Thursday, December 12, 2019

How To Steal an Airplane

Chinese JSSD agent Xu Yanjun, now in a Michigan jail awaiting trial.
The Story of Turbine Panda

In April 2018, a Chinese intelligence agent named Xu Yanjun got off a plane in Brussels, Belgium and headed for St. Catherine Square, a bustling area of shops and quaint cobblestone streets. Xu had a meeting planned with one of his assets, a US-based General Electric engineer who was in Brussels on vacation. The plan was to discuss what confidential aerospace design information the engineer could steal from GE to turn over to Xu. 

The meeting was a sting operation. Instead of a friendly drink, Xu was greeted by a team of Belgian police and FBI agents from the US. They clapped him in handcuffs and escorted him to a Belgian jail, He was kept there, incommunicado so he could not converse with his superiors in Nanjing, for six months. In October 2018 he was extradited by Belgium to stand trial in the US on four counts of industrial espionage including theft of trade secrets, paying a GE engineer to pass trade secrets to Chinese officials, and attempting to steal trade secrets by fraud, artifice, and deception. 

This investigation exposed an unusually wide-ranging industrial spying conspiracy by China, targeting at least 13 different US and international companies. In this case, China broke down an important industrial project, the C919 passenger jet plane, into all its major components and subsystems, and systematically targeted the western companies producing each one. All those companies had partnerships with Chinese manufacturers, under which they were already sharing their technology and parts. But that didn’t stop Chinese spies, led by Xu, from targeting them for IP theft. Thanks to a comprehensive report by Adam Kozy of US cybersecurity firm Crowdstrike, we have great insight into the thoroughness and audacity of this attack on US and western intellectual property.

Xu is still in a federal prison in Milan, Michigan awaiting trial. He is not just another engineer who decided to betray his company and his country for money or Chinese patriotism. He is a senior operative of the Jiangsu State Security Division (JSSD), a division of China’s feared spy agency, the Ministry of State Security, dedicated to industrial espionage. Xu is likely the most senior MSS agent ever to see the inside of a US prison. 

The Crowdstrike report says that Xu, other JSSD agents, and the employees they recruited at western companies used “traditional espionage, cyber intrusions, and cover-ups.” Crowdstrike labeled the operation TURBINE PANDA.  Their report says: “TURBINE PANDA conducted cyber intrusions from a period of roughly 2010 to 2015 against several of the companies that make the C919’s various components…the first preparatory activity in January 2010 believed to be associated with TURBINE PANDA targeted Los Angeles-based Capstone Turbine and began just a month after choosing CFM as its engine provider.” 

CFM is a partnership of America’s GE Aviation and France’s Safran providing the technology for the engine at the heart of the C919 plane. Figure 1 shows the key subsystem manufacturers involved in partnerships with Chinese manufacturers to produce the C919. They include high-tech aerospace companies from the US, France, Germany, and Britain. 

An indictment filed in California on October 25, 2018 and based on charges from a grand jury empaneled in June 2017 names 13 western companies, most of them American, as victims of an IP theft conspiracy managed by two JSSD officers, Zha Rong and Chai Meng. The ten indicted men include a GE engineer, Zhang Zhang-Gui, who went under the codename Leanov, Gu Gen and Tian Xi. The latter two worked for the French manufacturer Safran. According to the indictment, Safran was infiltrated when its employees placed “malware” into the Safran computer network in its Suzhou, China offices. The malware gave the JSSD access to all the files in the Safran network with their confidential information. 

All the indicted employees of western companies have Chinese names, indicating that misplaced nationalistic Chinese “patriotism” plays a role in the success of the JSSD in persuading western engineers to betray their employers (and often their citizenship, since many individuals charged with such crimes have become US citizens). Naturally, money plays a role too. Often it is surprisingly small amounts of money. Zhang (aka Leanov) traveled to China and gave a lecture to a group of Chinese aerospace engineers allegedly disclosing confidential GE information for a payment of just $3500. Zhang took time off from GE, allegedly telling his work colleagues he would be attending a family wedding. There was no wedding, just meetings and lectures with Chinese agents and aerospace professionals.

What did COMAC gain from this spying operation? Even with all its western partners, COMAC has had significant difficulties developing and building the C919 with the performance and safety features that match its competitors from Boeing and Airbus. The espionage activities gave a big boost to COMAC’s product development, Crowdstrike concludes, “knocking several years (and potentially billions of dollars) off of its development time.”

In western business dealings, when two companies sign a partnership, it is usually the beginning of a fruitful collaboration in which the two sides treat each other with respect. When a Chinese company signs a partnership with a western company, the TURBINE PANDA case suggests that it moves almost immediately to identify potential traitors within the western partner company and try to steal its partners’ IP so as to get for free what the western partner is probably already willing to sell for compensation. The irony is that the sooner that COMAC gets the C919 up and flying internationally, the more likely it is that this will dent the sales and profits of Boeing and Airbus, negatively impacting suppliers like GE and Safran. 

Yet, western companies still come running every time China offers a partnership. According to an August news report, COMAC is now working on the C929, a competitor with the Boeing 747 targeted for flight in 2025. Both GE and Rolls-Royce are talking to COMAC about partnerships. 

Private companies cannot resist the lure of the China market, even though it offers short-term gain at the expense of huge long-term loss. That’s why government action is required.  The western aerospace industry, like so many western industries, will gain in the long run by doing less business with China today. We must isolate China from our markets until it is ready to respect international intellectual property norms.

Figure 1: Diagram of COMAC's C919 plane showing partner companies providing technology for key subsystems. Source: Crowdstrike.


See also our other features on China’s IP theft:


No comments:

Post a Comment