![](\"https:\/\/media.wired.com\/photos\/5bbb9fc52b915f2dff96d6e4\/master\/pass\/WI110118_FF_SuBin_Illustration_Jules-Julien.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Garrett M. Graff| Date: Thu, 11 Oct 2018 10:00:00 +0000<\/strong><\/p>\n Kevin and Julia<\/span> Garratt had spent nearly all of their adult lives in China. A devout Christian couple in their fifties with an entrepreneurial streak, they operated a caf\u00e9 called Peter\u2019s Coffee House, a popular destination in the city of Dandong, according to Trip\u00adAdvisor. Dandong is a sprawling border town that sits just across the Yalu River from North Korea. For tourists and expats, the Garratts\u2019 coffee shop\u2014just a short walk from the Sino-\u00adKorean Friendship Bridge\u2014was a hub of Western conversation and comfort food. \u201cAfter time in North Korea a decent cup of coffee was one of those things I was really looking forward to,\u201d one Australian tourist wrote in early 2014. \u201cPeter\u2019s was a perfect place.\u201d<\/p>\n The Garratts had <\/span>come to China<\/a> from Canada in the 1980s as English teachers. They lived in six different Chinese cities over the years, raising four children along the way, before settling in Dandong. From their perch near the border, they helped provide aid and food to North Korea<\/a>, supporting an orphanage there and doing volunteer work around Dandong itself. The Garratts had a strong social network in the city, so it didn\u2019t seem odd to either of them when they were invited out to dinner by Chinese acquaintances of a friend who wanted advice on how their daughter could apply to college in Canada.<\/p>\n The meal itself, on August 4, 2014, was formal but not unusual. After dinner, the Garratts got into an elevator that took them from the restaurant down to a lobby. The doors opened onto a swarm of bright lights and people with video cameras. The Garratts initially thought they\u2019d stumbled into a party of some kind, maybe a wedding. But then some men grabbed the couple, separated them, and hustled them toward waiting cars. Everything happened fast, and very little made sense. As the vehicles pulled away, neither Kevin nor Julia had any idea that it was the last they\u2019d see of one another for three months.<\/p>\n It wasn\u2019t until the two arrived at a police facility that they each realized they were in real trouble. And it wasn\u2019t until much later still that the couple would understand why they had been taken into custody. After all, before their detainment, they\u2019d never even heard of a Chinese expat living in Canada named Su Bin.<\/p>\n When the Garratts <\/span>first arrived in China, in 1984, the country was still transitioning away from collective farms. Shanghai had only just opened up to foreign investment; the future megacity Shenzhen still had just a few hundred thousand inhabitants. Over the ensuing three decades, the couple would watch as China hurtled from eighth-largest economy in the world to second-largest, powered, famously, by mass migrations of people into new industrial cities and the erection of a vast manufacturing and export sector. But especially in the later years of the Garratts\u2019 career as expats, the country\u2019s growth was also propelled by a more invisible force: a truly epic amount of cheating.<\/p>\n China has become one of the world\u2019s most advanced economies overnight in no small part through the rampant, state-sponsored theft of intellectual property from other countries. This extended campaign of commercial espionage<\/a> has raided almost every highly developed economy. (British inventor James Dyson has complained publicly about Chinese theft of designs for his eponymous high-end vacuums.) But far and away its biggest targets have been the trade and military secrets of the United States. From US companies, Chinese hackers<\/a> and spies have purloined everything from details of wind turbines and solar panels to computer chips and even DuPont\u2019s patented formula for the color white. When American companies have sued Chinese firms for copyright infringement, Chinese hackers have turned around and broken into their law firms\u2019 computer systems to steal details about the plaintiffs\u2019 legal strategy.