Chinese born-U.S. Citizen engineer, Wei Sun, was quietly arrested in January 2019 when a sealed indictment and arrest warrant were issued charging him with International Traffic in Arms Regulation (ITAR) violations of taking US defense articles to China.
He worked for Raytheon Missile Systems (RMS) from January 2009 until his termination on 15 January 2019. During his period of employment, he worked on a variety of missile systems, all of which would have been of interest to an adversary of the United States. He was arrested on 23 January 2019 in Tucson, Arizona according to court documents.
While he has initially pleaded not guilty, his attorney has filed a request to change his plea with the court and a hearing is scheduled for 14 February 2020.
travel program
We know from the criminal complaint filed on 23 January 2019 that Raytheon’s travel briefing program clearly was working and in place. Sun filed his foreign travel notification with his employer in December 2018. Within the notification he advised that he intended to travel with his company issued laptop computer. Given Sun’s work within the Ballistic Missile Defense project, security personnel ordered him not to travel abroad with his company computer, as to do so would violate export control laws of the United States.
Sun traveled o/a 18 December 2018 and on 7 January 2019, connected to his company computer network from abroad using his company issued computer (court records do not reveal from which country). While connected to the network he reviewed his email and sent an email resigning from his employer. What portions of the RMS network were accessed by Sun beyond his email were not shared in court filings.
insider threat program engages
The sequence of events demonstrate that the company contacted law enforcement early on in their discovery of Sun’s placing ITAR controlled information at risk. Following his return from abroad, Sun was confronted by the company’s security personnel and asked to confirm that he had traveled with his company computer, even though he had been admonished not to do so prior to his foreign travel. He confirmed that he had ignored the advice. After some initial dissembling on the part of Sun, he eventually admitted that he had taken his device into China.
Sun returned his device, a HP Elitebook 840 computer to Raytheon.
We know from the criminal complaint and the superseding indictment, that at least five sensitive, ITAR restricted, documents have been identified as resident on the computer when Sun traveled to China.
Collaborator or Naiveté?
The court documents don’t give us a flavor of whether or not Sun was working on behalf of Chinese intelligence or the PLA as no discussion on motive has been revealed.
Sun may have been actively collaborating with the Chinese for some time and he tripped up on this journey by accessing the company network from abroad, which kicked in the insider threat notification regime within RMS. The court documents don’t detail his travel history. What is incongruous, is why an individual collaborating, who resigned from abroad, using the device he was told not to take abroad, would return to the U.S., let alone with the device.
What we may have here is simply a case of an individual who had a bone to chew with his employer and wanted to depart with a bit of a splash. His actions certainly caught their attention, and his naiveté may have led him to believe that by returning with the device, there would be a call of “no harm, no foul” with respect to the ITAR violation.
The word for all who are entrusted with ITAR articles, when one willfully violates ITAR, the penalty is swift and harsh. Sun now faces five counts of ITAR violation each carrying up to a $1 million penalty and up to 20 years imprisonment per violation.