A Chinese citizen has pleaded guilty to hacking offences against US contractors in the quest for sensitive data.
The aviation specialist, 50-year-old Su Bin, was arrested in July 2014 after law enforcement became suspicious of his role in cyberattacks against US defense contractors including Boeing, which produces military jets and technology for the country's military.
In a press release on Wednesday, the US Department of Justice (DoJ) said the Chinese national, also known as "Stephen Su" and "Steven Subin," pleaded guilty to a conspiracy to break into contractor systems in the quest for sensitive military and "export-controlled" data. Once acquired, this information ended up in China, where its value is incalculable to the Chinese government and military.
Su Bin worked with two other people to ferret out the best targets in the aerospace and military fields. From October 2008 to March 2014, Su Bin would email his co-conspirators with guidance notes on their chosen victims -- including what people, firms and technologies to target.
One of the other cybercriminals would then break into the victim's network and email Su the lists of directories they were able to access. The executive then told his associated which information was most valuable and worth stealing.
Once this data was stolen and the cyberattacker erased his tracks, the executive translated the documents from English to Chinese and send the information to recipients in his home country.
The Chinese national was arrested in Canada in 2014, and eventually agreed to waive his extradition rights, traveling to the United States in February 2016.
Su Bin admitted his guilt as part of a plea bargain in the Central District of California court in front of US District Judge Christina Snyder.
US prosecutors say the Chinese executive could face up to five years in prison and a fine of $250,000 or twice the gross gain or loss based on the cyberattack campaign.
"Su Bin admitted to playing an important role in a conspiracy, originating in China, to illegally access sensitive military data, including data relating to military aircraft that are indispensable in keeping our military personnel safe," said Assistant Attorney General Carlin.
"This plea sends a strong message that stealing from the United States and our companies has a significant cost; we can and will find these criminals and bring them to justice. The National Security Division remains sharply focused on disrupting cyber threats to the national security, and we will continue to be relentless in our pursuit of those who seek to undermine our security."
Sentencing is due on July 13.
Read on: Top picks
- How to increase your Bitcoin mining profit by 30 percent with less effort
- SMS Android malware roots and hijacks your device - unless you are Russian
- Bug bounties: Which companies offer researchers cash?
- Shodan: The IoT search engine privacy messenger
- What happens when you leak stolen bank data to the Dark Web?