<\/p>\n The Quantum Spy<\/em> Author David Ignatius on the Future of High-Tech Espionage<\/p>\n Each theft has allowed Chinese companies to bypass untold years of precious time and R&D, effectively dropping them into the marathon of global competition at the 20th mile. China\u2019s military has gotten a leg up too. Coordinated campaigns by China\u2019s Ministry of State Security and the People\u2019s Liberation Army have helped steal the design details of countless pieces of American military hardware, from fighter jets to ground vehicles to robots. In 2012, National Security Agency director Keith Alexander called it the \u201cgreatest transfer of wealth in history,\u201d a phrase he has regularly repeated since.<\/p>\n And yet, despite a great deal of restlessness in the ranks of law enforcement and intelligence agencies, the United States was, for years, all but paralyzed in its response to Chinese hacking. China simply denied any hand in the thefts, professing to take great umbrage at the idea. American diplomats were skittish about upsetting a sensitive bilateral relationship. And American companies, in turn, were often inclined to play dumb and look the other way: Even as they were being robbed silly, they didn\u2019t want to jeopardize their access to China\u2019s nearly 1.4 billion consumers.<\/p>\n John Carlin, who served as assistant attorney general for national security during the Obama administration, recalls one meeting with executives from a West Coast company whose intellectual property was being stolen by Chinese hackers. The executives even projected that, in seven or eight years, the stolen IP would kill their business model; by that point, a Chinese competitor would be able to undercut them completely with a copycat product. But the company\u2019s general counsel still didn\u2019t want the government to step in and take action. \u201cWe are going to be coming back to you and complaining,\u201d the general counsel said. \u201cBut we\u2019re not there yet.\u201d<\/p>\n Finally, between 2011 and 2013, the US began to reach a breaking point. Private cybersecurity<\/a> firms released a string of damning investigative reports on China\u2019s patterns of economic espionage; the US government started to talk more publicly about bringing charges against the country\u2019s hackers. But it was far from clear how any government or company might successfully turn back the tide of Chinese incursions. President Obama pressed the issue of cyberthefts in his first meeting with President Xi in 2013, only to be met with more denials.<\/p>\n This is the story of how the US finally achieved some leverage over China to bring a stop to more than a decade of rampant cybertheft, how a Canadian couple became bargaining chips in China\u2019s desperate countermove, and how the game ended happily\u2014only to start up again in recent months with more rancor and new players.<\/p>\n On Monday, May <\/span>19, 2014, nearly three months before the Garratts were whisked away into the Dandong night, the US Justice Department called a press conference at its headquarters in Washington, DC. Attorney general Eric Holder took the podium to announce charges against five hackers for breaking into the systems of several US companies, including U.S. Steel, Westinghouse, and a renewable-energy outfit called SolarWorld. The FBI had mocked up a bunch of \u201cWanted\u201d posters, which made it strikingly clear that the hackers all shared an employer: the Chinese army. Two of the men were even pictured in their crisp dress uniforms.<\/p>\n The press conference marked the first time the US had ever indicted individual foreign agents for cyber intrusions. It made front-page headlines across the country, instantly bumping the issue of Chinese economic espionage off the back burner of public consciousness. But the news came with an inevitable caveat: \u201cThe move by the Justice Department was almost certainly symbolic,\u201d The New York Times wrote<\/a>, \u201csince there is virtually no chance that the Chinese would turn over the five People\u2019s Liberation Army members named in the indictment.\u201d<\/p>\n A few days later, Carlin and a Justice Department prosecutor named Adam Hickey were flying back from a meeting with the victims of the PLA hackers. At the Pittsburgh airport, Carlin lamented the obvious: None of the hackers would face a US courtroom anytime soon. Everyone at the Justice Department knew it would take more than a single \u201cname and shame\u201d campaign to change the calculus of Chinese behavior; the US needed to apply pressure on multiple fronts, perhaps building up to a threat of sanctions. Now that they\u2019d made their opening gambit, prosecutors needed a next move, preferably one that would actually put someone in handcuffs. Sitting in the terminal Carlin said, \u201cThe next case, we need a body.