US convicted a Chinese spy with help from an iCloud backup

Posted:
in iCloud edited September 16
Xu Yanjun, an officer in China's Ministry of State Security (MSS), was caught with the help of an iCloud backup of his iPhone.

iCloud icon
iCloud icon


A federal jury convicted Yanjun on November 5, 2021, of industrial espionage against GE Aviation and Honeywell. The goal was to steal secrets relating to advanced aerospace engines so China could learn to manufacture their own.

Unfortunately, investigators couldn't get anything directly off Yanjun's iPhone, as an unknown party remotely wiped it a day after his arrest. However, the investigation details shared by Bloomberg reveals that Yanjun's iCloud data was a key factor in his arrest and conviction.

Backups in iCloud are encrypted in transit and while sitting on servers. But, as it has done many times before, Apple can hand over the data after a valid subpoena from law enforcement -- this time, the FBI.

The iCloud data included a document never seen before by the FBI or other US agencies. The report compares it to Standard Form 86, a questionnaire American intelligence employees are required to complete.

Through Ministry of State Security officers like Yanjun, China reportedly targeted academics and engineers working on secret aerospace projects. Invited to the country under the pretense of giving academic talks, spies gradually gained access to information.

An employee of GE Aviation, David Zheng, was quickly caught and used in counterintelligence to draw Yanjun out of China. GE worked closely with the FBI, using technical papers that didn't contain real secrets, but were carefully edited to be suggestive.

Zheng then handed these to Yanjun to fool him and Chinese academics into thinking they were helpful information. Finally, after months of work, investigators were able to lure Yanjun to Belgium, where he was arrested and extradited to the US.

The whole story is long and interesting, as the US gained unprecedented insight into China's economic industrial espionage complex as a result of the investigation and arrest.

Read on AppleInsider

Comments

  • Reply 1 of 17
    This does not fit the definition of spy. 
  • Reply 2 of 17
    Spies don’t realize , cloud storage is not your own. China is not sending their best.I hope the CIA is not making foolish mistakes like this 
    watto_cobra
  • Reply 3 of 17
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    JFC_PAwatto_cobraFileMakerFellertmay
  • Reply 4 of 17
    Spies don’t realize , cloud storage is not your own. China is not sending their best.I hope the CIA is not making foolish mistakes like this 
    Nah, the CIA & NSA are too busy collecting information on US citizens illegally to have time to make incriminating iCloud backups.
    DAalsethwatto_cobraFileMakerFeller
  • Reply 5 of 17
    blastdoor said:
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    The incident happened in China. 
  • Reply 6 of 17
    blastdoor said:
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    The incident happened in China. 
    I guess you'd have a point, if only the definition read: 

    "a person who IS NOT IN CHINA and secretly collects and reports information on the activities, movements, and plans of an enemy or competitor."

    But, alas, the definition lacks the all caps insertion. 

    JFC_PAwatto_cobraFileMakerFellermuthuk_vanalingamtmayjony0
  • Reply 7 of 17
    blastdoor said:
    blastdoor said:
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    The incident happened in China. 
    I guess you'd have a point, if only the definition read: 

    "a person who IS NOT IN CHINA and secretly collects and reports information on the activities, movements, and plans of an enemy or competitor."

    But, alas, the definition lacks the all caps insertion. 

    So CIA, FBI collecting information on Chinese nationals in US are spies? 
    watto_cobraFileMakerFeller
  • Reply 8 of 17
    crowleycrowley Posts: 10,360member
    blastdoor said:
    blastdoor said:
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    The incident happened in China. 
    I guess you'd have a point, if only the definition read: 

    "a person who IS NOT IN CHINA and secretly collects and reports information on the activities, movements, and plans of an enemy or competitor."

    But, alas, the definition lacks the all caps insertion. 

