Justice Department Announces Five Cases as Part of Recently Launched Disruptive Technology Strike Force

The Justice Department today announced criminal charges in five cases and four arrests from five different U.S. Attorney’s offices in connection with the recently launched multi-agency Disruptive Technology Strike Force.

The Disruptive Technology Strike Force is co-led by the Departments of Justice and Commerce to counter efforts by hostile nation-states to illicitly acquire sensitive U.S. technology to advance their authoritarian regimes and facilitate human rights abuses. The Strike Force’s work has led to the unsealing of charges against multiple defendants in five cases accused of crimes including export violations, smuggling and theft of trade secrets.

Two of these cases involve the disruption of alleged procurement networks created to help the Russian military and intelligence services obtain sensitive technology in violation of U.S. laws. In the Eastern District of New York, a Greek national was arrested on May 9 for federal crimes in connection with allegedly acquiring more than 10 different types of sensitive technologies on behalf of the Russian government and serving as a procurement agent for two Russian Specially Designated Nationals (SDNs) operating on behalf of Russia’s intelligence services. In the District of Arizona, two Russian nationals were arrested for their involvement in a procurement scheme to supply multiple Russian commercial airline companies – which were subject to bans from engaging in certain type of commercial transactions – with export-controlled parts and components, including braking technology.

Two of the other cases announced today charge former software engineers with stealing software and hardware source code from U.S. tech companies in order to market it to Chinese competitors. In the Central District of California, a senior software engineer was arrested on May 5 for theft of trade secrets for allegedly stealing source code used in metrology software which is used in “smart” automotive manufacturing equipment. The defendant then allegedly marketed the stolen technology to multiple Chinese companies. In the Northern District of California, a citizen of the People’s Republic of China (PRC) and former Apple engineer is accused of allegedly stealing thousands of documents containing the source code for software and hardware pertaining to Apple’s autonomous vehicle technology. This defendant fled to China and is believed to be working for a PRC-based autonomous vehicle competitor.

The fifth and final case involves a Chinese procurement network established to provide Iran with materials used in weapons of mass destruction (WMDs) and ballistic missiles. In the Southern District of New York, a PRC national is charged with allegedly participating in a scheme to use his employer to conduct transactions with a U.S. financial institution for the benefit of a purported Iranian entity, as part of an effort to provide isostatic graphite, a material used in the production of WMDs, to Iran.

“These charges demonstrate the Justice Department’s commitment to preventing sensitive technology from falling into the hands of foreign adversaries, including Russia, China, and Iran,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “We will not tolerate those who would violate U.S. laws to allow authoritarian regimes and other hostile nations to use advanced technology to threaten U.S. national security and undermine democratic values around the world.”

“Protecting sensitive American technology – like source code for ‘smart’ automotive manufacturing equipment or items used to develop quantum cryptography – from being illegally acquired by our adversaries is why we stood up the Disruptive Technology Strike Force,” said Matthew S. Axelrod, Assistant Secretary for Export Enforcement at the Department of Commerce. “The Strike Force actions announced today reflect the core mission of our Export Enforcement team – keeping our country’s most sensitive technologies out of the world’s most dangerous hands.” 

“The theft of technology and trade secrets from U.S. companies is a threat to our economic and national security,” said Assistant Director Suzanne Turner of the FBI’s Counterintelligence Division. “The charges announced today aren’t the only instances of foreign adversaries trying to steal our technology. Combating the illegal transfer of technology is one of the FBI’s highest priorities, and we will continue to work with our federal partners, including the Department of Commerce, to investigate those who steal U.S. technology to ultimately use it in weapons that threaten us and our allies.”

“The protection of sensitive U.S. technologies has been and continues to be a top priority for HSI,” said Assistant Director James Mancuso of Homeland Security Investigations. “HSI and the partners of the Strike Force will ensure that the U.S. maintains its technologic edge to protect the economic and national security interests of the United States. The Strike Force will be relentless in its pursuit of bad actors that attempt the theft of any sensitive U.S. technologies.”

