Building China's Comac C919 Airplane Involved a Lot of Hacking, Report Says

A report published today shines a light on one of China's most ambitious hacking operations known to date, one that involved Ministry of State Security officers, the country's underground hacking scene, legitimate security researchers, and insiders at companies all over the world. From a report: The aim of this hacking operation was to acquire intellectual property to narrow China's technological gap in the aviation industry, and especially to help Comac, a Chinese state-owned aerospace manufacturer, build its own airliner, the C919 airplane, to compete with industry rivals like Airbus and Boeing. A Crowdstrike report published today shows how this coordinated multi-year hacking campaign systematically went after the foreign companies that supplied components for the C919 airplane.

The end goal, Crowdstrike claims, was to acquire the needed intellectual property to manufacture all of the C919's components inside China. Crowdstrike claims that the Ministry of State Security (MSS) tasked the Jiangsu Bureau (MSS JSSD) to carry out these attacks. The Jiangsu Bureau, in turn, tasked two lead officers to coordinate these efforts. One was in charge of the actual hacking team, while the second was tasked with recruiting insiders working at aviation and aerospace companies.

The NBA will probably fly on those planes

[swirlingbrain]

Gypsys, tramps, and thieves Wed hear it from the people of the town They'd call us Gypsys, tramps, and thieves But every night all the men would come around And lay their money down

If true

[AmiMoJo]

If true then at least they aren't causing air disasters in the process. Looking at you France.

Re:If true

[CaptainDork]

If true then at least they aren't causing air disasters in the process. Looking at you France.

I'm sure they passed on the IP surrounding the Boeing 737 Max.

Re:

[gatkinso]

Boeing simply reused the pitot tube airspeed sensor code from the the A-330 for MCAS.

Re:

[CaptainDork]

Boeing simply reused the pitot tube airspeed sensor code from the the A-330 for MCAS.

No. I know what the pitot does and how it works. You're correct that it measures air speed.

The MCAS uses two blades on either side of the nose to report angle of attack. It's a fucked up design but it's a lot cheaper than traditional angle of attack indicators.

The current MCAS does not report the failure of a "double yes" (both blades are in agreement) and when one fails, the MCAS goes batshit crazy. The pilots try to gain control and succeed for a very short time but the MCAS detects the override as a cond

Re:

[sjames]

Given sufficient thrust, pigs fly just fine...

Re:

[sexconker]

It's just a little airborne. It's still good! It's still good!
https://youtu.be/ndhL0dUwM8U?t... [youtu.be]

Re:

[gatkinso]

>> just being there to put a radar on target is usually enough... ...to get popped.

Re:

[AHuxley]

Concordski for a new decade. Its the Communist way of science and tech.

I wonder which was more effective?

[frank_adrian314159]

Which was more effective in gathering information, hacking into industries' woefully insecure infrastructure or bribing industries' wage slaves? Either one should be damning for supposed first-world nations.

Re:

[JBMcB]

Which was more effective in gathering information, hacking into industries' woefully insecure infrastructure or bribing industries' wage slaves? Either one should be damning for supposed first-world nations.

How much do you think "wage slaves" should be paid to avoid a state actor with billions of dollars to be able to bribe *any* of them?

Re: I wonder which was more effective?

[OrangeTide]

This wouldn't happen in a Star Trek level economic system where individuals have little cultural use for money.

Re:

[i286NiNJA]

You don't have to outbid China. You have to avoid a situation where money issues can skew a person's judgement.
This is basic spy stuff and has been studied to death. I wouldn't be surprised if the CIA could quote you an actual dollar amount.

https://www.cia.gov/library/ce... [cia.gov]

Elements of Espionage
Three essential elements set the
conditions for a person’s entry into
espionage:
* dysfunctions in the personality
* a state of crisis
* ease of opportunity

The second essential motivator
is an experience of acute pe

Re:

[sexconker]

I wouldn't be surprised if the CIA could quote you an actual dollar amount.

I'm no spook, but 2.5x the median salary for the area.
In an area where the median salary is $40,000, don't give secret info to employees earning less than $100,000.
In an area where the median salary is $60,000, don't give secret info to employees earning less than $150,000.

Certain people will always screw you when given the chance (regardless of what you pay them). For the vast majority of people, however, 2.5x the median will allow them to live comfortably enough to not risk their lifestyle, livelihood, o

Re:

[CaptainDork]

Which was more effective in gathering information, hacking into industries' woefully insecure infrastructure or bribing industries' wage slaves? Either one should be damning for supposed first-world nations.

