A federal weather service employee arrested and charged last year with stealing sensitive information from a federal database for the nation’s dams and lying about the breach to federal agents may be part of a wide-ranging FBI probe of Chinese economic and other forms of espionage.
The FBI probe into China’s involvement in the case adds fodder to the growing fear that China could carry out a cyber attack on the national electrical power grid, which federal cyber authorities believe China has obtained sensitive information about through hacking and outright espionage, which the Chinese government has engaged in in the United States for decades. For example, classified State Department cables from the late 1980s suggested China had obtained detailed schematics on the US Shuttle design through espionage.
Xiafen “Sherry” Chen, a hydrologist employed at the National Oceanic and Atmospheric Administration’s (NOAA) facility in Wilmington, Ohio, was indicted in October 2014 in US District Court for the Southern District of Ohio Western Division for allegedly downloading sensitive files from the National Inventory of Dams (NID).
Maintained and controlled by the US Army Corps of Engineers, the NID contains sensitive information on all US dams, including the number of deaths that would occur if a dam failed. US intelligence officials indicated Chinese hackers infiltrated the database in 2013.
Court documents made public on December 30, 2014, indicate Chen exchanged a series of emails with Jiao Yong, an official of the Ministry of Water Resources in Beijing. The emails reveal Chen met with Yong in Beijing and that she would be providing dam-related information to him.
“It was very glad to meet you in Beijing after so many years and impressed with your achievement and contribution to the nation in water resources development and management,” Chen stated in a May 15 email.
“I am back home now and have been looking for the dam related information you are interested” in, she added.
In response to Chen’s email, Yong stated, “Hi Xiafen: Your email received. I am sorry to reply you with a delay as I was on a one-week trip for inspection of flood works. Thanks for the information you forward me. I will go through it. Best regards, Jiao Yong.”
A 59-year-old naturalized American, Chen has pleaded not guilty. According to a NOAA spokesperson, Chen has been placed on indefinite suspension, non-duty, non-paid status.
The Washington Free Beacon reported that an FBI memorandum dated July 11, 2014, revealed the FBI probe was part of an investigation of Chinese economic espionage. Written by Eric Proudfoot, a special agent at a counterintelligence unit at the FBI’s Cincinnati office, the memo stated the Army Corps of Engineers is “victim — economic espionage — PRC.”
In a court motion filed Dec. 30, Peter Zeidenberg, Chen’s attorney, requested a court order that would “preclude the government from introducing any evidence related to Chen’s nationality, her trips to China or her contacts and communications with her former colleague in China.”
Chen’s indictment charges include one count of theft of US government property and one count of illegally accessing a US government computer database as well as two counts of making materially false statements to federal agents, crimes each punishable by up to five years in prison and a $250,000 fine.
“In the wrong hands, the Army Corps of Engineers’ database could be a cyber attack roadmap for a hostile state or terrorist group to disrupt power grids or target dams in this country,” Michelle Van Cleave, a former senior adviser to the Executive Agent for Homeland Security and Department of Defense and a former consultant to the CIA told Wired after the 2013 NID breach.
In July 2014, Homeland Security Today reported that the Department of Justice charged Chinese businessman Su Bin with conspiring to obtain unauthorized access to the computer systems of The Boeing Company, a leading aerospace company, and other US companies in an attempt to steal data related to dozens of US military projects.
In addition, cybersecurity firm Crowdstrike released a report in June 2014 indicating a Chinese hacking group dubbed “Putter Panda” may have been conducting cyber attacks against the US space, aerospace and communications sectors since 2007.
Crowdstrike’s report emerged just weeks after the indictment of five Chinese military hackers—officers of Unit 61398 of the People’s Liberation Army of China—by the Department of Justice for online spying against US steel, nuclear power and solar companies."
China’s decades-long economic espionage campaign is massive and unrelenting," CrowdStrike CEO George Kurtz said in a statement with the release of Crowdstrike’s report last year. "Through widespread espionage campaigns, Chinese threat actors are targeting companies and governments in every part of the globe."
Photo: Chen and her colleagues at NOAA/NWS Ohio River Forecast Center received a meteorology award in 2011. (Source: nwas.org)