Mobile

Chinese spy convicted with help from iCloud backup of his iPhone

A Chinese spy carrying out industrial espionage against GE Aviation and Honeywell’s aerospace division was caught with the help of access to an iCloud backup of his iPhone. The data obtained included a never-before-seen copy of a security form used by the Chinese security service when recruiting spies.

Xu Yanjun, an officer in China’s Ministry of State Security (MSS) was arrested and brought to trial in the US after investigators lured him out of the country to a meeting in Belgium, from where he was extradited to America…

Bloomberg tells the story in dramatic form, but the executive summary is that China targeted academics and engineers working on aerospace projects. They were invited to China on all-expenses-paid trips, where they ostensibly delivered conference papers – but were really giving away commercially sensitive information on airframe and engine development.

Arthur Gau, an aerospace engineer who was nearing retirement age, received an unexpected email from a long-lost acquaintance in China. Years before, Gau had made a series of trips from his home in Phoenix to speak at the Nanjing University of Aeronautics and Astronautics, or NUAA, one of China’s most prestigious research institutions. The original invitation had come from the head of a lab there studying helicopter design. Increasingly, however, Gau had heard from someone else, a man who worked at the university in a vague administrative capacity. Little Zha, as the man called himself, was the one who made sure Gau never had to pay his own airfare when he came to give talks.

The relationship had ended awkwardly, though, when Zha offered Gau money to come back to China with information about specific aviation projects from his employer, the industrial and defense giant Honeywell International Inc. Gau ignored the request, and the invitations stopped.

Now, in 2014, Little Zha was reaching out again. The two started corresponding [with another trip to China the end result].

Late in the evening, Xu handed Gau $3,000 in cash. Gau would later testify that he tried to hand it back, but Xu was insistent. “And then, you know, back and forth, but I took it eventually.”

The next year, Gau came back to China to give another lecture—this time a private one in a hotel room to several engineers and officials, including Xu. In preparation, Gau had emailed over PowerPoint slides containing technical information, including algorithms and other sensitive design data for the aircraft auxiliary power units Honeywell makes. “Because of the payment, I felt obligated,” he would later tell a judge […]

Gau was planning his next visit when, in the fall of 2018, agents from the FBI appeared at his home in Arizona to execute a search warrant. There wouldn’t be another trip. Xu, the agents explained, was not in Nanjing anymore. I wasn’t even in China. He was in Ohio, in a county jail awaiting trial.

The arrest of Xu Yanjun proved a much bigger deal than the FBI had expected.

His arrest marked the first time an MSS officer was lured out of China and extradited to the US. And it was more than a symbolic victory, yielding an extraordinary trove of digital correspondence, official Chinese intelligence documents, even a personal journal.

When Xu was apprehended, he had with him an iPhone whose contents he’d faithfully backed up to the cloud, a lapse that allowed FBI investigators to recover all the data from Apple […]

Over two and a half weeks from late last October into November, federal prosecutors in a courtroom in Cincinnati drew on the wealth of digital material the 41-year-old Xu had stockpiled to lay out a portrait of him—his training, methods, and ambitions, his vices and private doubts and grievances. Translated from the original Mandarin, it’s an unprecedentedly intimate portrait of how China’s economic espionage machine works, and what life is like for its cogs.

The data was accessible because, although iCloud backups are encrypted, they don’t use end-to-end encryption. This means that Apple holds the key, and can hand over data to law enforcement upon receipt of a court order.

The documents obtained included one the FBI had never seen before.

The document is similar in some respects to Standard Form 86, a questionnaire American intelligence employees are required to complete. But the paperwork of an autocratic one-party state has an added richness, functioning as not only a professional and personal biography but also a political one. Bradley Hull, the FBI special agent who led the investigation of Xu, was asked at one point in his testimony if he’d ever seen such a form. “No,” I replied. “No one has.”

The full story is quite a read!

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

Leave a Comment