A former Verizon employee, Ping Li, has been sentenced to four years in prison for conspiring to act as an agent of China’s Ministry of State Security (MSS), the country’s civilian intelligence agency. Li, a 59-year-old U.S. citizen residing in Florida, admitted to sharing sensitive data with the Chinese government from at least 2012. His actions involved leaking classified information related to Chinese dissidents, pro-democracy activists, and members of the Falun Gong religious movement, in addition to valuable cybersecurity details. Li’s conviction marks another instance of espionage activities carried out against U.S. interests by foreign state actors.
Li, who worked for Verizon for two decades before moving to Infosys, a major IT company based in India, reportedly acted as a “cooperative contact” for the MSS. In this role, he shared information that the agency requested, including critical details about hacking incidents targeting U.S. companies. One such incident involved the Chinese government’s widely publicized cyberattack on a prominent U.S. company. Li’s cooperation extended beyond this, as he also provided sensitive materials related to the SolarWinds cyberattack, a significant breach of U.S. government systems in 2021.
The court documents revealed that Li used anonymous Gmail and Yahoo accounts to send the stolen data to his MSS handlers. Additionally, he often traveled to China for face-to-face meetings with the MSS officers. The espionage activities included sending biographical data about individuals in the U.S., some of whom were affiliated with the Falun Gong movement. This information was of particular interest to the Chinese government, which has targeted dissidents both domestically and abroad. Li’s actions were discovered when he was arrested in 2022, after initially lying about his involvement.
In addition to his four-year prison sentence, Li will serve three years of supervised release and pay a $250,000 fine. His case highlights the ongoing threat of cyber espionage activities backed by foreign governments, particularly China, which has been implicated in numerous cyberattacks targeting U.S. telecommunications companies and government entities. The breach of these organizations, including Verizon and AT&T, has raised concerns about the security of sensitive data and the potential for future targeted attacks on critical infrastructure. This incident serves as a stark reminder of the vulnerability of both personal and corporate data to foreign adversaries.
Reference:
