Survey of Chinese Espionage in the United States Since 2000
This survey lists 160 publicly reported instances of Chinese espionage directed at the United States since 2000. It does not include espionage against other countries, against U.S. firms or persons located in China, nor more than 50 additional cases involving attempts to smuggle munitions or controlled technologies from the U.S. to China. We also did not include the more than 1200 cases of intellectual property theft litigation brought by U.S. companies against Chinese entities in either the U.S. or Chinese legal systems.
For those cases where we could identify actor and intent, we found:
- 42% of actors were Chinese military or government employees.
- 32% were private Chinese citizens.
- 26% were non-Chinese actors (usually U.S. persons recruited by Chinese officials)
- 34% of incidents sought to acquire military technology.
- 51% of incidents sought to acquire commercial technologies.
- 16% of incidents sought to acquire information on U.S. civilian agencies or politicians.
- 41% of incidents involved cyber espionage, usually by State-affiliated actors.
The list is derived from open-source material and likely does not reflect the full number of incidents. Of the 160 incidents we found that 24% occurred between 2000-2009 and 76% occurred between 2010-2021.
This could reflect an increase in the number of incidents after 2009, but it may also reflect more public reporting of espionage cases, as greater attention was paid to the problem and the U.S. government became less reluctant after 2007 to publicly identify China as the perpetrator. It is perhaps noteworthy that of the 160 reported incidents we found, 89 occurred after Xi Jinping took power (84 after he became President in March 2013 and another 5 after he became Chair of the Central Military Commission in November 2012).
The list of individual incidents follows below.
May 2001: Beginning in January 2000, Hai Lin, Kai Xu, and Yong-Qing Cheng formed a joint venture with the Datang Telecom Technology Company of Beijing to steal trade secrets from Lucent.
April 2003 : Katrina M. Leung was arrested for convincing an FBI agent to share classified information, which she passed on to China, over a ten-year period.
February 2004 : Ronald N. Montaperto, a former DIA intelligence analyst, was arrested for providing Chinese military attaches with Secret and Top-Secret information.
July 2004: Yan Ming Shan, a Chinese employee of a U.S. software firm that develops land sensing technology for oil companies, gained unauthorized access to the company’s computer system and attempted to bring sensitive technology back to China.
June 2005 : Noshir Gowadia, an American citizen, took six trips to China between 2003-2005 to assist with its cruise missile system by developing a stealthy exhaust nozzle and was paid at least $110,000 by China. He provided them with designs for a low-signature cruise missile exhaust system.
October 2005: Chi Mak and other Chinese intelligence operatives collected technical information about the Navy’s current and future warship technologies. Chi intended to export the information to China.
November 2005 : Moo Ko-Suen was a representative for an American aerospace firm for 10 years in Taiwan, during which time he acted as an agent for the Chinese government and tried to buy sophisticated military parts and weapons, including an F-16 fighter jet engine and cruise missiles, for China.
2005: Chinese hackers infiltrated U.S. Department of Defense networks in an operation known as “Titan Rain.” They targeted U.S. defense contractors, Army Information Systems Engineering Command; the Defense Information Systems Agency; the Naval Ocean Systems Center; and, the U.S. Army Space and Strategic Defense installation.
April 2006 : Chinese hackers infiltrated NASA networks managed by Lockheed Martin and Boeing and exfiltrated information about the Space Shuttle Discovery program.
May 2006: Shanshan Du stole trade secret information from General Motors for the benefit of a Chinese competitor, Chery Automobile.
June 2006: Lan Lee and Yufei Ge conspired to steal trade secrets related to computer chip design and development from NetLogics Microsystems and TSMC.
July 2006: Chinese hackers infiltrated the U.S. State Department’s unclassified network and stole sensitive information and passwords.
August 2006: Chinese hackers infiltrated the Department of Defense’s non-classified NIPRNet, downloading 10 to 20 terabytes of data.
December 2006: Xiaodong Sheldon Meng, a resident of Beijing and Cupertino California, stole military IP and trade secrets from his former employer, the silicon valley firm Quantum3D.
December 2006: Fei Ye and Ming Zhong stole trade secrets from two American technology firms to benefit China. They intended to utilize the secrets to build microprocessors for their company, Supervisor Inc. which would share any profits made on the sale of chips to the City of Hangzhou and the Province of Zhejiang in China.
December 2006: Xiang Dong Yu stole trade secret information worth $50-100 million from Ford Motor Company for the benefit of Beijing Automotive Company.
December 2006: Chinese hackers infiltrated the U.S. Naval War College
2007: Chinese hackers breached the Pentagon’s Joint Strike Fighter project and stole data related to the F-35 fighter jet.
January 2007: The National Defense University discovered Chinese malware in its computer systems.
June 2007: PLA hackers breached a Pentagon computer network serving the Secretary of Defense, forcing the network to be shut down for more than a week.
September 2007: Hackers gained access to the Department of Homeland Security’s networks through a contractor and exfiltrated unclassified information to Chinese servers.
December 2007: Chinese hackers successfully stole information from Oak Ridge National Laboratory, Los Alamos National Laboratory, and the National Nuclear Security Administration.
January 2008: Qinggui Zeng stole trade secret information related to the paint industry from an American firm for the benefit of a Chinese firm.
February 2008: The Department of Justice charged Dongfan Chung, a former Boeing engineer, with economic espionage and serving as a foreign agent for China. Prosecutors determined that he had been acting on Chinese orders since at least 1979. He stole Boeing trade secrets relating to the Space Shuttle, the C-17 military transport aircraft and the Delta IV rocket for China.
February 2008: Tai Shen Kuo, a U.S. citizen, was arrested for providing China with classified information between March 2007 to February 2008. Kuo obtained the information from a Pentagon weapons system policy analyst, Gregg Bergersen.
March 2008: Hanjuan Jin attempted to leave the country with 1000+ electronic and paper copies of proprietary information related to Motorola’s interstate communication feature.
May 2008: Chinese officials inserted spyware onto the laptop of U.S. Secretary of Commerce Carlos Gutierrez during a trade mission.
September 2008: Anne Lockwood and Fuping Liu stole trade secret information from Metaldyne to benefit a Chinese competitor, Huafu.
November 2008: Chinese hackers infiltrated the computer networks of three major oil companies and stole trade secret information.
November 2008 : Chinese hackers infiltrated the networks of Barack Obama and John McCain’s presidential campaigns and exfiltrated information about future policy agendas.
November 2008: Chinese hackers infiltrated the computer network of the White House and obtained emails between senior government officials.
March 2009: David Yen Lee, a technical director with Valspar Corp, illegally downloaded Valspar trade secrets with the intent of delivering them to Nippon Paint in Shanghai, where he had accepted a vice president position.
March 2009: Chinese hackers infiltrated Coca-Cola Co. computer networks and stole trade secret information, including information related to the attempted $2.4 billion acquisition of Huiyuan Juice Group.
March 2009: Chinese hackers stole information from the Office of Senator Bill Nelson in Florida.
March 2009: A Chinese espionage network was discovered to have penetrated political, economic, and social institutions in 103 countries. The network was discovered during a 10-month investigation by researchers at InfoWar Monitor when they were called to investigate the compromise of the Dalai Lama's computer systems.
April 2009: Yan Zhu, along with unidentified co-conspirators, planned to steal trade secrets relating to computer systems and software with environmental applications from his U.S. employer.
October 2009: Hong Meng accepted employment as a faculty member at Peking University, and thereafter began soliciting funding to commercialize his research from Dupont on Organic Light-Emitting Diodes. He shared trade secret chemical processes, including those related to OLEDs, with PKU.
November 2009: Janice Capener, a Chinese national, stole trade secret information from Orbit Irrigation for the benefit of a competing Chinese firm.
January 2010: Beginning in 2009, China carried out a series of cyberattacks to steal trade secret information from dozens of U.S. companies including Google, Yahoo, Adobe, Dow Chemical, and Morgan Stanley.
2010 : The PLA infiltrated the computer network of a Civilian Reserve Air Fleet (CRAF) contractor in which documents, flight details, credentials and passwords for encrypted email were stolen.
May 2010: Glenn Shriver attempted to gain access to classified national defense information on behalf of Chinese intelligence officers.
May 2010: Chinese hackers breached the computer network of the U.S. Chamber of Commerce and stole information related to U.S. industries.
August 2010: Kexue Huang, a Chinese research scientist, stole trade secret information related to organic pesticides for the benefit of a Chinese firm.
October 2010: York Yuan Chang and Leping Huang owned a company called General Technology Systems Integration, Inc. (GTSI), which was involved in the export of technology to the PRC. GTSI allegedly entered into contracts with the 24th Research Institute of the China Electronics Technology Corporation Group to design and transfer to the PRC technology for the development of two types of high-performance analog-to-digital converters.
November 2010: Zhiqiang Zhang allegedly stole trade secret information from SiRF for the benefit of a competing Chinese firm.
January 2011: A Chinese company, Pangang Group, and Walter Liew attempted to steal trade secret information related to TiO2 technology from DuPont.
February 2011: Wen Chyu Liu, a research scientist, conspired to steal trade secret information from Dow for the benefit of Chinese firms.
March 2011: Sinovel, a Chinese company, stole trade secret information related to source code and designs of superconductors from AMSC.
March 2011: Chinese hackers breached the RSA Security division of the EMC Corporation to steal information related to encryption software, compromising RSA SecureID tokens. The stolen information was used in subsequent attacks carried out by China.
April 2011: Chinese hackers engaged in a phishing campaign aimed at compromising hundreds of Gmail passwords for accounts of prominent people, including senior U.S. officials.
April 2011: Chinese hackers attempted to steal technical data from the computer systems of Oak Ridge National Laboratory.
June 2011: Beginning in 2010, Chunlai Yang conspired to steal trade secret information related to the source code of the OS for the Globex electronic trading platform for the benefit of a Chinese firm.
August 2011 : Chinese hackers engaged in a series of cyber-attacks against 72 entities, including multiple U.S. government networks.
October 2011: Chinese hackers infiltrated at least 48 chemical and defense companies and stole trade secret information and sensitive military information.
November 2011: Chinese hackers interfered with U.S. satellites and stole sensitive data.
February 2012: Chinese hackers stole classified information about the technologies onboard F-35 Joint Strike Fighters.
March 2012: NASA’s Inspector General reported that Chinese hackers conducted 13 attacks against NASA computers in 2011. In one attack, intruders stole 150 user credentials that could be used to gain unauthorized access to NASA systems. Another attack at the Jet Propulsion Laboratory allowed intruders to gain full access to key JPL systems and sensitive user accounts.
June 2012: DHS reported that between December 2011 and June 2012, Chinese hackers targeted 23 gas pipeline companies and stole information that could be used for sabotage purposes.
June 2012: P.L.A. Unit 61398 attacked Digital Bond, a SCADA security company with a spear phishing attack.
August 2012: Jerry Lee, a former CIA agent, attempted to provide China with classified information about CIA activities within China.
September 2012: Employees of a semiconductor chip equipment manufacturer stole trade secrets related to high-volume manufacturing of semiconductor wafers used in electronic devices for the benefit of a competing Chinese firm.
September 2012: Sixing Liu, a Chinese national, stole technical data related to defense items and conspired to give the information to China.
September 2012: Ji Li Huang and Xiao Guang Qi attempted to steal trade secret information related to cellular glass installation for the benefit of a competing Chinese firm.
November 2012: Wenfeng Lu, a Chinese national, stole trade secret information for medical devices from American medical equipment manufacturers for the benefit a Chinese firm.
January 2013: The FBI warned Senator Dianne Feinstein’s office that one of her San Francisco-based drivers was a Chinese intelligence asset.
January 2013: A Defense Science Board report found that Chinese hackers stole U.S. weapons systems designs including for the PAC-3, THAAD, Aegis, F/A-18 fighter jet, V-22 Osprey, Black Hawk, and Littoral Combat Ship.
January 2013: The New York Times, Wall Street Journal, Washington Post, and Bloomberg News experienced persistent cyberattacks, presumed to originate in China.
February 2013: Security researchers revealed that PLA Unit 61398 had hacked 115 U.S.-victims since 2006, including organizations in the IT, aerospace, and telecommunicatinos sectors, among others.
March 2013: Beginning in 2012, Chinese hackers targeted civilian and military maritime operations within the South China Sea, in addition to U.S. companies involved in maritime satellite systems, aerospace companies and defense contractors.
May 2013: Chinese hackers compromised the U.S. Department of Labor and at least nine other agencies, including the Agency for International Development and the Army Corps of Engineers’ National Inventory of Dams.
