Telco engineer who spied on US employer for Beijing gets four years in the clink
Provides insight to how China gets inside US systems, perhaps at Verizon and Infosys
A 59 year-old Florida telco engineer was sentenced to 48 months in prison after he served as a spy for China and provided Beijing with details like his employer’s cybersecurity, according to the US Department of Justice.
According to the DoJ, Ping Li, a US citizen and Chinese immigrant, admitted to being a "cooperative contact" for China's Ministry of State Security (MSS) since as early as 2012 – meaning he assisted in activities like conducting research and obtaining information on behalf of the Ministry.
Li sought info on Chinese dissidents and pro-democracy advocates, members of the Falun Gong spiritual movement, US-based non-governmental organizations, and information he obtained from his employer. He used anonymous Gmail and Yahoo! accounts, and other online services, to communicate to MSS, and even travelled to China for meetings.
The DoJ has referred to Li's two employers as "a major US telecommunications company and an international information technology company." Those euphemisms have been unmasked by other media outlets as Verizon and Infosys – details which correspond to what is likely Li's LinkedIn page.
- China's Salt Typhoon cyber spies are deep inside US ISPs
- Chinese cyberspies reportedly breached Verizon, AT&T, Lumen
- Uncle Sam accuses telco IT pro of decade-long spying campaign for China
- Microsoft names Chinese group as source of new attack on SolarWinds
According to the US government, Li provided information on the Verizon’s China-based branches, training instruction plans, and hacking events that targeted US companies – including the SolarWinds attack which is thought to have been exploited by the Chinese government. He was asked to provide cyber security training materials and other information regarding the international IT provider he next worked for.
Li was responsive and productive: he sometimes turned around MSS requests in a day during his decade of working for the Ministry.
In addition to four years of jail time, Li was issued a $250,000 fine and three years of supervised release.
The US has become increasingly concerned about Beijing-backed espionage efforts, especially the exploits of a group labelled “Salt Typhoon” that is thought to have attacked Verizon, AT&T, and Lumen Technologies.
Mark Warner, chair of the Senate Intelligence Committee, last week said, “my hair is on fire”, such is the extent of Chinese attackers’ penetration of US networks, which he feels may mean “thousands” of network devices need to be replaced to address persistent access. ®