I'm reminded of matter where a lawsuit was worth 138 million dollars. The opposing side had damning "evidence" that was not allowed in court because of lack of provenance, but we're pretty sure someone in an IT department did very well for themselves.

Re:

[jabuzz]

None the C919 airplane is a frankly a dog that no airline outside China or a country under US/EU sanctions is ever going to buy because it's payload, range and cost to operate are significantly higher than the Airbus 320neo and 737MAX if it ever gets flying again. If you base your airline on the C919 you will be undercut by the competition and go out of business if they have the option of Airbus or Boeing. Hell I bet the Irkut MC-21 is more economic to run.

That said GE Capital Aviation Services has allegedl

Re:

[Vastad]

Isn't it more likely GE bought them to tear down 3 of them (i.e. reverse-engineer the reverse-engineering) and do test flights with the other 7?

Re: I wonder which was more effective?

[sedwards8675309]

They could have done that with three of them. Rip one apart, fly another for testing and have a spare.

Question is what they stole

[SuperKendall]

So will we see in a few years China having the same problem with planes crashing we saw from the Max recently?

Seems like a problem with stealing something from a really complex system, is lacking the context that the people working for a company understand better than you will...

Also if you have to rely on stealing, it seems like you'll never develop true competence, and always be behind waiting to steal the next innovation. It can help narrow a gap, but can easily leave your permanently behind those you steal from. I guess it's fine to yearn for a strong third place...

Re:

[Tablizer]

So will we see in a few years China having the same problem with planes crashing we saw from the Max recently?

The Max tried to force engines bigger than the older-design plane could handle to cut fuel costs and make the plane more profitable for carriers. China's state-run industries are a bit less interested in profit.

Re:

[_merlin]

The selling point of the MAX was that NG-certified crews only needed a 1-hour iPad session to fly a MAX. That 1-hour session didn't mention the MCAS.

Re:

[Tablizer]

The selling point of the MAX was that NG-certified crews only needed a 1-hour iPad session to fly a MAX. That 1-hour session didn't mention the MCAS.

As I mentioned nearby, they tried to "sell" the claim that the changes were small to avoid regulated steps required for bigger changes. Thus, the "official" claim was that only minimal training was needed for the new MAX version of the 737 for existing 737 pilots. But it seems Boeing did a "wink wink hint hint" to bigger carriers to read the manual, which had m

Re:

[aaarrrgggh]

No, you are incorrect.

The system was required for a specific certification maneuver, and expanded for a secondary function. The crashes were caused by an idiotic design and pilot overload... due primarily to idiotic design, and secondarily to training procedures that placed too much confidence in the manufacturer to not create such idiotic designs.

Re:

[Tablizer]

What's a "specific certification maneuver"?

Re:

[aaarrrgggh]

Wind-up turn.

Re:

[Tablizer]

According to this article [seattletimes.com], the "oversized engine" created a lot of conundrums without easy solutions. The wind-up turn was just one of many related issues.

If they made too many changes or added more piloting automation, then they couldn't claim they were "minor modifications" to the 737, and the new "major version" would have to go through a more complicated plane certification process. That's probably why they were hesitant to require new pilot training: it exposes the level of changes.

One cannot directly

Re:

[AHuxley]

Everything.

Re: Question is what they stole

[Miamicanes]

> Seems like a problem with stealing something from a really complex system,

> is lacking the context that the people working for a company understand better than you will...

"Context" is probably what they were hacking FOR. The actual technology documentation is available for anyone to casually browse at uspto.gov. Context & institutional knowledge is what makes it *useful*.

During the Cold War, the US & Soviet Union had direct access to 99.9% of each other's most 'secret' technology. So, why D

Re:

[drew_kime]

It would have been suicide (for the astronauts/cosmonauts), because even TODAY, NASA can't directly replicate its Apollo-era Rocketdyne engines. It has the blueprints, but it lost the skilled workers & institutional knowledge necessary to translate the plans into working engines.

Is someone trying to do this?

Re:

[Miamicanes]

Actually, NASA did have some staffers formally evaluate and document the feasibility of replicating the Saturn V's Rocketdyne F-1 engine as part of the SLS program a few years ago.

Their conclusion: replicating the F1 verbatim as it existed in 1969 would be absolutely and unquestionably impossible today. Every F-1 was basically a one-off work of industrial art created by a small, elite team of engineer-craftsmen. The institutional knowledge and skills needed to create them died (or at least, retired and dete

What's "PULL UP!" in Chinese?

[fustakrakich]

They better be careful what they copy.

So China copies even the US IP-stealing habits

[ffkom]

Sounds like China is doing exactly what the US was doing not so long ago [pri.org]. But like everything, it's bad only when others do it!

