NOAA Employee Charged With Computer Breach Met Senior Chinese Official in Beijing

Documents in Ohio case reveal FBI probe of Chinese hacking into National Inventory of Dams database

Hoover Dam on Lake Mead at the Lake Mead National Recreation Area in Nevada
Hoover Dam on Lake Mead at the Lake Mead National Recreation Area in Nevada / AP
January 6, 2015

A federal weather service employee charged with stealing sensitive infrastructure data from an Army Corps of Engineers database met a Chinese government official in Beijing, according to court documents that reveal the case to be part of an FBI probe of Chinese economic espionage.

Xiafen "Sherry" Chen, an employee of the National Oceanic and Atmospheric Administration (NOAA) office in Ohio, was arrested in October and charged in a federal grand jury indictment with illegally accessing the Army’s National Inventory of Dams (NID).

The NID is a sensitive database containing information on all U.S. dams. U.S. intelligence officials have said the database was compromised by Chinese hackers in 2013 as part of covert efforts by Beijing to gather sensitive information on critical U.S. infrastructure for possible use in a future conflict.

According to an FBI document in the case made public Dec. 30, Ms. Chen and Jiao Yong, an official of the Ministry of Water Resources in Beijing, exchanged a series of emails in May 2012 indicating that the two met in Beijing that year and that she was searching for, and would provide, dam-related information for him.

"It was very glad to meet you in Beijing after so many years and impressed with your achievement and contribution to the nation in water resources development and management," Ms. Chen stated in a May 15 email.

"I am back home now and have been looking for the dam related information you are interested" in, she added.

The other emails were dated May 21 and May 29.

In response to Ms. Chen’s email, Mr. Jiao stated, "Hi Xiafen: Your email received. I am sorry to reply you with a delay as I was on a one-week trip for inspection of flood works. Thanks for the information you forward me. I will go through it. Best regards, Jiao Yong."

Ms. Chen is charged with stealing sensitive data "involving critical national infrastructure" after accessing the Army Corps of Engineers dam inventory in May 2012 without authorization. She also is charged with lying to investigators.

A 59-year-old naturalized American, Ms. Chen has pleaded not guilty.

An FBI memorandum dated July 11, 2014, outlining a federal search of Ms. Chen’s email, reveals that the probe was part of an investigation of Chinese economic espionage.

The document, written by Eric Proudfoot, a special agent at a counterintelligence unit at the FBI’s Cincinnati office, states under the case identification heading that the Army Corps of Engineers is "victim — economic espionage — PRC."

The Washington Free Beacon disclosed on May 1, 2013, that U.S. intelligence agencies had traced a cyber intrusion into the Corps of Engineers dam database to the Chinese government. That hacking took place against the Corps of Engineer’s NID and involved an "unauthorized person" who conducted the intrusion in January 2013.

The Army Corps of Engineers "immediately revoked this user’s access to the database upon learning that the individual was not, in fact, authorized full access to the NID," Peter Pierce, a Corps spokesman, said at the time.

The unauthorized user in the January 2013 incident was not identified.

Adm. Mike Rogers, head of the U.S. Cyber Command and director of the National Security Agency, told Congress in November that key networks and control systems for financial, water, and other sectors have been penetrated by foreign states in preparation for future cyberattacks aimed at crippling critical infrastructure.

"We have seen instances where we’re observing intrusions into industrial control systems," Adm. Rogers told the House Permanent Select Committee on Intelligence on Nov. 20.

Ms. Chen’s lawyer, Peter Zeidenberg, said he has no doubt that federal investigators are concerned about hacking of the critical infrastructure database but that had nothing to do with his client.

"The problem is, that despite the fact that Ms. Chen never sent any proprietary — much less classified — information to anyone, much less a Chinese national, the government nevertheless went ahead and charged her anyway," Mr. Zeidenberg said in an email. "We believe that was a huge mistake and a real injustice."

Mr. Zeidenberg, in a court motion, has asked that the case be dismissed. The government has not responded.

Dwight Keller, the assistant U.S. Attorney in Dayton, Ohio, in charge of the case, declined to comment.

NOAA spokeswoman Susan Buchanan said Chen is serving an indefinite suspension and is on non-duty, non-paid employment status.

As for the emails, Mr. Zeidenberg noted in his email to The Times that his client provided investigators with them. He said Mr. Jiao was "a low-level official" who was a friend of Ms. Chen’s.

The website of China’s Ministry of Water Resources lists Jiao Yong as vice minister. It could not be learned if the vice minister was the same official who corresponded with Ms. Chen in the emails. He did not return an email seeking comment.

The emails, obtained under a federal search warrant from Yahoo!, indicate that Ms. Chen contacted the Army Corps of Engineers regarding public information sources on total dam capacity, policies, procedures, and guidelines for dam permits, regulation, and financing.

Another email from Ms. Chen to Mr. Jiao included the Internet address for the National Inventory of Dams, which is run by the Army Corps of Engineers alongside the Federal Emergency Management Agency and state regulators.

The NID database contains dam information on "location, type, storage, capacity, year of built, etc.," she wrote. "However, the database is only for government users and non-government users are not able to directly download any data from this site."

"I will do some more search and let you know what I come up with," Ms. Chen stated.

The indictment states that Ms. Chen stole "sensitive, restricted, and proprietary computerized fields of data involving critical national infrastructure" after she "exceeded authorized access to a protected U.S. government computer database" — the NID.

Ms. Chen also was charged with making false statements to investigators about the computer access violation on June 11, 2013.

She also was charged in a fourth count with falsely stating that she did not download data on critical national dam infrastructures.

In a court motion filed on Dec. 30, Mr. Zeidenberg requested a court order that would "preclude the government from introducing any evidence related to Chen’s nationality, her trips to China, or her contacts and communications with her former colleague in China."

The document identified Ms. Chen as a hydrologist for NOAA for the past seven years who has an advanced degree from graduate school of the Institutes of Water Conservancy and Hydroelectric Power in Beijing.
Ms. Chen immigrated to the United States from China with her husband in 1992 and is a naturalized U.S. citizen.

According to the defense document, during a meeting with a Chinese official in 2012, Ms. Chen was asked about "financing and dam repair" and said she would seek the public information upon her return to the United States.

After Ms. Chen notified an official at the Army Corps of Engineers about the Chinese official’s request, the official, "apparently alarmed" over possible Chinese espionage, contacted the Corps’ security office.
The notice resulted in a Commerce Department inspector general probe and the FBI investigation.

Published under: China