\u201d<\/p>\n Hickey smiled. \u201cActually, I\u2019ve got a case I want to talk to you about,\u201d he said.<\/p>\n Kevin and Julia Garratt<\/p>\n The FBI remains <\/span>cagey today about where and how the conspirators first appeared on the agency\u2019s radar. The bureau will say only that it opened its investigation after seeing emails between them. Reading between the lines, the case likely began with intercepts from the NSA, passed through the intelligence community from Fort Meade to the FBI. Eventually, in late summer 2012, a trove of emails between three Chinese agents landed on the desk of supervisory special agent Justin Vallese, who runs a squad of cyber agents in the FBI\u2019s Los Angeles field office.<\/p>\n \u201cFrom day one, we knew it was bad,\u201d Vallese says. \u201cThe contents of those emails are pretty explosive.\u201d<\/p>\n One message, which bore an attachment entitled \u201cC-17 Project Reconnaissance Summary,\u201d appeared to suggest a broad outline of the project therein: a successful, long-term effort by hackers to steal the design secrets of one of America\u2019s most advanced cargo aircraft, the C-17 military transport.<\/p>\n A $202 million-per-unit craft developed by Boeing, the C-17 had been one of the most expensive military planes ever developed by the US Air Force, costing more than $31 billion to create in the 1980s and \u201990s. Since its completion, the C-17 had become a key means of delivering troops, vehicles, and supplies to the front lines of the wars in Afghanistan and Iraq, as well as delivering humanitarian supplies the world over. It\u2019s also used to transport the president\u2019s armored limousines around the globe.<\/p>\n American intelligence agencies knew that, for years, the Chinese had been struggling to build their own large cargo plane, a necessary tool for any modern military that wants to project its power over a large area. Now Beijing was evidently making some headway\u2014by raiding Boeing\u2019s trade secrets to build what was essentially a Chinese version of the C-17.<\/p>\n Right away, the FBI alerted Boeing to the intrusions. (Boeing declined to comment on this story.) After that, agents in Los Angeles began wading through encrypted attachments and translating each message from Chinese. The emails would ultimately give them an incredibly detailed picture of the inner workings of a Chinese espionage operation. Not only that, they realized, it might also give them a chance to actually arrest someone. Two of the conspirators\u2014the ones who did the actual hacking\u2014were out of reach in China. But the third was a successful businessman named Su Bin, and he was based right here in North America, just a three-hour flight from the agents\u2019 offices in LA.<\/p>\n Su, who in the West went by Stephen, owned an 80-employee Chinese aviation-technology firm called Lode-Tech and, according to The Globe and Mail<\/em>, had a comfortable $2 million house in Richmond, British Columbia. He had two kids, both born in Canada; his wife had been a gynecologist, and his oldest son went to college in Switzerland. In 2012, he was interviewed by The Wall Street Journal<\/em> as part of a story about wealthy Chinese decamping for the West. He said he was the son of an army officer and that he had made millions as an aerospace entrepreneur. He told the Journal<\/em> that he found the rules of the West less restrictive. \u201cRegulations [in China] mean that businessmen have to do a lot of illegal things,\u201d Su said at the time.<\/p>\n China's extended campaign of commercial espionage has raided almost every highly developed economy. But far and away its biggest targets have been the military secrets of the United States.<\/p>\n From what the agents could reconstruct, the hacking conspiracy had begun as early as 2009. Su\u2019s contributions as a spy, the agents realized, were intimately tied to his work as an entrepreneur. \u201cSu Bin was what we\u2019d call in the traditional espionage world a spotter\u2014someone who would tee up targets for a nation-state,\u201d explains Luke Dembosky, one of the prosecutors overseeing the case. Through Lode-Tech, Su had a deep network of industry contacts, and his team\u2019s espionage began with mining his knowledge of the field: He would direct his hacker colleagues toward particularly interesting engineers and corporate personnel in the aerospace industry. Then the hackers likely used basic techniques\u2014standard phishing emails\u2014to attempt to penetrate company executives\u2019 email accounts and, from there, access restricted corporate networks.