Re:So China copies even the US IP-stealing habits

[LynnwoodRooster]

When you have to go back over 200 years to try to prove a point - just admit defeat and walk away...

Re:

[ChingChongWingWong]

Clearly you're Chinese. You guys probably have a public TV channel sponsored by the government that documents the heroic efforts of Chinese thieves.

Re:So China copies even the US IP-stealing habits

[MikeMo]

Not only was this 200 years ago, it wasn't even illegal at the time. And, as far as I can tell, this is the one and only case that people point too.

Re:

[AleRunner]

Not only was this 200 years ago, it wasn't even illegal at the time. And, as far as I can tell, this is the one and only case that people point too.

It wasn't illegal in America to copy European books or break European patents. In the same way it isn't illegal in China to steal American patents or secrets.

Re:

[MikeMo]

Ah, but it is, according to international intellectual property laws, which, I believe, China says they adhere to.

Re:

[ChingChongWingWong]

Unlike China, America didn't build an entire country by thieving the ideas of great thinkers elsewhere. I'm not talking borrowing an idea from an abstract level. China has state sponsored attacks to steal western IP because they incapable of inventing. Hive mind mentality that comes with communism. Whoops.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[DrMrLordX]

Chinese minds are inferior to heroic Korean, Japanese, and (paradoxically) Taiwanese minds. It isn't about race, idiot. It's about upbringing and mindset. Get rid of your worthless Communist regime and encourage some free thinking.

Re:

[DrMrLordX]

Who cares who is a "superpower"? Taiwan, Korea, and Japan all out-innovate China. China gains power through manpower and clever misappropriation of other people's IP.

Re:

[DrMrLordX]

India is India's own problem. You can not explain how so many people have done so much under representative systems in the West, or in Japan, or elsewhere.

The rest of your blather is a distraction.

Re:

[sedwards8675309]

Uh, yeah they did. The US spent a hundred years thumbing its nose at the UK and Continental nations Copyright and Patent laws while it developed in to an industrial power.

Re:

[the_povinator]

The linked article shows that it was illegal, in the UK at least. And it wasn't just that. The US also didn't respect copyrights on foreign authors (it was a problem for Charles Dickens.)

Re:

[sabbede]

Is China a rebel colony of the US? Are we boarding their ships and conscripting their sailors? Are we currently trying to retake our former colony? Have we banned trade with China to punish them for breaking away, leaving them unable to purchase tech as they would have were they still part of the US?

The situation is quite different.

Re:

[sedwards8675309]

Bullshit. The US Spent all of the 1800s thumbing its nose at the UK and Continental patent and copyright systems. Read some of the authors of the times complaining about how they only way they could make any money off their work in the US by going there and lecturing.

Re:

[DrMrLordX]

And who is paying you to actually say things like that? Good grief. The US did steal some Industrial Age tech from Great Britain ages ago. But it also invented an enormous amount of things itself. If you weren't busy trying to justify China's poor behavior, you'd see that. Considering how "sophisticated" Chinese technology centers are now, why would they even need to hack foreign servers to steal information about aeronautics in 2019?

Japan was also guilty of appropriating some designs from foreigners in

Re:

[DrMrLordX]

China

Still

Steals.

That is why they haven't "grown up". Care to guess where SMIC got their 14nm process, for example? You don't think they invented that all on their own?

Re:

[DrMrLordX]

1). Ad Hominem means you automatically lose. So clearly my points have merit. Otherwise you wouldn't resort to it.

2). If you know anything about the history of Japan, saying that they "opened up to the West" in 1854 is woefully ignorant. The Japan you know today was forged by their loss in World War II. Their country was devastated. They had become industrial innovators under their new system of government by the 1960s. It took them maybe 15 years to get moving. Whatever Japan was prior to World War

China Rising LOL

[ChingChongWingWong]

They lack the creativity and genius to design their own industries so they steal from others. The fatal flaw in this plan is they'll always have yesterday's technology. They can't invent new so they have to wait for US to define the future so they can steal it. Future leaders of the world. Not.

Re:

[ChingChongWingWong]

I see you're already hog tied and ready for entry. If you'd take your mouth off China's penis for a minute and look at the facts you'll realize we don't have a prayer in hell of "losing".

Re:

[ChingChongWingWong]

Why do you work for Chinese Government Sponsored PR Agency? "Roh no! They know we steal again. Get Team China World PR agency to acting damage control."

