COURT DOC: Chinese National Who Conspired to Hack into U.S. Defense Contractors’ Systems Sentenced to 46 Months in Federal Prison

A Chinese national who admitted to participating in a years-long conspiracy that involved Chinese military officers hacking into the computer networks of major U.S. defense contractors in order to steal military technical data was sentenced today to 46 months in federal prison.

Su told his co-conspirators military officers in China whom to target, which files to steal and why the information they stole was significant. During the course of the conspiracy, Su and his co-conspirators stole sensitive military and export-controlled data and sent the stolen information to China.

On March 23, Su pleaded guilty to one count of conspiring to gain unauthorized access to a protected computer and to violate the Arms Export Control Act by exporting defense articles on the U.S. Munitions List contained in the International Traffic in Arms Regulations. Su admitted that he conspired with two persons in China from October 2008 to March 2014 to gain unauthorized access to protected computer networks in the United States including computers belonging to the Boeing Company in Orange County, California to obtain sensitive military information and to export that information illegally from the United States to China.

A criminal complaint filed in 2014 and subsequent indictments filed in Los Angeles charged Su, a China-based businessman in the aviation and aerospace fields, for his role in the criminal conspiracy to steal military technical data, including data relating to the C-17 strategic transport aircraft and certain fighter jets produced for the U.S. military. Su was initially arrested in Canada in July 2014 on a warrant issued in relation to this case. Su ultimately waived extradition and consented to be conveyed to the United States in February 2016.

Su admitted that as part of the conspiracy, he sent e-mails to his co-conspirators with guidance regarding what persons, companies and technologies to target during their computer intrusions. (Source: U.S. Department of Justice)