<\/p>\n According to court records, once the hackers got inside a network\u2014through \u201cpainstaking labor and slow groping,\u201d as they put it\u2014they went back to Su Bin. They would send him lists of the files they\u2019d uncovered; he would then highlight in yellow the most valuable documents that they should exfiltrate, guiding them through what they were uncovering. (Investigators came to enjoy the secret irony in Lode-Tech\u2019s tagline, printed in big letters on its website: \u201cWe will track the world\u2019s aviation advanced technology.\u201d)<\/p>\n It was tedious work. Some of the file directories ran to thousands of pages; in one dump of nearly 1,500 pages, Su meticulously highlighted 142 files that seemed most likely to be useful to his Chinese Army contacts\u2014files with names like C17Hangar Requirements 112399.pdf and Critical Safety Item(CSI) Report_Sep2006.pdf. In another 6,000-page \u00addirectory, he picked out the 22 most promising file folders\u2014hitting on one that FBI agents later calculated contained more than 2,000 files related to the C-17.<\/p>\n All told, according <\/span>to their own accounting, Su and his two Chinese partners stole 630,000 files related to the C-17, totaling about 65 GB of data. \u201cWe safely, smoothly accomplished the entrusted mission in one year, making important contributions to our national defense scientific research development and receiving unanimous favorable comments,\u201d the team wrote.<\/p>\n The C-17 wasn\u2019t the hacker\u2019s only target; they filched information about other aircraft as well. Investigators believe they pillaged 220 MB of data related to the F-22 Raptor, as well as files related to the F-35, including its flight test protocols, which Su carefully translated into Chinese. The thefts would be critical to helping the Chinese understand\u2014and copy\u2014the world\u2019s most advanced multirole fighter plane, which had cost $11 billion to develop.<\/p>\n The more they dug, the more the agents realized what a uniquely valuable conspirator Su Bin was, perhaps even sui generis as a spy. He was conversant with the aerospace community, and he spoke English, Chinese, and the technical jargon of aviation in both languages, able to translate the complex world of industrial design schematics, plans, and handbooks. \u201cI don\u2019t know how many Su Bins there are,\u201d Vallese says.<\/p>\n Su\u2019s hacking effort provided a staggering return on investment for the Chinese government: According to court documents, the operation cost China around $1 million\u2014an absolute pittance compared to the decades of engineering knowledge, military technology, and construction details that Su and his team were able to steal from Boeing and the US Air Force. The team\u2019s overseers ran such a tight ship that Su griped in an email about the difficulty of getting \u00adreimbursed for expenses.<\/p>\n According to court documents, the hackers covered their tracks by pinballing stolen files through a sophisticated international server network, with machines planted in the US, Singapore, and Korea. They carefully disguised documents as they stole them, so as to circumvent the internal intrusion alarms at Boeing. Then they were careful to move their digital contraband through at least three foreign countries, ensuring that at least one had unfriendly relations with the United States, to throw pursuers off China\u2019s scent. Ultimately, the files would be deposited on machines near Hong Kong and Macau.<\/p>\n There, officials would pick them up and transfer them back to China\u2014in person, further covering all tracks between the United States and China. But the evidence the FBI had collected left no doubt that the ultimate customer was the Chinese military\u2014and that Su Bin\u2019s partners were members of the military themselves. While the two hackers in China have not been charged publicly, the US government knows who they are; according to court records, investigators intercepted an email that one of the hackers had received with a copy of his own ID card, which included his photo, name, and date of birth. Similarly, emails the FBI traced to the other hacker, one with the subject line \u201cboss,\u201d included photos of both men in Chinese military uniforms.<\/p>\n After their detention the Garratts found themselves caught in China's Kafkaesque justice system, interrogated regularly but with nothing to confess.