Cyber Incident Victim: Lockheed Martin
Date:
Jan 2009
Location:
United States of America
Summary
A Chinese aerospace executive was charged with conspiring to hack major US defense contractors, including Lockheed Martin, to steal sensitive military aircraft data such as designs for the F-22, F-35, and C-17 programs. Working with China-based hackers, the individual facilitated unauthorized access to corporate networks over several years, intending to transfer proprietary information to benefit Chinese aviation development. The suspect was arrested overseas through international law enforcement cooperation and allegedly described the stolen data as enabling China to rapidly advance its aerospace capabilities by building upon US technology.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
The US Department of Justice announced charges on July 11, 2014, against Chinese businessman Su Bin—also known as Stephen Su—for orchestrating a multiyear cyberespionage campaign targeting major US aerospace and defense contractors, including Lockheed Martin and Boeing. Su, an executive at a Chinese aerospace company with offices in Canada, allegedly collaborated with unidentified hackers based in China between 2009 and 2013 to infiltrate the computer networks of cleared US defense contractors. The group remotely accessed sensitive technical data related to advanced military aircraft programs, including specifications for the F-22 Raptor and F-35 Lightning II fighter jets, as well as the C-17 Globemaster III transport aircraft. Su’s role involved identifying high-value data for exfiltration, as evidenced by his email communications describing the stolen information as a means for Chinese aviation designers to “stand easily on the giant’s shoulders” and “rapidly catch up with US levels.” The Royal Canadian Mounted Police arrested Su in British Columbia on June 28, 2014, at the request of the FBI, marking the culmination of a joint international investigation.
The breach compromised proprietary technical data critical to US military aviation programs, though the full scope of exfiltrated material remains undisclosed. Prosecutors characterized the operation as a systematic effort to harvest defense secrets for China’s aerospace industry, with Su acting as both a facilitator and beneficiary of the stolen data. Lockheed Martin, Boeing, and other affected contractors faced no reported operational disruptions, but the incident exposed vulnerabilities in safeguarding sensitive intellectual property from persistent cyber threats. The Justice Department’s indictment represented one of the first public attributions of state-aligned economic espionage involving a Chinese national, signaling increased US enforcement against cyber-enabled theft of military technology. Su remained in Canadian custody pending extradition proceedings as of July 2014, while investigators continued efforts to identify his co-conspirators in China. No further details regarding network remediation measures or financial impacts on the victim companies were released at the time of the initial charges.