June 2013: PLA hackers infiltrated the computer networks of the U.S. Transportation Command and stole sensitive military information.
July 2013: Tung Pham stole trade secrets from a solar technology company for the benefit of a competing Chinese firm.
September 2013: Chinese hackers targeted three U.S. organizations, including a large American oil and gas corporation.
September 2013: Chinese hackers used malware, known as ‘Sykipot’, to target entities in the U.S. defense industrial base and companies in key industries such as telecommunications, computer hardware, government contractors, and aerospace.
October 2013: Chinese hackers targeted a U.S. based think tank.
December 2013: Six Chinese nationals conspired to steal trade secret information related to seeds from Dupont, Monsanto, and LG seeds for the benefit of Beijing Dabeinong Technology Group, a competing Chinese firm.
December 2013: Weiqiang Zhang stole trade secret information related to rice seeds from an American agricultural firm for the benefit of a Chinese firm.
February 2014: Amin Yu stole systems and components for marine submersible vehicles from U.S. manufacturers for the benefit of a state-owned entity in China.
May 2014: Chinese military hackers targeted six American companies in the power, metals, and solar production industries and stole trade secret information. The U.S. Department of Justice indicted them and identified them as members of the People’s Liberation Army Unit 61398.
June 2014: CrowdStrike reported that Unit 61398 had targeted U.S. corporations in the satellite industry.
June 2014: Jun Xie allegedly stole trade secret information from GE Healthcare to benefit a competing entity in China.
August 2014: Community Health Systems disclosed that suspected Chinese hackers infiltrated its network and stole personal information from 4.5 million patients.
August 2014: Su Bin, a Chinese national, worked with co-conspirators in China to infiltrate Boeing’s computer networks to gain access to confidential access about the C-17, the F-22, and the F-35.
August 2014: Chinese hackers infiltrated the U.S. Investigations Services. This was one of the first steps in the 2015 OPM hack.
September 2014: Chinese company Huawei repeatedly attempted to steal trade secret information about robotics designs from T-Mobile.
September 2014: Benjamin Bishop was arrested for passing classified information between May 2012 – December 2012 to a Chinese national he was romantically involved with.
November 2014: Chinese hackers breached the U.S. Postal Service computer networks and exfiltrated data of approximately 800,000 employees.
November 2014: Yu Long worked at URTC from 2008-2014, but was recruited by the state-run Shenyang Institute of Automation in 2014. Upon departure Long stole confidential IP, trade secrets, and export-controlled technology to give to SIA for the benefit of China.
January 2015: Chinese hackers, including Fujie Wang, infiltrated Anthem Inc., a health insurer company, and stole data concerning approximately 78.8 million people from Anthem’s computer networks.
February 2015: Xudong Yao stole trade secret information relating to locomotives for the benefit of a Chinese firm.
March 2015: Canadian researchers say Chinese hackers launched a DDoS attack against U.S. hosting site GitHub. GitHub said the attack involve a wide combination of attack vectors and used new techniques to involve unsuspecting web users in the flood of traffic to the site. According to the researchers, the attack targeted pages for two GitHub users – GreatFire and The New York Times’ Chinese mirror site – both of which circumvent China’s firewall.
April 2015: The Office of Personnel Management discovered that China had infiltrated its networks and stolen the personal information of federal employees, including security clearance information.
May 2015: Xiwen Huang, a Chinese businessman, stole confidential and trade secret information – including intellectual property – from an unnamed government research facility related to military vehicle fuel cells, for the benefit of China.
May 2015: Chinese intelligence officers infiltrated networks and exfiltrated trade secret information about turbofan engines from U.S. and European aerospace firms over the course of five years.
May 2015: Beginning in 2014, Thomas Rukavina stole and passed on trade secret information from PPG to a competing Chinese firm.
May 2015: Chinese nationals Wei Pang and Hao Zhang stole trade secrets related to the development of thin-film bulk acoustic resonator (FBAR) technology for the benefit of China.
May 2015: Chinese hackers exfiltrated significant amounts of customer data from United Airlines.
September 2015: Robert O’Rourke allegedly illegally downloaded data from his employer, an American manufacturer of cast-iron products. O’Rourke had accepted a similar position with a rival firm in China and was planning to use the stolen IP to improve the competitiveness of his new firm’s products.