<\/p>\n By late spring 2014, around the time Carlin was sitting in the Pittsburgh airport with Hickey, the FBI had assembled everything it needed to make a case against Su Bin; as it happened, the timing coincided with the Justice Department\u2019s newfound desire to charge someone with Chinese espionage. \u201cWe were fortunate to get Su into a place where there was an interest and an appetite for an arrest,\u201d Vallese says. \u201cWe had the right subject and had the ability to put hands on him.\u201d<\/p>\n To actually arrest Su, the FBI needed the cooperation of Canadian authorities. Once again, timing may have worked in the case\u2019s favor. Around the same time when the FBI was asking for the Royal Canadian Mounted Police\u2019s help in detaining Su Bin, according to The Globe and Mail<\/em>, Canada was responding to a massive attack by state-sponsored Chinese hackers who had penetrated the network of its National Research Council, which leads the country\u2019s research and development efforts. (China denied the accusation.) Given the chance to help break up a Chinese hacking ring, authorities north of the border were perhaps unusually motivated to help. In any case, they said yes.<\/p>\n By June 2014, the investigative teams knew that Su Bin was planning to leave the country for China\u2014though no one knew for how long. They decided that now was the time to act. A few days before his scheduled trip, Canadian authorities pulled Su Bin over and arrested him.<\/p>\n Right away, China knew that one of its most valuable intelligence assets had been caught. While the \u201cWanted\u201d posters and Eric Holder\u2019s indictment of five military hackers had certainly made an impression on Beijing, Carlin says that the follow-up case against Su Bin\u2014which actually brought a spy into custody\u2014helped shape the Chinese response even further.<\/p>\n \u201cThe Su Bin case, all but unnoticed by the public, had a large impact on Chinese thinking,\u201d says Carlin, who has coauthored with me a new history of the government\u2019s approach to cyberthreats. \u201cIn the space of barely a month, the United States had taken overt steps against two major Chinese economic espionage operations.\u201d<\/p>\n Vallese says the FBI expected it would be an ordeal to get Su Bin back from Canada. International extraditions, even from close partners and allies, are always complicated. \u201cWe weren\u2019t under any impression this was going to be easy,\u201d Vallese says.<\/p>\n As Su Bin prepared for his initial court appearances, China quickly decided to send a not-so-subtle message to Canada. To make America\u2019s northern neighbor think twice about allowing the extradition of Su Bin to the United States, it appears the Ministry of State Security had Kevin and Julia Garratt invited to dinner in Dandong.<\/p>\n After their detention, <\/span>the Garratts found themselves caught in China\u2019s Kafkaesque justice system, interrogated regularly but with nothing to confess. Their family retained James Zimmerman, an American lawyer with the firm Perkins Coie, who had spent nearly two decades working in Beijing. He began to piece together the case against the couple.<\/p>\n The Chinese government, he realized, was leveling charges against Kevin Garratt that were almost a mirror image of the US charges against Su Bin. The Chinese Foreign Ministry told The New York Times<\/em> that the Garratts were being investigated for stealing intelligence \u201cabout Chinese military targets and important national defense research projects, and engaging in activities threatening to Chinese national security.\u201d As if that weren\u2019t menacing enough, on February 19, 2016, China amended the indictment against Kevin to include more serious charges.<\/p>\n The \u201cevidence\u201d against Kevin, though, appeared mainly to be that he had a history of taking fairly unremarkable photographs in public places\u2014going to Tiananmen Square, say, and filming the soldiers marching around and raising the flag, Zimmerman says. \u201cGetting caught up with China\u2019s politically driven criminal justice system can be a bleak, depressing experience,\u201d Zimmerman says. \u201cDue process in China is a different animal than in most Western judicial systems. While the investigators are not allowed to torture the suspects, mistreatment is a matter of definition.\u201d He spent months shuttling back and forth between meetings with the Chinese Ministry of Foreign Affairs, the Ministry of Commerce, and Canadian embassy officials. \u201cMy goal was to plead to them that this case was not good for China given the dearth of evidence and the potential for a public backlash.