    So CIA, FBI collecting information on Chinese nationals in US are spies? 
    Nice stretch.  Keep crying, stooge.
    JFC_PAtmay
  • Reply 9 of 17
    crowley said:
    blastdoor said:
    blastdoor said:
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    The incident happened in China. 
    I guess you'd have a point, if only the definition read: 

    "a person who IS NOT IN CHINA and secretly collects and reports information on the activities, movements, and plans of an enemy or competitor."

    But, alas, the definition lacks the all caps insertion. 

    So CIA, FBI collecting information on Chinese nationals in US are spies? 
    Nice stretch.  Keep crying, stooge.
    Stretch? You mean double standard?
    FileMakerFeller
  • Reply 10 of 17
    blastdoor said:
    blastdoor said:
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    The incident happened in China. 
    I guess you'd have a point, if only the definition read: 

    "a person who IS NOT IN CHINA and secretly collects and reports information on the activities, movements, and plans of an enemy or competitor."

    But, alas, the definition lacks the all caps insertion. 

    So CIA, FBI collecting information on Chinese nationals in US are spies? 
    Lol. No, CIA people collecting information on Chinese technologies by running people in China are spies. 

    Collecting information about this spy? Law enforcement counterintelligence. 
    edited September 16 docbburkwatto_cobratmayjony0
  • Reply 11 of 17
    blastdoor said:
    blastdoor said:
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    The incident happened in China. 
    I guess you'd have a point, if only the definition read: 

    "a person who IS NOT IN CHINA and secretly collects and reports information on the activities, movements, and plans of an enemy or competitor."

    But, alas, the definition lacks the all caps insertion. 

    So CIA, FBI collecting information on Chinese nationals in US are spies? 
    Most  countries have spies. Whether spying is good or bad depends on goals/intent/legality.

    I can’t really blame the Chinese for engaging in industrial espionage. The US did the same to the British in the 18th and 19th centuries. I also don’t blame the US for defending against it.

    It’s silly to say that something isn’t what it clearly is, though. 


    gatorguywatto_cobraFileMakerFellermuthuk_vanalingamtmayjony0
  • Reply 12 of 17
    JFC_PA said:
    blastdoor said:
    blastdoor said:
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    The incident happened in China. 
    I guess you'd have a point, if only the definition read: 

    "a person who IS NOT IN CHINA and secretly collects and reports information on the activities, movements, and plans of an enemy or competitor."

    But, alas, the definition lacks the all caps insertion. 

    So CIA, FBI collecting information on Chinese nationals in US are spies? 
    Lol. No, CIA people collecting information on Chinese technologies by running people in China are spies. 

    Collecting information about this spy? Law enforcement counterintelligence. 
    You don't work for CIA or FBI. 
  • Reply 13 of 17
    This does not fit the definition of spy. 
    Pretty sure it does. China is relentless in their industrial espionage efforts. Why they have most favored nation status by the US is beyond me.
    watto_cobra
  • Reply 14 of 17
    There I wish there was a third option, in addition to like and informative, not informative. 
    watto_cobraFileMakerFellerdewme
  • Reply 15 of 17
    blastdoor said:
    blastdoor said:
    blastdoor said:
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    The incident happened in China. 
    I guess you'd have a point, if only the definition read: 

    "a person who IS NOT IN CHINA and secretly collects and reports information on the activities, movements, and plans of an enemy or competitor."

    But, alas, the definition lacks the all caps insertion. 

    So CIA, FBI collecting information on Chinese nationals in US are spies? 
    Most  countries have spies. Whether spying is good or bad depends on goals/intent/legality.

    I can’t really blame the Chinese for engaging in industrial espionage. The US did the same to the British in the 18th and 19th centuries. I also don’t blame the US for defending against it.

    It’s silly to say that something isn’t what it clearly is, though. 


    The US have never stopped engaging in industrial espionage. Every nation does it, every corporation does it, a lot of individuals do it. Sometimes it's innocent over-stepping of the line between research and espionage, sometimes it's incidental data collection ancillary to the main aims of a project, sometimes it's people who read technical documentation and notice something unusual and then inform their favourite technology websites.

