damage from the hacking by Su and his partners is not entirely clear. China has since deployed similar aircraft with similar capabilities. However, US military officials have told me, often with some derision, that China’s J-31 fighter and Y-20 transport are, at best, cheap facsimiles.
Bob Anderson is less sanguine. He is not a military commander. He has spent his entire professional life in law enforcement. However, he has seen the intelligence. And when I asked him how much sensitive data Su and his team had stolen relating to some of America’s most advanced military aircraft, his answers were disturbing.
For the C-17 he said, simply, “A lot, a lot.” For the F-35, he went a little further: “A lot, enough to where I think it’s a huge problem.”
China, in the span of five years and with just three operatives, had at least narrowed the gap with the United States on three of its most advanced military aircraft—aircraft that had taken more than a decade for the United States to develop and tens of billions of dollars to design and manufacture. Anderson and other intelligence and law enforcement officials I’ve interviewed speak of China with a spy’s grudging respect for their adversary.
“We are looked at as the most significant adversary they’ve got and they’re gonna lie, cheat, and steal … to figure out how they’re gonna get ahead of us,” Anderson told me. “I don’t think people look at it that way.”