\u201d Later, Kevin Garratt would precisely recall the outline of the cell he shared with as many as 14 prisoners in China: \u201cAbout 12 paces by five and a half.\u201d<\/p>\n But even if the diplomatic aftermath of Su Bin\u2019s hacking operation was spinning wildly out of control, the operation\u2019s military objective was just coming to fruition. In November 2014, while Su Bin and the Garratts sat behind bars, the Chinese rolled out their own knockoff military cargo plane at an annual air show in Zhuhai. At the show, the Xian Y-20\u2014codenamed Kunpeng after a mythical ancient Chinese bird capable of flying long distances\u2014was parked across the tarmac from an American C-17. Aviation enthusiasts noted how similar the two planes looked, right down to the design of their tail fins. The Chinese plane had met its American doppelg\u00e4nger, just feet apart.<\/p>\n To anyone monitoring <\/span>the traffic of Chinese cyberthefts, the one-two punch of the PLA indictments and the Su Bin arrest seemed to make a real difference. \u201cSince mid-2014, we have seen a notable decline in China-based groups\u2019 overall intrusion activity against entities in the US and 25 other countries,\u201d the cybersecurity firm FireEye concluded in one report. Many inside the government had worried that the Justice Department\u2019s newly aggressive stance would backfire. But as it turned out, it was the Garratts who suffered the negative repercussions; otherwise the indictments and Su Bin\u2019s arrest seemed to have compelled China to put the brakes on its hacking.<\/p>\n Because the sky hadn\u2019t fallen, the Obama administration felt emboldened to keep pushing harder. China, they figured, saw its economic espionage\u2014like all espionage\u2014via the lens of cost-benefit analysis. With the indictment and arrest of Su Bin, the Americans felt that they had begun to change one side of that equation\u2014and now it was time for them to up the ante. President Xi was scheduled to make his first state visit to Washington at the end of September 2015. In the weeks leading up to the visit, the Obama administration set out to bring the tensions between the two nations to a head.<\/p>\n In August 2015, The Washington Post<\/em> ran an article warning that the US government was getting ready to issue sanctions targeting China for its hacking. In September, President Obama addressed a group of business leaders: \u201cWe are preparing a number of measures that will indicate to the Chinese that this is not just a matter of us being mildly upset but is something that will put significant strains on the bilateral relationship if not resolved. We are prepared to take some countervailing actions in order to get their attention.\u201d Other officials, including national security adviser Susan Rice, pressed the message behind closed doors: China\u2019s behavior had to change.<\/p>\n The warnings, both public and private, got through. Just days before Xi\u2019s visit, Beijing dispatched a large, high-level delegation to Washington. \u201cThe Chinese saw they had a big potential embarrassment brewing,\u201d Justice Department deputy assistant attorney general Luke Dembosky recalls. No one on the Chinese side wanted Xi\u2019s first state visit to become a showdown over cybersecurity. \u201cThey had to let the air out of the balloon.\u201d<\/p>\n The conversations, which included Department of Homeland Security secretary Jeh Johnson and White House cybersecurity coordinator Michael Daniel, began with a firm message from the Americans: Don\u2019t even bother denying this is your typical behavior. Let\u2019s move past that<\/em>. For days, the negotiations were tense and stilted. But finally, on the night before the delegation was set to return home, the Chinese called the White House for a final set of talks. \u201cI was all set to go home, and I got a call at 6:30: \u2018Can you be at the White House at 8?\u2019\u200a\u201d Dembosky recalls.<\/p>\n It turned out to be too late to arrange access to the White House, so the groups met at the Omni Shoreham Hotel instead, perched on the edge of Rock Creek Park. Aides from the White House, the Justice Department, the Department of Homeland Security, and the State Department, among others, talked through the night with the much-larger Chinese delegation. All of them were aware that the Chinese had a deadline to make their 7:30 am flight home. \u201cIt was one of the most constructive dialogs I\u2019ve ever been part of. For a brief moment, the stars were aligned. They were highly motivated to do the right thing,\u201d Dembosky says. By morning, they\u2019d worked out an agreement for the two presidents to sign later in Washington.