United States v. Bogonikolos, Eastern District of New York

A criminal complaint was unsealed today in federal court in Brooklyn charging Dr. Nikolaos “Nikos” Bogonikolos, 59, of Athens, Greece, with wire fraud conspiracy and smuggling. Bogonikolos was arrested in Paris on May 9 and remains in custody pending the resolution of extradition proceedings.

“As alleged, while ostensibly operating as a defense contractor for NATO and other ally countries, the defendant and his Aratos Group were double dealing, helping to fuel Russia’s war effort and their development of next generation weapons,” said U.S. Attorney Breon Peace for the Eastern District of New York. “Our office continues to work tirelessly to ensure that disruptive technologies do not fall into the wrong hands.”

As alleged in the complaint, the defendant headed the Aratos Group (Aratos), a collection of defense and technology companies in the Netherlands and Greece, which are both member countries of the North Atlantic Treaty Organization (NATO). According to Aratos’s website, the companies’ areas of expertise included space technologies, homeland security, blockchain, and counter-drone systems. One of Aratos’ subsidiaries, Aratos Systems BV, was a finalist in the NATO Innovation Challenge for space applications in 2021 for a proposal involving the use of artificial intelligence and blockchain technology for satellites and spacecraft. The defendant presented himself having experience advising the European Parliament and “governments worldwide,” and Aratos supplied defense equipment and related technologies to countries in the Middle East, Africa and Asia.  

However, as alleged in the complaint, since 2017 the defendant has been involved in smuggling U.S.-origin military and dual-use technologies to Russia in violation of U.S. law. These highly regulated and sensitive components included advanced electronics and sophisticated testing equipment used in military applications, including quantum cryptography and nuclear weapons testing, as well as tactical battlefield equipment. The defendant claimed that these items were to be used by Aratos, when in reality they were reshipped and sent to Russia in violation of U.S. law. Some of the Russian end users included nuclear and quantum research facilities, as well as Military Unit 33949, part of the Russian Foreign Intelligence Service, known as the SVR.

As described in the complaint, many of these orders were solicited by Serniya Engineering and Sertal LLC (the Serniya Network), Moscow-based companies that operate under the direction of Russian intelligence services. Following Russia’s invasion of Ukraine in February 2022, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) and the Department of Commerce (DOC) Bureau of Industry and Security (BIS) levied sanctions against Serniya, Sertal, and several individuals and companies used in the scheme, calling them “instrumental to the Russian Federation’s war machine.”

As alleged in the complaint, the defendant was recruited as a procurement agent for Russia in 2017. In an email message with a Serniya affiliate, on Dec. 27, 2017, the defendant was told to come to Moscow alone “since the agenda will be a very sensitive one.” Regarding one subsequent order, the defendant advised that he would falsify an export license, saying “I sign that the items are only for Netherlands ;) . . . Sensitive case . . . For the same reason I cannot press the [U.S.] supplier.” The defendant also signed several false end use statements and provided them to U.S. companies, certifying that Aratos was the end user of the requested items, that Aratos would not reexport the goods elsewhere, and that the goods would not be used for weapons development.

The FBI New York Field Office is investigating the case.

Assistant U.S. Attorney Artie McConnell and Trial Attorney Scott A. Claffee of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the case, with assistance provided by Litigation Analyst Ben Richmond.

The Justice Department’s Office of International Affairs provided valuable support to the investigation. The United States thanks French authorities for their assistance.

The investigation was also coordinated through the Justice Department’s Task Force KleptoCapture, an interagency law enforcement task force dedicated to enforcing sanctions, export controls and economic countermeasures imposed in response to Russia’s unprovoked military invasion of Ukraine. For more on the work of Task Force KleptoCapture, see here.

United States v. Besedin and Patsulya, District of Arizona

On May 11, two Russian nationals, Oleg Sergeyevich Patsulya and Vasilii Sergeyevich Besedin were arrested in the District of Arizona and charged via criminal complaint with conspiracy to violate the Export Control Reform Act (ECRA) and conspiracy to commit international money laundering.

