A businessman who admitted helping Chinese military officers as they hacked into the computer systems of U.S. defense contractors and stole significant information was sentenced Wednesday to three years and 10 months in prison, authorities said.
Su Bin, 51, a Chinese national who also went by Stephen Su and Stephen Subin, had pleaded guilty earlier this year to conspiring to gain unauthorized access to a protected computer and to violating the Arms Export Control Act. He had been accused of participating in a years-long plot to steal military technical data — including details related to Boeing’s C-17 military transport plane and other fighter jets produced for the U.S. military — for the Chinese government.
Su’s plea marked a first for someone involved with a Chinese government campaign of economic cyberespionage. Assistant Attorney General for National Security John P. Carlin said his sentence was “just punishment” for his crimes.
“These activities have serious consequences for the national security of our country and the safety of the men and women of our armed services,” Carlin said in a statement. “This prison sentence reinforces our commitment to ensure that hackers, regardless of state affiliation, are held accountable for their criminal conduct.”
Su, the owner of a company called Lode Technology, was initially arrested in Canada in July 2014, and he ultimately waived extradition and consented to come to the United States in February. As a part of his plea, he admitted that he told his co-conspirators, who were military officers in China, what people, companies and technologies to target in their cyber-intrusions and that he translated some stolen data from English to Chinese. He said he did so because he wanted to profit from selling the information that was taken.
Federal prosecutors in recent months have been aggressive about bringing cybercrime cases against foreign nationals who might seem unlikely to ever appear in U.S. courts. In March, the Justice Department indicted seven hackers associated with the Iranian government in connection with crimes that included attacking U.S. banks’ public websites from late 2011 through May 2013 and breaking into a computer system at a small dam in Rye, N.Y., in an apparent attempt to disrupt its operation.