December 2015: Chinese National Xu Jiaqiang conspired to steal source code from an unnamed U.S. company where he worked as software developer. Xu intended to transfer the stolen code to benefit China’s National Health and Family Planning Commission.
January 2016: Tao Li and co-defendants Yu Xue & Yan Mei engaged in conspiracy to steal trade secrets from GlaxoSmithKline (GSK) for the benefit of a Chinese firm.
March 2016: Kun Shan Chun, a naturalized U.S. citizen, was sentenced to 24 months in prison for acting as an agent of China. Chun, an FBI employee with a top-secret clearance, provided a Chinese government official with sensitive, nonpublic information about FBI surveillance methods, internal organization, and identify and travel patterns of an FBI special agent.
April 2016: Szuhsiung Ho, an American nuclear engineer employed as a consultant by CGNPC, provided engineers and experts to assist CGNPC in developing nuclear material and reactors between 1997 and 2016 without authorization from DOE.
March 2017: A State Department employee with TS clearance provided copies of internal Department of State documents to Chinese intelligence officers.
April 2017: CrowdStrike observed a China-based adversary target a U.S.-based think tank. Crowdstrike later named the adversary "Mustang Panda".
May 2017: Beginning in 2011, Hackers from the internet security firm Boyusec (which has ties to MSS) compromised the networks of three companies over a multi-year period and gained access to confidential documents and data, including sensitive internal communications, usernames and passwords, and business and commercial information.
June 2017: U.S. citizen Shan Shi and Chinese national Gang Liu worked on behalf of Chinese company CBM-Future New Material Science and Technology Co. Ltd. (CBMF) to steal trade secrets related to the development of syntactic foam from an unnamed global engineering firm.
June 2017: Kevin Patrick Mallory, a former CIA officer, transferred classified documents to an agent of China’s intelligence services.
August 2017: Dong Liu attempted to obtain trade secret information from Medrobotics Corporation for China.
September 2017: China allegedly inserted malware into a widely used PC management tool. The malware targeted at least 20 major international technology firms.
October 2017: China allegedly carried out a cyberattack against a U.S. think tank and law firm, both of which were associated with fugitive Chinese tycoon Guo Wengui.
October 2017: Jerry Jindong Xu sought to help Chinese investors build a sodium cyanide plant to compete with Chemours by stealing pricing information, passwords for spreadsheets, confidential documents, and plant system diagrams from Chemours while he was employed there.
January 2018: Yi-Chi Shih and Kiet Ahn Mai stole trade secret information from Monolithic Microwave Integrated Circuit (MMIC) technology for the benefit of Chengdu GaStone Technology Company (CGTC), a competing Chinese firm.
January 2018: Chinese hackers infiltrated a U.S. Navy contractor working for the Naval Undersea Warfare Center. 614 gigabytes of material related to a supersonic anti-ship missile for use on U.S. submarines were taken, along with submarine radio room information related to cryptographic systems and the Navy submarine development unit’s electronic warfare library.
April 2018: Yanjun Xu, an MSS operative, attempted to recruit experts employed by leading American aviation companies to China, often under the guise of giving a presentation at a university.
April 2018: A cyber espionage campaign originating in China collected data from satellite, telecom, and defense organizations in the United States and Southeast Asia.
June 2018: Ron Rockwell Hansen, a former DIA officer, attempted to transmit national defense information to China.
July 2018: Xiaqing Zhang conspired to steal trade secret information from General Electric for the benefit of China.
July 2018: Xiaolang Zhang was arrested for stealing trade secret information about the circuit board of Apple’s self-driving car initiative. The case is still active as of August 2019.
September 2018: Chinese hackers breached the systems of the Starwood hotel chain in 2014. It is estimated that the personal information of up to 500 million people was stolen.
September 2018: Ji Chaoqun, a Chinese citizen residing in Chicago, worked at the behest of the Jiangsu Province Ministry of State Security (JSSD) to get biographical information on eight Chinese nationals working as engineers and scientists in the United States that the JSSD had targeted for recruitment. Some worked for U.S. defense contractors.
November 2018: Chen Zhengkun, He Jianting, and Wang Yungming stole Micron trade secrets related to dynamic random-access memory technology (DRAM) for the benefit of China.
