The two-week trial began in Cincinnati in October 2021 — more than three years after Xu was extradited to the United States — as federal prosecutors presented their case. Xu’s team of attorneys includes five attorneys from leading Midwestern law firms Taft, Stettinius and Hollister, suggesting hundreds of thousands of dollars in legal fees were paid for by the Chinese government. (The company declined to comment for this article.) The defense argues that Xu was duped; his purpose in communicating with Hua was not to steal trade secrets but simply to facilitate academic exchanges between Hua and Chinese scientists. Ralph Kohnen, one of the defense attorneys, said in closing arguments, “What happened here is that my client, Mr. Xu, has become a pawn, a pawn, in the midst of American industry trying to exploit China. And in the tense situation of trying to get along. With China.”
Prosecutors argued that Xu had been systematically going after intellectual property at aerospace companies in the United States and Europe through cyberespionage and the use of human resources. It’s not often that prosecutors find a one-stop shop for much of their evidence, but such is Xu’s iCloud account — the repository for spies’ personal and professional lives. That’s because Xu often uses his iPhone calendar as a diary, recording not only the day’s events but also his thoughts and feelings. For example, several records from 2017 indicate that his relationship with his boss, Cha Rong, was increasingly strained. On March 27, he wrote: “Cha refused a menu today.” Then, on April 28: “Relationship with Cha hits freezing point.” When corresponding—reflecting the unhappiness in Xu’s personal life. Take one on Aug. 17, for example, in which he bemoaned what appeared to be an extramarital breakup. She “saw me in the rain yesterday morning and didn’t stop, she walked away with an umbrella.” Financially, things weren’t going well, either, as evidenced by a snippet from a May 19 article: “I’m in the stock market. There was a lot lost in the market. I let myself get into this financial hole.”
“If you ask me, do I have a few days when I have trouble sleeping? Yes, I do. I regret what I did.
Also backed up to the cloud are messages Xu exchanged with several other U.S. aerospace employees that prosecutors laid out at trial. One of them, Arthur Gau of Honeywell in Phoenix, testified at trial that Rong and Xu paid him $5,000 and paid for his plane ticket to Nanjing for a technology demonstration in 2017. (In May 2021, Gao pleaded guilty in Arizona to exporting controlled information without a license. Bloomberg Businessweek reports on Xu’s case was mentioned extensively in an article published last September. ) The other was an engineer from Fokker Airways, who accepted Xu’s invitation to visit China to share information with a Chinese research institute after Xu arranged to help the engineer’s parents, who lost their homes in China and their buildings would When demolished as part of a development project. A Boeing IT specialist who testified at the trial under the pseudonym Sun Li described how Xu tried to build a relationship with him, first contacting him through an email that mentioned that he had contacted the witness’s father, a Chinese scholars. The witness then met with Xu, who then offered to reimburse him for his round-trip air ticket to China in exchange for sharing his knowledge and experience in IT, project management, but in “other areas that I cannot provide.”
“The exchange they’re talking about is more than just a nice invitation,” Timothy Mangan, the head of the prosecution, told me, outlining a point he made to the jury. “It’s part of the hiring cycle. Some work, some don’t, but it’s them throwing fishing lines and trying to vet people.”
At Xu’s trial, Mangan cited a recording of Xu’s four-hour meeting with several Chinese engineers to support the contention that the alleged exchanges were anything but benign. Why Xu recorded the conversation is puzzling — and, in hindsight, grossly indiscreet, since it ended up in an iCloud account — but in it he explains his approach to soliciting information from the Chinese diaspora. “As foreign experts, since their companies’ security is very tight, it is difficult for them to directly take away large quantities of materials,” Xu told the engineer, emphasizing the need to consider the risks involved in sourcing. At another point in the conversation, he talked about spotting potential newcomers while targeting specific technologies. “For example, if I were an aircraft specialist, then I would search for Boeing or Lockheed, right? Find it at Lockheed Martin,” Xu said. “After I find someone, see if this person is doing something? Like general design or avionics.”
The messages in Xu’s iCloud account lead investigators to another damn discovery.Xu Zeng assisted in coordinating A cyberespionage campaign targeting several aerospace technology companies. The attacks — described in a report by cybersecurity firm CrowdStrike — began in 2010 when state-owned Commercial Aircraft Corporation of China (COMAC) announced that it had selected a joint venture between GE Aviation and Safran to provide Customized aircraft. Manufactured engines for the C919, China’s first domestically-made commercial airliner. The plan behind the campaign to target companies like Honeywell, Capstone Turbine, and Safran didn’t become clear until later when security researchers connected the dots. “When I started putting all these victims together — I was like, well, these are component manufacturers of different parts of the C919,” said cybersecurity expert Adam Kozy, who runs the security firm SinaCyber and is a CrowdStrike The lead author of the report, told me. While COMAC is reportedly preparing to source the components it needs to manufacture the planes from these companies, the Chinese government is also apparently working to steal intellectual property from these suppliers in order to enable domestic manufacturing in China.