Re:

[VeryFluffyBunny]

They lack the creativity and genius to design their own industries so they steal from others. The fatal flaw in this plan is they'll always have yesterday's technology. They can't invent new so they have to wait for US to define the future so they can steal it. Future leaders of the world. Not.

Selling yesterday's technology as if it were tomorrow's? You mean like Apple Inc.?

Re:

[ChingChongWingWong]

Oh lord. One of those guys huh. Still holding on to that Galaxy S8 thinking its the hottest shit around. If you actually had any conception of technology you would understand vertical integration. Not an Apple fanboy but they do all chip fab in-house which is why Android can't compete.

Re:China Rising LOL

[marcle]

They lack the creativity and genius to design their own industries so they steal from others. The fatal flaw in this plan is they'll always have yesterday's technology. They can't invent new so they have to wait for US to define the future so they can steal it. Future leaders of the world. Not.

It's not so much a lack of smarts as a desire to short-cut the development process, as well as a disregard for other nations' IP laws.
In many situations, we might say that it's a good thing for technologists to borrow from and build on others' achievements. In this case, there seems to be some kind of competition for profits, technological supremacy or bragging rights. China, just like Russia, doesn't care to play by other nations' rules.
Is the US completely clean in this regard?

Re:

[jabuzz]

I presume that the last line was rhetorical. The US is of course utterly guilty historically of short circuiting the development process by stealing other countries IP to advance industry in it's own country. Perhaps the US would like to pay restitution for it's historical IP theft. I am sure the UK would welcome the few trillion dollars for the IP stolen from just the UK (of course inflation adjusted today's value with interest added).

Re:

[radarskiy]

"They lack the creativity and genius to design their own industries so they steal from others."

This used to be said about Japan. Of course, in those days it was the US that forced the artificially favorable currency exchange rate not Japan itself.

Re:

[DrMrLordX]

Japan outgrew that rep quickly. Very quickly. Far more quickly than China has . . . China is still stealing!

Thanks, Xi

[Tablizer]

Their copy of the F-35 allegedly fixed some of the original flaws. Lets swipe it back.

Re:

[VeryFluffyBunny]

Yeah, the Chinese don't seem to suffer from the same issues as US defence contractors. In China, the govt. buys functioning military hardware. In the US, military contractors buy politicians & generals to keep the money flowing towards them regardless of whether what they're making is of any use, fit for purpose, or ridiculously over budget. The US is killing itself. They don't need any help from the Chinese.

Re:

[DrMrLordX]

In China, if a military contractor misappropriates funds (or if a party operative declares that they've done so), the contractor can be executed.

https://en.wikipedia.org/wiki/... [wikipedia.org]

Re:

[Tablizer]

In China, if a military contractor misappropriates funds (or if a party operative declares that they've done so), the contractor can be executed.

I question the fairness of such trials. Without checks and balances and public scrutiny, internal political motivations often override logic and fairness. If somebody on high needs an instant scapegoat: poof!

Re:

[DrMrLordX]

Such trials are for show. In China, if the conclusion must be determined beforehand, then it is so. Then it is only a matter of convincing the public (to the extent that the public has any right to view such proceedings, which may be limited except when the needs of the Party are served) that the proceedings were fair and legal according to standards . . . set by the Party.

How far behind?

[bill_mcgonigle]

Q: How far behind the US is China's research?
A: About twelve hours.

Re:

[CaptainDork]

Q: How far behind the US is China's research?
A: About twelve hours.

I laughed.

Maybe they should hold a ...

[CaptainDork]

... ComacCon.

great so it flies but no one knows why!?

[kiviQr]

They are walking on thin ice. When you copy the end result you have no clue why give design was chosen and why it may fail under certain conditions.

Re:

[gtall]

So far, the U.S. has only screwed itself in the trade war. Scoring own goals is not generally considered to be a recipe for success, maybe for you, it is.

Anti-Stall MCAS: from Boeing

[mnemotronic]

Stole anti-stall technology from the 737Max. Oops.

Unnecessarily elaborate

[Pimpy]

If their aim is to compete with the US aviation sector, they could just focus on such unique differentiators as building a plane that goes up, rather than down. Or have it certified by an actual certification body, rather than just internal rubber-stamping.

Ban sales, blacklist manufacturer.

[sabbede]

Take it to the WTO to punish China, preferably to expel them. In the meantime, ban the company from accessing the international banking system.

Criminals!

[martinfb]

When a citizen is too lazy to learn a skill, they turn to easier things like stealing.

When a nation, like China, is too lazy to earn skills via education, they turn to stealing from developed entities.
All of which is akin to a lazy citizen turning to theft.

Thus, China needs to concede the trade war!