During a two-week trial in Cincinnati that began in October 2021, more than three years after Xu’s extradition to the United States, federal prosecutors laid out his case. Xu was represented by a team that included five lawyers from Taft, Stettinius and Hollister, a leading law firm in the Midwest, suggesting the Chinese government paid the required hundreds of thousands of dollars in legal fees. (The firm declined to comment for this article.) The defense argued that Xu had been misled; the intention behind his correspondence with Hua was not to steal trade secrets but simply to facilitate an academic exchange between Hua and Chinese scientists. Ralph Kohnen, one of the defense lawyers, said in his closing argument: “What happened here is that Mr. Xu, my client, has become a pawn, a pawn in the tense place between American industries trying to exploit to China and those who try to get along. with China”.
The indictment contended that Xu had been systematically pursuing intellectual property in aerospace companies in the United States and Europe through cyber espionage and the use of human sources. It’s not often that prosecutors find a one-stop-shop for much of their evidence, but that’s what Xu’s iCloud account was: a repository of the spy’s personal and professional life. That’s because Xu often used the calendar on his iPhone as a journal, documenting not only the events of the day, but also his thoughts and feelings. Several entries from 2017, for example, indicate growing tensions with his boss, a man named Zha Rong. “Zha refused a food receipt today,” he wrote on March 27. Then on April 28: “The relationship with Zha has fallen to the freezing point.” Other entries from that period, when he began corresponding with Hua, reflect an unhappiness in Xu’s personal life. Like one from August 17, in which he lamented the breakup of what appears to have been an extramarital affair. She “saw me in the rain yesterday morning, didn’t stop and walk away from her with her umbrella.” Things weren’t going well financially either, as evidenced by a snippet from a May 19 post: “I lost so much in the stock market. I got myself into this financial hole.”
‘If you ask me, are there days when I have a hard time falling asleep? Yes there are. I’m sorry what I did.
Messages Xu had exchanged with several other US aerospace industry employees, which prosecutors exposed at trial, were also backed up to the cloud. One of them was Arthur Gau of a Honeywell division in Phoenix, who testified at trial that Rong and Xu paid him $5,000 and covered his airfare to China for a visit to Nanjing in 2017 to make a technical presentation. (In May 2021, Gau pleaded guilty in Arizona to one count of exporting controlled information without a license. Bloomberg Businessweek covered the Xu case extensively in an article published last September). Another was an engineer from the Fokker aviation company, who accepted Xu’s invitation to visit China to share information with a Chinese research institute after Xu arranged to help the engineer’s parents, who had lost their home in China. when his building was to be demolished as part of a development project. A Boeing information technology specialist, who testified in the trial under the alias Sun Li, described how Xu tried to cultivate a relationship with him, first communicating via email mentioning contacting the witness’s father, an academic in China. Subsequently, the witness met with Xu, who repeatedly offered to refund his round-trip tickets to China in exchange for sharing his IT knowledge and experience. The witness eventually stopped communicating with Xu after realizing that Xu was not really interested in his expertise, which was project management, but in “something else I couldn’t bring to the table.”
“What they call trades are not just a nice invitation,” Timothy Mangan, who led the prosecution, told me, summarizing a point he made to the jury. “It’s part of a recruiting cycle. Some work, some don’t, but this is them throwing out fishing lines, trying to vet people.”
At Xu’s trial, Mangan bolstered the argument that the so-called exchanges were anything but benign by citing an audio recording of a four-hour meeting between Xu and several Chinese engineers. Why Xu should have recorded this conversation is inexplicable, and surprisingly unwise in retrospect, given that it ended up in an iCloud account, but in it he explains the approach to requesting information from Chinese expatriates. “As overseas experts, it would be very difficult for them to directly take large batches of materials due to the fact that their companies’ security is very strict,” Xu tells the engineers, emphasizing the need to consider the risks involved for companies. sources they point to. . Elsewhere in the conversation, he talks about how to spot potential recruits while zeroing in on specific technologies. “For example, if I’m an aviation person, I would look at Boeing or Lockheed, right? Find it at Lockheed Martin,” Xu said. “After finding the person, would you find out if this person is doing something? Like in charge of general design or avionics.”
Messages on Xu’s iCloud account allowed investigators to make another damning discovery. Xu had helped coordinate a cyber espionage campaign targeting various aeronautical technology companies. Those attacks, described in a report by CrowdStrike, a cybersecurity firm, began in 2010, shortly after the state-owned Commercial Aircraft Corporation of China (COMAC) announced it had chosen a joint venture between GE Aviation and Safran to supply a custom aircraft. engine built for China’s first domestically-built commercial aircraft, the C919. The plan behind the campaign, which was targeted against Honeywell, Capstone Turbine, and Safran, among others, became clear only later when security researchers connected the dots. “When I started putting all these victims together, I was like, okay, these are all component manufacturers for different parts of the C919,” Adam Kozy, a cybersecurity expert who runs security firm SinaCyber and was the lead author from the CrowdStrike report. , he told me. Although COMAC was prepared to purchase the components needed to build the plane from these companies, the Chinese government was evidently also working to steal the intellectual property of those suppliers to make domestic manufacturing in China possible, according to the report.