    Practically everyone does it, those with the most valuable secrets take steps to defend them, and anyone who gets caught is pilloried. The fact that the alleged instigator travelled to Belgium and was captured and extradited to the US is a demonstration of the extraordinary power wielded by that nation. That the legal team was able to subsequently obtain a conviction speaks to the evidence gathered along the way. I have great respect for that counter-intelligence team, it sounds like one hell of an operation. But I'm not going to claim that this was a case of "the good guys" catching "the bad guys" because nobody in this scenario can claim to be pure.
    muthuk_vanalingamdewme
  • Reply 16 of 17
    y2any2an Posts: 130member
    Why in earth would the CIA or FBI want to release details about how this was cracked? You’d think they would keep quiet hoping they could exploit the same strategy again. This doesn’t ring true. 
  • Reply 17 of 17
    tmaytmay Posts: 5,761member
    blastdoor said:
    blastdoor said:
    blastdoor said:
    This does not fit the definition of spy. 
    I googled “definition of spy” and got:

    a person who secretly collects and reports information on the activities, movements, and plans of an enemy or competitor.

    So how do you figure this does not meet the definition of a spy?

    The incident happened in China. 
    I guess you'd have a point, if only the definition read: 

    "a person who IS NOT IN CHINA and secretly collects and reports information on the activities, movements, and plans of an enemy or competitor."

    But, alas, the definition lacks the all caps insertion. 

    So CIA, FBI collecting information on Chinese nationals in US are spies? 
    Most  countries have spies. Whether spying is good or bad depends on goals/intent/legality.

    I can’t really blame the Chinese for engaging in industrial espionage. The US did the same to the British in the 18th and 19th centuries. I also don’t blame the US for defending against it.

    It’s silly to say that something isn’t what it clearly is, though. 


    The US have never stopped engaging in industrial espionage. Every nation does it, every corporation does it, a lot of individuals do it. Sometimes it's innocent over-stepping of the line between research and espionage, sometimes it's incidental data collection ancillary to the main aims of a project, sometimes it's people who read technical documentation and notice something unusual and then inform their favourite technology websites.

    Practically everyone does it, those with the most valuable secrets take steps to defend them, and anyone who gets caught is pilloried. The fact that the alleged instigator travelled to Belgium and was captured and extradited to the US is a demonstration of the extraordinary power wielded by that nation. That the legal team was able to subsequently obtain a conviction speaks to the evidence gathered along the way. I have great respect for that counter-intelligence team, it sounds like one hell of an operation. But I'm not going to claim that this was a case of "the good guys" catching "the bad guys" because nobody in this scenario can claim to be pure.
    Civilian Jet engine technology has National Security implications when incorporated into military aircraft engines, and Western jet engine technology leads China and Russia by much more than a decade. Of course it makes sense for China to steal that technology, if they can, and for the West to attempt to make that technology unavailable to China. 

    https://www.aero-mag.com/ge-aviation-xa100-04012022

    The XA100-GE-100 engine combines three key innovations to deliver a generational change in combat propulsion performance:

    1. An adaptive engine cycle that provides both a high-thrust mode for maximum power and a high-efficiency mode for optimum fuel savings and loiter time
    2. A third-stream architecture that provides a step-change in thermal management capability, enabling future mission systems for increased combat effectiveness
    3. Extensive use of advanced component technologies, including ceramic matrix composites (CMC), polymer matrix composites (PMC), and additive manufacturing

    These innovations increase thrust 10%, improve fuel efficiency by 25%, and provide significantly more aircraft heat dissipation capacity, all within the same physical envelope as current propulsion systems. The XA100’s improved fuel efficiency provides significant reduction in carbon emissions. The engine will also operate on any US Air Force-approved biofuels.

    It's not just the IP though, you need the manufacturing technology to build it, and that takes a long time, and lots of investment, to master. 
Sign In or Register to comment.