November 2018 : Beginning in March 2017, U.S. citizen Xiaorong You and Chinese national Liu Xiangchen conspired to steal trade secrets worth more than $100 million related to the development of BPA-free coatings. You stole trade secrets from the two American companies that employed her and provided them to Liu, whose company used them to create products that would compete with the two American companies in question.
December 2018 : A Chinese national, Hongjin Tan, was arrested for stealing trade secret information from an American petroleum company, Phillips 66, and conspiring to use to benefit a Chinese firm.
December 2018: Chinese hackers stole IP and confidential business and technological information from managed service providers – companies that manage IT infrastructure for other businesses and governments.
December 2018: Chinese hackers stole hundreds of gigabytes of data from computers of more than 45 technology companies and U.S. government agencies. The defendants also stole names, SSNs, DOBs, salary info, phone numbers, and email addresses of more than 100,000 U.S. Navy personnel.
January 2019: A Chinese national, Jizhong Chen, stole trade secret information about autonomous vehicles from Apple to benefit a competing Chinese firm.
March 2019: Beginning in April 2017, Chinese hackers stole research from universities about maritime technology being developed for military use.
March 2019: Chinese hackers targeted Israeli defense firms that had connections to the U.S. military.
April 2019: Chinese hackers stole General Electric’s trade secrets concerning jet engine turbine technologies.
June 2019: Haoyang Yu was arrested in connection with stealing proprietary information from Analog Devices, a U.S. semiconductor company.
June 2019: Since at least 2017, Chinese hackers exfiltrated Call Detail Records (CDRs) from telecommunication companies to track dissidents, officials, and suspected spies.
July 2019: Chinese hackers from the group APT10 targeted three U.S. utility companies with a spear-phishing campaign to gain access to computer networks.
August 2019: Active since 2012, a previously unidentified Chinese espionage group, APT41, gathered data from firms in telecommunications, healthcare, semiconductor manufacturing, and machine learning. The group was also active in the theft of virtual currencies.
September 2019: Two Chinese nationals stole sensitive exosome medical research from the Nationwide Children’s Hospital.
September 2019: Zhongsan Liu was arrested for fraudulently gaining J-1 visas for Chinese government officials. Such an incursion was meant to bring in facilitators of "talent-recruitment programs," a known Chinese espionage tactic.
September 2019: Xuehua "Edward" Peng was charged for acting as an illegal foreign agent for his delivering of classified information to the Chinese Ministry of State Security.
November 2019: Jerry Chun Shing Lee, a former CIA officer, was sentenced for providing classified information to Chinese intelligence officers.
January 2020: A Harvard University Professor, Dr. Charles Lieber, and two Chinese nationals, Yanqing Ye and Zaosong Zheng, were indicted for attempted theft of biological research. Dr. Lieber was a participant in the Thousand Talents Plan while actively accepting the National Institutes of Health and Department of Defense funding. Ye, a lieutenant of the PLA, compiled information on U.S. military projects for the CCP. Zheng committed the theft of 21 biological research vials to promote Chinese projects.
June 2020: Hao Zhang, a Chinese national, was convicted under charges of economic espionage and theft of trade secrets from two companies involved semiconductor design and processing.
May 2020 : Song Guo Zheng, a professor of internal medicine at Ohio State University and Pennsylvania State University, pled guilty to making false statements to federal authorities as part of a scheme to use over $4 million in grants from the NIH to develop China’s expertise in rheumatology and immunology through his undisclosed partnership with a Chinese university controlled by the Chinese government.
July 2020: Four Chinese nationals were charged with visa fraud due to their connection with the PLA. Efforts included observing U.S. labs and institutions to replicate research and designs in China.
July 2020: Jun Wei "Dickson" Yeo, was arrested for acting as an illegal agent for the Chinese government. Efforts included creating a fake consulting company to recruit cleared professionals to obtain information for the PRC and MSS.
July 2020: Saw-Teong Ang, a University of Arkansas professor, was indicted for wire fraud for his acceptance of U.S contracting funds related to NASA and the Air Force while being employed by Chinese entities.
July 2020: Li Xiaoyu and Dong Jiazhi, two Chinese nationals, were charged by the FBI for hacking the U.S. Department of Energy on behalf of the MSS. The two allegedly had committed economic espionage, extortion, computer fraud, and IP theft over the course of 11 years.
