China’s ‘sprawling hacking-industrial complex’ – Su Bin accused of stealing Boeing’s aviation data

by Chris Zappone

It looks like the team at the Justice Department specially trained to handle hacking investigations has been busy. Only weeks after the indictments of the five PLA officers, a new case has been publicized. The Justice Department unsealed an indictment against Su Bin, a Chinese citizen in Canada, and two unnamed co-conspirators, for breaking into Boeing’s computers to pilfer information about the C-17, F-22 and F-35.

Su Bin sold the plans to Chinese businesses. The nature of the case underscores how messy the relationship is between China’s military and the hackers who freelance. In fact you can argue that the cyberhacking issue provides a peephole into how complicated, if not disorderly the relationship is between China’s state and its citizens in matters of industry and military. It shows that while China’s military is huge – it’s not exactly a monolith.

The Wall Street Journal: The complaint helped to answer one question about China’s sprawling hacking-industrial complex. The country’s cyberwarriors, some of whom work for the military and others on their own, hit so many targets and vacuum up so much information, that it can at times it can be hard to tell who is directing them, a former U.S. official said.

Many hackers work as freelancers, sometimes during off hours, then try to sell stolen information to state-owned firms.

This scale would help account for the repeated accusation from the US and that size and persistence of China’s hacking is remarkable, compared to other countries. Russians are considered some of the most skilled hackers, but not necessarily as prolific as those from China. In a way, the scale-advantage for China is natural, given the size of the country. One question is whether scale-equals advantage in the cyberrealm where one well-executed exploit, one particularly subtle algorithm, can automate a function, and do what it would take millions of humans to do.

These are computers we’re talking about.

Another comment related to this WSJ story is also important. A reader of the story, whose name I won’t include here, describes the “thousand grains of sand”, or mosaic style of Chinese information theft and gleaning. On the quoted WSJ story, this reader writes:

The difference between cold war spying (US vs Soviet) and today’s spying (US vs China) is also the most difficult for the US to understand and handle: During the cold war (before internet and global commerce), spying was a competing game between governments and professionals.

Today’s China play[s] that government and professional game but also a civilian game. [In] the civilian game it plays, China takes advantage of many overseas Chinese’s cultural identity and national loyalty. In that sense, Chinese shares a lot with Jews in the cultural identity and sense of belonging, except [it] may be even deeper with some Chinese people.

With that kind of mind set (not in all but many Chinese residing outside of China), it is very easy for the Chinese intelligence to exploit its human resource advantages at least quantitatively if not qualitatively. That plus the promise of money will make many Chinese emigrants living in Western world tempt to think twice when they are approached by Chinese intelligence.

Notice the commenter himself describes China’s snooping advantage as “quantitative…if not qualitative…”

In these matters, I think China sees scale as a central advantage – much like in trade, geo-economics, negotiations, etc. The question for the world outside of China is whether that’s actually true.