The complaint alleges that Patsulya and Besedin, both of whom reside in Miami-Dade County, Florida, used their Florida limited liability company, MIC P&I, LLC, and worked with others to evade U.S. export laws and regulations to send aircraft parts to Russian airline companies. The complaint alleges that Patsulya and Besedin fielded requests for parts directly from the Russian airlines — many of which were already subject to increased export sanctions as a result of Russia’s further invasion of Ukraine — and then used intermediary companies and foreign bank accounts in third-party countries to mask the true identity of the customers and the source of payments. Patsulya and Besedin then approached aircraft parts suppliers in the United States, lied about who their customers were, and lied about where the parts would be going. In furtherance of their criminal conspiracy, Patsulya and Besedin traveled to the District of Arizona in September 2022 and attempted to purchase export-controlled aircraft brake systems from an Arizona aircraft parts supply company.

If convicted, the defendants face up to 20 years in prison for violating the ECRA and up to 20 years in prison for conspiring to commit international money laundering.

The BIS Phoenix Field Office and the FBI Phoenix Field Office are conducting the joint investigation. The BIS Boston Field Office, FBI Miami Field Office, HSI Phoenix Field Office, Customs and Border Protection-Phoenix Field Office, and the U.S. Marshals Office in Miami provided valuable assistance.

Assistant U.S. Attorneys Todd M. Allison and William G. Voit for the District of Arizona and Trial Attorney Christopher M. Rigali of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the case. The U.S. Attorney’s Office for the Southern District of Florida provided valuable assistance.

The investigation was also coordinated through the Justice Department’s Task Force KleptoCapture, an interagency law enforcement task force dedicated to enforcing sanctions, export controls and economic imposed in response to Russia’s unprovoked military invasion of Ukraine.

United States v. Li, Central District of California

A California man was arrested on May 6 in the Central District of California on criminal charges related to his alleged theft of sensitive technologies from his Southern California-based employers and use of them to market his own competing company to businesses in the PRC.

According to court documents, Liming Li, 64, of Rancho Cucamonga, stole trade secrets belonging to two of his former employers based in Southern California then used them to build his own competing business in China.

Li was arrested at Ontario International Airport on May 6 after arriving on a flight from Taiwan pursuant to a criminal complaint that charges him with theft of trade secrets. Since his arrest, Li has been in federal custody, and he has a detention hearing scheduled for May 22.

“Li stole thousands of files of sensitive technology that did not belong to him and used it to help foreign companies build competing technology – technology that could be used in the manufacture of nuclear submarines and military aircraft,” said U.S. Attorney Martin Estrada for the Central District of California. “Protecting our nation’s national security is paramount, and my office will aggressively investigate and prosecute those who misappropriate sensitive intellectual property to the benefit of foreign actors.”

According to an affidavit filed with the complaint, from 1996 to November 2019, Li worked in various engineering, management, and software development roles for two companies in Southern California software businesses. The companies are identified in court documents as “Company #1” and “Company #2.”

These software programs are related to high precision measurement studies interpretation and point cloud technology, which often are used in making 3D models. They can be used in various sensitive manufacturing contexts, including manufacturing parts for nuclear submarines and military aircraft, and are subject to U.S. export controls for national security, nuclear nonproliferation and anti-terrorism reasons. As a result of its military application, federal law mandates that this software cannot be exported to the PRC without a license from the Department of Commerce.

Li worked for Company #1 from 1996 to 2018 and then worked at Company #2 from 2018 until November 2019. Shortly before beginning his employment with the Company #2, Li and his wife established their own business, JSL Innovations, which was based out of their Rancho Cucamonga home.