August 2020: Zhengdong Cheng, a professor at Texas A&M, was charged with wire fraud for concealing his affiliation with Chinese universities and enterprises while accepting a NASA grant. His position allowed him access to sensitive NASA projects. He was a participant of the Thousand Talents Plan.
August 2020: Guan Lei was charged with destruction of evidence during an FBI investigation. Guan is being investigated for transferring sensitive software and other technical data to the PLA and China's National University of Defense Technology.
August 2020: Former CIA officer Alexander Yuk Ching Ma was arrested and charged with espionage on behalf of China’s MSS. Between 2001 and 2010, Ma routinely exfiltrated classified CIA and FBI information to MSS operatives.
September 2020: Baimadajie Angwang, an NYPD officer and U.S. Army reservist, was charged as acting as an illegal agent of the PRC. He attempted to gather information on Chinese citizens living in the U.S. and recruit intelligence sources.
October 2020 : Lei Gao was charged with conspiring to steal trade secrets from a U.S. oil and gas manufacturer to benefit a Chinse firm.
October 2020: Eight individuals were charged with conspiring to act as illegal agents on behalf of the PRC. The individuals engaging in “Operation Fox Hunt” allegedly attempted to harass, stalk, and coerce individuals living in the U.S. who are wanted in China to return to the country.
October 2020: U.S. citizen Elliott Broidy pleaded guilty to undisclosed lobbying on behalf of the PRC in exchange for millions of dollars. Broidy attempted to get the U.S. government to drop a large fraud and money laundering prosecution and deport a critic of the PRC.
November 2020 : Wei Sun, an electrical engineer with Raytheon, was sentenced to 38 months in federal prison for transporting sensitive missile technology to China on his laptop.
December 2020 : Axios reports on a Chinese intelligence operation that allegedly occurred between 2011 and 2015. During the operation, a suspected Chinese spy named Fang Fang targeted local and national politicians through networking, campaign fundraising, and romantic or sexual relationships to gain proximity to political power.
December 2020 : Yu Zhou and his wife Li Chen admit to conspiring to steal trade secrets from the local Ohio pediatric research institute where they worked and sell them to China.
January 2021: Chinese national Cheng Bo, aka Jo Cheng, was indicted for conspiring to illegally export U.S. power amplifiers to China between 2012 and 2015.
January 2021: MIT professor Gang Chen, a naturalized U.S. citizen born in China, was charged with wire fraud for failing to disclose connections to various entities in the PRC. It is alleged that Chen received, and did not disclose, approximately $29 million in foreign funding since 2013, including $19 million from the PRC’s Southern University of Science and Technology. According to the indictment, Chen is accused of attempting to defraud “DOE by means of materially false and fraudulent pretenses…” but the Homeland Security Agent in his affidavit indicated that he did not included all facts about the investigation, only those required to establish probable cause.
April 2021: Mingqing Xiao, mathematics professor at Southern Illinois University – Carbondale, was charged with wire fraud and making a false statement. Xiao obtained $151,099 in NSF grant money without disclosing his loyalties to, and the support he received from, the Chinese government and a Chinese University.
April 2021: Chinese national Suren Qin pleaded guilty to illegally exporting $100,000 of U.S. goods to PLA-affiliated Northwester Polytechnical University in China. Qin primarily sent underwater and marine technologies to the PRC through their company LinkOcean Technologies, LTD.
July 2021: The U.S., NATO, and allies accused the PRC of using contract hackers to conduct an ongoing global cyberespionage campaign that includes ransomware attacks, cyber extortion, crypto-jacking, and rank theft. Accompanying this accusation were charges against four MSS hackers for engaging in a multi-year campaign to steal trade secrets, business information, IP, and Ebola vaccine research. Finally, the U.S. government announced they are attributing a March 2021 exploitation of zero-day vulnerabilities in Microsoft Exchange Server to MSS hackers.
We would like to thank Evan Burke, Matthew Serrone, Khristal Thomas, Arthur Nelson, Ian Haimowitz and David Robusto for their contributions to this timeline.
(N.B. These figures reflect a slight increase in acquisitions of commercial technology and a slight decline in acquisitions of military technology since 2019, but this is likely a statistical anomaly).