<\/p>\n A few days later, on September 25, 2015, Barack Obama and Xi Jinping met privately. As Obama recapped the meeting to the press, he said he had \u201craised once again our very serious concerns about growing cyberthreats to American companies and American citizens. I indicated that it has to stop. The United States government does not engage in cyber-economic espionage for commercial gain.\u201d Then the president made an announcement in the Rose Garden that many US leaders had never thought they\u2019d hear<\/a>: \u201cToday, I can announce that our two countries have reached a common understanding on the way forward. We\u2019ve agreed that neither the US or the Chinese government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage. In addition, we\u2019ll work together, and with other nations, to promote international rules of the road for appropriate conduct in cyberspace.\u201d The breakthrough was later endorsed by the G-20, the rough equivalent of the first arms-control agreement ever reached in cyberspace.<\/p>\n \u201cWe did see the behavior of the Chinese change. I had been cynical about the agreement, but I was wrong,\u201d Carlin recalls. \u201cChina, at least in a narrowly defined box, had agreed to a new cyber norm. Consistent with their agreement, they largely ceased state-sponsored hacking that targeted a private US company for the direct economic benefit of a Chinese competitor.\u201d<\/p>\n The world\u2019s two <\/span>largest superpowers had broken new ground, but the travails of the Garratts and Su Bin dragged on. Julia had been released on bail but was ordered to stay in China, and in January 2016 the Chinese government announced it would try Kevin for espionage. \u201cChinese authorities also found evidence that implicates Garratt in accepting tasks from Canadian espionage agencies to gather intelligence in China,\u201d the Xinhua news agency reported.<\/p>\n Behind the scenes, though, the Chinese acknowledged that the charges were absurd\u2014and that there was an easy path for the Garratts\u2019 release, says the couple\u2019s lawyer. As Zimmerman told The New York Times<\/em>, \u201cThe Chinese made it clear that the Garratt case was designed to pressure Canada to block Su Bin\u2019s extradition to the US.\u201d<\/p>\n The C-17 isn't the only product to have its design lifted by hackers. Over the past decade, Chinese economic espionage has affected thousands of businesses worldwide, from vacuum-makers to paint manufacturers. \u2014Andrea Powell<\/em><\/p>\n Dyson<\/strong> DuPont<\/strong> American Superconductor<\/strong> Westinghouse<\/strong> Military Projects<\/strong> But in February 2016, Su Bin himself foiled China\u2019s bargaining position. He waived extradition, deciding he would go freely to the US to face charges. His lawyer later told a US court that Su Bin knew that his extradition proceedings might last longer than the time he\u2019d serve in a US prison.<\/p>\n FBI agents flew to Vancouver and prepared to take custody of Su; Vallese and several colleagues waited next to the FBI\u2019s Gulfstream jet as a Canadian police motorcade pulled onto the tarmac. \u201cSu was in the backseat of the SUV, sandwiched between two Canadian law enforcement officers,\u201d Vallese recalls. \u201cAll of us got chills.\u201d<\/p>\n On the flight back to California, Vallese says the talk among the agents and Su turned to aviation. He complimented the FBI\u2019s plane. Making chitchat, one of the agents asked him if he had a favorite jet. \u201cNot the C-17,\u201d Su deadpanned.<\/p>\n On March 22, 2016, Su Bin pleaded guilty. His 35-page agreement was perhaps the most detailed firsthand explanation of China\u2019s spying apparatus ever released in public. \u201cIt was the first time we\u2019d had that kind of success\u2014the first time we\u2019d had someone owning their part in an intrusion like this,\u201d Vallese says. Su Bin declined to speak publicly, though, in court: \u201cI lost my words now,\u201d he said at his sentencing, where a judge handed him 46 months in federal prison and ordered him to pay a $10,000 fine. With time served, he was released in October 2017.