After Company #2 terminated Li, company security discovered that Li was using his company-issued laptop to attempt to download files from Company #2’s root directory onto his personal external hard drive, according to the complaint affidavit. Company security searched Li’s company-issued laptop and found a folder labeled “ChinaGovernment.” That folder allegedly contained numerous documents showing Li’s efforts to participate in the PRC’s Thousand Talents Program and to use JSL Innovations to provide services and technology to PRC business and government entities related to the export-controlled and trade secret technology that Li took from his former employers in Southern California.

In March 2020, Li entered into an agreement with a PRC-based manufacturing company to serve as its chief technology officer. Li’s agreement with this employer required him to spend at least six months per year in the PRC.

Six months later, FBI agents executed a search warrant at Li’s home and found numerous digital devices containing millions of files belonging to Company #1 and Company #2 and containing the source code for those companies’ proprietary software, the complaint alleges. Although the source code files had been developed by and belonged to these companies, some of the files had been moved into folders labeled “JSL” or “JSL Projects.”

Both Company #1 and Company #2 derive significant value from the secrecy of their proprietary software source code and take extensive steps to protect the source code from discovery by competitors.

If convicted, Li faces a statutory maximum sentence of 10 years in federal prison.

The FBI is investigating this matter with substantial assistance from the Department of Commerce BIS.

Assistant U.S. Attorneys Solomon Kim of the Terrorism and Export Crimes Section; David Ryan, Chief of the Terrorism and Export Crimes Section; Aaron Frumkin of the Cyber and Intellectual Property Crime Section; and Trial Attorney Stephen Marzen of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the case.

United States v. Wang, Northern District of California

Today, a federal court in the Northern District of California unsealed an indictment of former Apple Incorporated (Apple) employee Weibao Wang, 35, formerly of Mountain View, California, for charges related to his alleged theft and attempted theft of trade secrets in connection with a scheme to access, download, and steal Apple technology related to autonomous systems.

According to the indictment, Apple hired Wang to work as a software engineer beginning in March 2016. The indictment describes how Wang signed a confidentiality agreement with Apple. The indictment further states that Apple provided Wang with in-person secrecy training that covered the appropriate handling of confidential material and established rules prohibiting the transfer and transmission of the company’s intellectual property without Apple’s consent. Wang was assigned to work with a team at Apple that designed and developed hardware and software for autonomous systems, which can have a variety of applications, such as self-driving cars.

According to the indictment, in November 2017, Wang signed a letter accepting an offer of full-time employment as a staff engineer with the U.S.-based subsidiary of a company headquartered in the PRC. The parent company is described in the indictment as “COMPANY ONE” and allegedly was working to develop self-driving cars. The indictment alleges Wang waited more than four months after signing the new employment agreement before informing Apple that he was resigning.

After Wang’s last day at Apple on April 16, 2018, Apple representatives reviewed access logs documenting historical activity on Apple’s network. Apple identified Wang as having accessed large amounts of sensitive proprietary and confidential information in the days leading up to his departure from Apple.

The indictment describes the June 27, 2018, search by law enforcement of Wang’s Mountain View residence and the discovery of large quantities of data taken from Apple prior to his departure. Wang was present during the search and told agents he had no plans to travel. Nevertheless, Wang purchased a one-way plane ticket from San Francisco International Airport to Guangzhou, China and boarded a flight that night.

The indictment describes six categories of trade secrets that Wang allegedly stole, or attempted to steal, and charges him with one count for each category.

Wang faces a maximum statutory sentence of 10 years in prison and a fine in the amount of $250,000 (or twice the gross gain or loss resulting from the scheme) for each count of theft or attempted theft of trade secrets. 

The FBI is investigating the case.

Assistant U.S. Attorneys Sloan Heffron and Marissa Harris for the Northern District of California are prosecuting the case. Within the National Security Division, this matter is being handled by Brendan Geary of the National Security Division’s Counterintelligence and Export Control Section.

United States v. Xiangjiang Qiao, Southern District of New York

Today, a federal court in the Southern District of New York unsealed an indictment charging Xiangjiang Qiao aka Joe Hansen, 39, of the People’s Republic of China with sanctions evasion, money laundering, and bank fraud offenses based on Qiao’s alleged participation in a scheme to use a sanctioned Chinese company to provide materials used in the production of WMDs to Iran, in exchange for payments made through the U.S. financial system. Qiao is at large in China.

