Cyber Incident Victim: The Boeing Company
Date:
Jan 2009
Location:
United States of America
Summary
A Chinese businessman collaborating with unidentified individuals in China orchestrated cyber intrusions targeting Boeing and other aerospace firms, stealing sensitive military aircraft data including details on fighter jets and cargo planes to advance Chinese aviation capabilities. The defendant, arrested in cooperation with international law enforcement, allegedly facilitated the theft to enable technological gains, as evidenced by communications stating the intent to rapidly catch up with US defense industry standards.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In June 2014, the US Department of Justice announced charges against Chinese businessman Su Bin, also known as Stephen Su, for his alleged role in orchestrating cyber intrusions targeting major US aerospace companies, including Boeing and Lockheed Martin. The hacking activities reportedly began in 2009 and continued through 2013, with Su and unidentified co-conspirators in China systematically accessing sensitive defense-related data. According to US authorities, the group remotely infiltrated computer systems of cleared defense contractors to identify and extract technical information about advanced military aircraft programs. Specific targets included data related to the F-22 Raptor and F-35 Lightning II fighter jets, as well as the C-17 Globemaster III military transport aircraft. Su, described as an executive for a Chinese aerospace company with Canadian offices, allegedly facilitated these operations by communicating with hackers in China about which files to steal. Evidence cited by investigators included emails in which Su stated the stolen aircraft data would enable Chinese designers to "stand easily on the giant’s shoulders" and "rapidly catch up with US levels" in aerospace technology development.
The Royal Canadian Mounted Police arrested Su in British Columbia on June 28, 2014, following coordinated efforts with the FBI. US Justice Department officials characterized the intrusions as significant compromises of sensitive defense information residing on contractor networks. While the full scope of exfiltrated data wasn't detailed in initial charges, authorities emphasized the targeted systems contained proprietary technical specifications critical to US military aviation programs. The indictment marked one of the first public cases linking commercial espionage directly to Chinese corporate entities through digital means. Boeing and Lockheed Martin were identified as primary victims, though the Justice Department noted other unnamed US companies were also compromised. No technical details about the intrusion methods or specific defensive measures taken by the companies were disclosed in the initial charging documents released in July 2014. The case proceeded through international legal channels following Su's arrest, focusing on his extradition to face charges in the United States.