Jiangsu State Security Department
Insignia of the MSS
Department overview
FormedSeptember 1983 (September 1983)[1]
JurisdictionJiangsu Province, China
HeadquartersNo. 1 Yangzhou Road
Gulou District, Nanjing, Jiangsu, China
32°03′34″N 118°45′41″E / 32.05944°N 118.76139°E / 32.05944; 118.76139
EmployeesClassified
Annual budgetClassified
Parent departmentMinistry of State Security

The Jiangsu State Security Department (Chinese: 江苏省国家安全厅; pinyin: Jiāngsū Shěng Guójiā Ānquán Tīng; JSSD) is a provincial bureau of the Chinese Ministry of State Security in Jiangsu which serves as the coastal province's intelligence service and secret police. They are involved extensively in espionage against the United States, and aviation-related industrial espionage, operating the hacking group TURBINE PANDA, also known as APT26.[2] They are most well known for their alleged responsibility for the high-profile 2015 hack of the United States Office of Personnel Management, stealing the personal details of over 20 million U.S. federal civil servants.

The department is headquartered in the Gulou District of Nanjing, west of the Jiming Temple, though it maintains locations throughout the province.[3]

Operations

Hack of the US Office of Personnel Management

In 2015, hackers working on behalf of the Jiangsu SSD obtained access to 22.1 million SF-86 records of US federal employees, contractors, and their friends and family.[4][5] Representing one of the largest breaches of government data in U.S. history,[6] information that was obtained and exfiltrated in the breach[7] included personally identifiable information such as Social Security numbers,[8] as well as names, dates and places of birth, and addresses.[9]

Espionage against the United States military

In 2013, Jì Chāoqún (季超群), a Chinese graduate student studying in the United States, was recruited by officials from the JSSD and agreed to "dedicate the rest of his life to [China's] national security." He graduated from Illinois Institute of Technology in 2015 and enlisted as an E-4 in the United States Army Reserve through the Military Accessions Vital to the National Interest (MAVNI) program the following year. In response to a security clearance investigation at the time of his enlistment, Ji falsely claimed to have had no close contact with officials of any foreign government in the prior seven years. In 2018, Ji met with individuals he believed were with the MSS, but were in fact undercover agents of the US Federal Bureau of Investigation (FBI). During these meetings, Ji said he could leverage his military credentials to take photos on board the destroyer USS Roosevelt, and that he would seek work in cybersecurity at the CIA, FBI or NASA, in order to gain greater access to databases of classified information. He was arrested later in 2018. Following a trial in 2022, Ji was convicted on one count each of acting as an agent of China without registering under the Foreign Agents Registration Act as required (18 USC § 951), conspiracy to wit, and making false statements (18 USC § 1001) to the US Army. In early 2023, Ji was sentenced to eight years in prison by a federal court in Chicago.[10]

Industrial espionage in the aviation sector

In 2017, an engineer at GE Aviation in Cincinnati was contacted by officials from the Jiangsu SSD through LinkedIn, and convinced to give a presentation to officials ostensibly from Nanjing University of Aeronautics and Astronautics. After being identified by the FBI and GE security, he was forced to take part in an offensive counterintelligence operation run by the FBI. After the engineer reengaged his Chinese acquaintance at the behest of the FBI, search warrants of the email address the man used revealed him to be Xu Yanjun, a deputy division director of the Sixth Bureau of the JSSD with nearly 20 years experience. Soon after, Xu asked the engineer to obtain details on the composite materials used in the structure of the Lockheed Martin F-22 Raptor.

Xu in US custody prior to his conviction

Xu was ultimately arrested in a sting operation in Belgium arranged by the FBI. After examining his devices, an iCloud account revealed the JSSD was engaged in cyberespionage against global aerospace conglomerates Honeywell and Safran, and California-based gas turbine manufacturer Capstone Turbine. The companies were contractors for the first indigenous Chinese commercial aircraft, the COMAC C919, and the information revealed that China was working to steal the data necessary to cut the vendors out of the supply chain.[11] At a discussion at the Center for Strategic and International Studies (CSIS), Sinologist Peter Mattis said Nanjing University was the eventual customer for the stolen technology, and played a key role in setting the intelligence requirements for the JSSD's collection efforts.[12]

List of directors

Name Entered office Left office Time in office ref.
Qiu Lu (邱路) September 1983 unknown unknown [13]
Yang Zhaoliang (杨兆亮) unknown March 30, 2007 unknown [14]
Wang Jinling (王金陵) March 30, 2007 July 2014 7 years, 4 months [14]
Liu Yang (刘旸) July 2014 August 22, 2017 3 years, 2 months [15]
Chen Deying (陈德鹰) September 2017 unknown unknown [15]

References

  1. Joske, Alex (September 2023). "State Security Departments: The Birth of China's Nationwide State Security System" (PDF). Deserepi. 0: 11–12.
  2. "Turbine Panda, APT 26, Shell Crew, WebMasters, KungFu Kittens - Threat Group Cards: A Threat Actor Encyclopedia". apt.etda.or.th. Retrieved 2023-05-16.
  3. "Huge Fan of Your Work: How TURBINE PANDA and China's Top Spies Enabled Beijing to Cut Corners on the C919 Passenger Jet" (PDF). Crowdstrike. October 2019.
  4. Zengerle, Patricia; Cassella, Megan (2015-07-09). "Estimate of Americans hit by government personnel data hack skyrockets". Reuters. Retrieved 2015-07-09.
  5. Nakashima, Ellen (9 July 2015). "Hacks of OPM databases compromised 22.1 million people, federal authorities say". The Washington Post. Retrieved 19 July 2020.
  6. Barrett, Devlin (5 June 2015). "U.S. Suspects Hackers in China Breached About four (4) Million People's Records, Officials Say". The Wall Street Journal. Retrieved 5 June 2015.
  7. Fruhlinger, Josh (2020-02-12). "The OPM hack explained: Bad security practices meet China's Captain America". CSO Online. Retrieved 2023-05-29.
  8. Risen, Tom (5 June 2015). "China Suspected in Theft of Federal Employee Records". U.S. News & World Report. Retrieved 5 June 2015.
  9. Sanders, Sam (4 June 2015). "Massive Data Breach Puts 4 Million Federal Employees' Records At Risk". NPR. Retrieved 5 June 2015.
  10. "一名中国公民因非法充当中国政府代理人而被判处八年监禁" [A Chinese citizen was sentenced to eight years in prison for illegally acting as an agent of the Chinese government]. Voice of America (in Chinese). 2023-01-26. Retrieved 2023-05-17.
  11. Bhattacharjee, Yudhijit (2023-03-07). "The Daring Ruse That Exposed China's Campaign to Steal American Secrets". The New York Times. ISSN 0362-4331. Retrieved 2023-05-11.
  12. "Chinese Communist Espionage: An Intelligence Primer Book Discussion". Center for Strategic and International Studies. December 5, 2019. Retrieved 2023-05-10.
  13. Joske, Alex (September 2023). "State Security Departments: The Birth of China's Nationwide State Security System" (PDF). Deserepi. 0: 11–12.
  14. 1 2 "江蘇省國家安全廳 - 怪猫的图书资源库" [State Security Department of Jiangsu Province]. Fudan University (in Chinese). Retrieved 2023-08-10.
  15. 1 2 "刘旸" [Liu Yang]. People's Government of Jiangsu Province (in Chinese). 2020-03-23. Archived from the original on 2020-03-23.{{cite web}}: CS1 maint: unfit URL (link)
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.