<\/p>\n The case against the Garratts rapidly unraveled in the wake of Su Bin\u2019s decision to waive extradition. Julia was able to leave China in May 2016, and Kevin was released that September, though he had to pay nearly $20,000 in fines and penalties\u2014money that had been partly designated for a North Korean orphanage project and other aid work.<\/p>\n This spring, FBI director Christopher Wray stated in public what people in cybersecurity circles had been seeing for a while: China is back to its old tricks. It is once again infiltrating US computer systems and stealing information at a massive scale. \u201cThere\u2019s no country that\u2019s even close,\u201d Wray told NBC News in March this year. \u201cWe\u2019re talking about big damages,\u201d President Trump recently told Reuters. \u201cWe\u2019re talking about numbers that you haven\u2019t even thought about.\u201d<\/p>\n \u201cThere\u2019s been a massive pickup in the last year and a half,\u201d says Dmitri Alperovitch, cofounder of the cybersecurity firm CrowdStrike.<\/p>\n For a variety of reasons, the 2015 truce between China and the United States didn\u2019t hold\u2014in a way, it\u2019s because both<\/em> countries have ceased to acknowledge it.<\/p>\n Donald Trump\u2019s trade war against China has largely been couched as a way to punish China for its years of rampant intellectual property theft. And the official documents that make a case for that war have made scant mention of the progress that the Obama administration made. \u201cAfter years of unsuccessful US-China dialogs, the United States is taking action to confront China,\u201d wrote the US Trade Representative\u2019s office, disregarding the quite successful dialog that took place at the Omni Shoreham hotel in 2015. If the US isn\u2019t going to acknowledge that things ever got better, what incentive does China have to keep on good behavior?<\/p>\n At the same time, Chinese hacking may be on the rise again for reasons that are quite internal to Beijing. Between 2005 and 2014, the main force behind China\u2019s campaign of cybertheft was the People\u2019s Liberation Army. In turn, after the outing of the five PLA soldiers in 2014, that agency bore most of the embarrassment and blame for China\u2019s weakened hand in negotiations with the US. Since 2016, for a host of reasons, the army has had its wings clipped politically by President Xi, both through a reorganization and through anticorruption drives that have seen numerous government officials sidelined, imprisoned, and, in at least one case, even sentenced to death.<\/p>\n Into the vacuum left behind by the PLA, the Chinese Ministry of State Security\u2014a powerful agency that combines elements of the CIA, the FBI, and the NSA\u2014has apparently stepped in and become China\u2019s new central office for cybertheft. \u201cThe PLA have stepped back significantly, but the MSS and their affiliated contractors have stepped into that void,\u201d Alperovitch says.<\/p>\n These new hackers with the Ministry of State Security have evidently learned from the PLA\u2019s mistakes. \u201cThey\u2019ve gotten steadily better,\u201d Alperovitch says. \u201cThey\u2019re thinking much harder about how to be more stealthy.\u201d After all, no Chinese hacker wants to be the next one splashed across an FBI \u201cWanted\u201d poster.<\/p>\n Adapted from<\/em> Dawn of the Code War: Inside America\u2019s Battle Against Russia, China, and the Rising Global Cyber Threat, by<\/em> John\u2009P.\u2009Carlin<\/strong>, with<\/em> Garrett\u2009M.\u2009Graff<\/strong> (PublicAffairs), published October 2018.<\/em><\/p>\n This article appears in the November issue. Subscribe now<\/a>.<\/em><\/p>\n Let us know what you think about this article. Submit a letter to the editor at mail@wired.com<\/a>.<\/em><\/p>\n
Since 2011, British inventor James Dyson has been accusing China of hacking the trade secrets of his eponymous fan and vacuum empire.<\/p>\n
In 2014, a man in California was convicted of stealing DuPont\u2019s formula for titanium dioxide\u2014a white pigment used in everything from paint to Oreos\u2014on behalf of the Chinese government.<\/p>\n
This maker of wind turbines lost more than a billion dollars after its Chinese partner company, Sinovel, used a spy to steal source codes for the machines.<\/p>\n
In 2010, while Westinghouse was building a few power plants in China, a hacker stole specs for how the company designs and routes the pipes running through its generation facilities.<\/p>\n
In addition to helping Chinese hackers steal plans for the C-17, Chinese-Canadian businessman Su Bin was also charged with pilfering specs for the F-22 stealth fighter plane.<\/p>\n