“As alleged, Xiangjiang Qiao conspired to send isostatic graphite to Iran, in violation of U.S. sanctions. Isostatic graphite is a high-tech material used in the nose tips of intercontinental ballistic missiles,” said U.S. Attorney Damian Williams for the Southern District of New York. “The Iranian regime of terror and repression, and those who facilitate it, pose a grave threat to our national security. This office will continue to work relentlessly to bring to justice those who advance the interests of the Iranian regime and thereby threaten the safety and security of the American people.”

According to court documents, Qiao is a Chinese national and an employee of the China-based company Sinotech Dalian Carbon and Graphite Manufacturing Corporation (Sinotech Dalian). Sinotech Dalian is part of a network of Chinese companies involved in the proliferation of WMDs and that, in particular, provide assistance in the procurement of materials for Iran’s ballistic missile program. In 2014, OFAC sanctioned Sinotech Dalian, adding the company to OFAC’s SDN and Blocked Persons list, explaining that Sinotech Dalian is part of a network of China-based entities used to proliferate WMDs and, specifically, to aid Iranian ballistic missile procurement. Sinotech Dalian’s inclusion on the SDN list prohibits it from using the U.S. financial system to conduct transactions without authorization from OFAC. Qiao is an associate of Li Fangwei, aka Karl Lee, who managed the Sinotech Dalian network of companies and was charged in 2014 with sanctions evasion and other offenses based on his alleged illicit activities as a principal contributor to Iran’s ballistic missile program through China-based entities.

In willful violation of U.S. sanctions on Iran and Sinotech Dalian, between at least March 2019 and September 2022, Qiao participated in a scheme to use Sinotech Dalian, including through transactions involving the U.S. financial system, to supply isostatic graphite to Iran for the production of WMDs. Isostatic graphite is a type of graphite with an ultra-fine grain that is used in the manufacture of WMDs. In particular, isostatic graphite is used in the manufacture of rocket nozzles and reentry vehicle nose tips in intercontinental ballistic missiles. Qiao further took steps to conceal Sinotech Dalian’s involvement in the transaction by creating a bank account in the name of a front company to receive two transfers from a U.S. bank totaling over $15,000 as part of his efforts to facilitate the supply of isostatic graphite to Iran.

Qiao is charged with one count of conspiracy to violate U.S. sanctions against Iran and Sinotech Dalian, in violation of the International Emergency Economic Powers Act (IEEPA), which carries a maximum sentence of 20 years in prison; two counts of violating the IEEPA, which each carry a maximum sentence of 20 years in prison; one count of conspiracy to commit bank fraud, which carries a maximum sentence of 30 years in prison; two counts of attempted bank fraud, which each carry a maximum sentence of 30 years in prison; one count of conspiracy to commit money laundering, which carries a maximum sentence of 20 years in prison; and two counts of money laundering, which each carry a maximum sentence of 20 years in prison.

The FBI New York Field Office and Counterintelligence Division are investigating the case.

Assistant U.S. Attorneys Gillian S. Grossman and Nicholas S. Bradley for the Southern District of New York are prosecuting the case. Within the National Security Division, this matter is being handled by Trial Attorney S. Derek Shugert of the Counterintelligence and Export Control Section.

*   *   *

Today’s actions were coordinated through the Disruptive Technology Strike Force, an interagency law enforcement strike force co-led by the Departments of Justice and Commerce designed to target illicit actors, protect supply chains, and prevent critical technology from being acquired by authoritarian regimes and hostile nation-states. Under the leadership of the Assistant Attorney General for National Security and the Assistant Secretary of Commerce for Export Enforcement, the Strike Force leverages tools and authorities across the U.S. Government to enhance the criminal and administrative enforcement of export control laws.

An indictment, complaint or criminal information is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.