there. i said it. they don't have pictures of my kids. they don't have my yoga mat. and still, i feel at home. could it be the flat screen tv? the not so mini fridge? ♪ the different free dinner almost every weeknight? or maybe, it's all of the above. and all the rest. am i home? nope. but it almost feels that way. homewood suites by hilton. be at home. listen up, after the close, radyon announced a secondary to get their balance sheet better. 30 million shares. yes, i think you should participate. i think that's a really good speculative stock and the deal will really help them. i promise to find a bull market for you somewhere. i'm jim cramer. and i will see you tomorrow. [ticking] >> for more than a decade, the

u.s. military establishment has treated cyberspace as a domain of conflict, where it would need the capability to fend off attack or launch its own. that time is here, because someone sabotaged a top secret nuclear installation in iran with nothing more than a long string of computer code. >> we have entered into a new phase of conflict in which we use a cyberweapon to create physical destruction. [ticking] >> viktor bout, in my eyes, is one of the most dangerous men on the face of the earth. >> on the face of the earth? >> without a doubt. >> which is why the u.s. government launched an elaborate international sting to nab viktor bout. what makes bout so dangerous? and how did d.e.a. agents eventually grab him? the answers in our story later. [ticking] this is what espionage looks like. the man driving the car is gregg bergersen.

he's a civilian analyst at the pentagon with one of the nation's highest security clearances. his companion is tai shen kuo, a spy for the people's republic of china. bergersen knew a secret that the chinese desperately wanted to know, and neither man knows that what they're about to do is being recorded by two cameras the fbi has concealed in their car. >> let you have the money. >> oh, oh. are you sure that that's okay? >> yeah, it's fine. >> welcome to 60 minutes on cnbc. i'm bob simon. in this edition, we turn our attention to some foreign intrigue. first, a story about a mysterious computer virus that struck an iranian nuclear plant. later, the report of how american agents hunted a notorious arms dealer. and finally, an account of a chinese-american spy trying to steal u.s. military secrets for

china. we begin with the story of stuxnet, a computer virus considered to be the world's first destructive cyberweapon. it was launched several years ago against an iranian nuclear facility, almost certainly with some u.s. involvement. but as steve kroft reported in march of 2012, the implications and possible consequences of this new kind of warfare are now being studied intensely. >> i do believe that the cyber threat will equal or surpass the threat from counter terrorism in the foreseeable future. >> there's a strong likelihood that the next pearl harbor that we confront could very well be a cyber attack. >> we will suffer a catastrophic cyber attack. the clock is ticking. >> and there's reason for concern. for more than a decade, the u.s. military establishment has treated cyberspace as a domain of conflict, where it would need the capability to

fend off attack or launch its own. that time is here, because someone sabotaged a top secret nuclear installation in iran with nothing more than a long string of computer code. >> we have entered into a new phase of conflict in which we use a cyberweapon to create physical destruction and, in this case, physical destruction in someone else's critical infrastructure. >> few people know more about the dark military art of cyberwar than retired general michael hayden. he's a former head of the national security agency and was cia director under george w. bush. he knows a lot more about the attack on iran than he can say here. >> this was a good idea, all right? but i also admit this was a really big idea too. the rest of the world is looking at this and saying, "clearly, someone has legitimated this kind of activity as acceptable international conduct." the whole world is watching.

>> the story of what we know about the stuxnet virus begins in june of 2010, when it was first detected and isolated by a tiny company in belarus after one of its clients in iran complained about a software glitch. within a month, a copy of the computer bug was being analyzed within a tight-knit community of computer security experts, and it immediately grabbed the attention of liam o murchu, an operations manager for symantec, one of the largest antivirus companies in the world. >> as soon as we saw it, we knew it was something completely different, and red flags started to go up straightaway. >> to begin with, stuxnet was incredibly complicated and sophisticated, beyond the cutting edge. it had been out in the wild for a year without drawing anyone's attention and seemed to spread by way of usb thumb drives, not over the internet. o murchu's job was to try and unlock its secrets and assess the threat for symantec's clients by figuring out what the

malicious software was engineered to do and who was behind it. how long was the stuxnet code? >> you're talking tens of thousands of lines of code, a very, very long project, very well written, very professionally written, and very difficult to analyze. >> unlike the millions of worms and viruses that turn up on the internet every year, this one was not trying to steal passwords, identities, or money. stuxnet appeared to be crawling around the world, computer by computer, looking for some sort of industrial operation that was using a specific piece of equipment, a siemens s7-300 programmable logic controller. >> this gray box here is essentially what runs factory floors. and you program this box to control your equipment. and you say, "turn on the conveyor belt. turn on the heater. turn on the cooler. shut the plant down." it's all contained in that box. and that's what stuxnet was looking for. it wanted to get its malicious

code onto that box. >> the programmable logic controller, or plc, is one of the most critical pieces of technology you've never heard of. they contain circuitry and software essential for modern life and control the machines that run traffic lights, assembly lines, oil and gas pipelines, not to mention water treatment facilities, electric companies, and nuclear power plants. >> and that was very worrying to us 'cause we thought it could've been a water treatment facility here in the u.s., or it could've been trying to take down electricity plants here in the u.s. >> the first breakthrough came when o murchu and his five-man team discovered that stuxnet was programmed to collect information every time it infected a computer and to send it on to two websites in denmark and malaysia. both had been registered with a stolen credit card, and the operators were nowhere to be found. but o murchu was able to monitor the communications. >> well, the first thing we did was, we looked at where the infections were occurring in the world, and we mapped them out.

and that's what we see here. we saw that 70% of the infections occurred in iran. that's very unusual for malware that we see. we don't normally see high infections in iran. >> please learn from stuxnet... >> two months later, ralph langner, a german expert on industrial control systems, added another piece of important information: stuxnet didn't attack every computer it infected. >> this whole virus is designed only to hit one specific target in the world. >> how could you tell that? >> it goes through a sequence of checks to actually determine if this is the right target. it's kind of a fingerprinting process, a process of probing if this is the target i'm looking for, and if not, it just leaves the controller alone. >> stuxnet wasn't just looking for a siemens controller that ran a factory floor. it was looking for a specific factory floor, with a specific type and configuration of equipment, including iranian components that weren't used

anywhere else in the world and variable speed motors that might be used to regulate spinning centrifuges, a fragile piece of equipment essential to the enrichment of uranium. and langner speculated publicly that stuxnet was out to sabotage iran's nuclear program. >> well, we knew at this time that the highest number of infections had been reported in iran, and second, it was pretty clear, just by looking at the sophistication, that there would be at least one nation-state behind this. you know, you just add one and one together. >> by the fall of 2010, the consensus was that iran's top secret uranium enrichment plant at natanz was the target and that stuxnet was a carefully constructed weapon designed to be carried into the plant on a corrupted laptop or thumb drive, then infect the system, disguise its presence, move through the network, changing computer code, and subtly alter the speed of

the centrifuges without the iranians ever noticing. sabotage by software. >> stuxnet's entire purpose is to control centrifuges, to make centrifuges speed up past what they're meant to spin at and to damage them. certainly it would damage the uranium enrichment facility, and they would need to be replaced. >> if the centrifuges were spinning too fast, wouldn't the operators at the plant know that? >> stuxnet was able to prevent the operators from seeing that on their screen. the operators would look at the screen to see what's happening with the centrifuges, and they wouldn't see that anything bad was happening. [ticking] >> coming up, the danger of cyber warfare. >> you don't need many billions. you just need a couple of millions. and this would buy you a decent cyber attack, for example, against the u.s. power grid. >> that's next when 60 minutes on cnbc continues. ♪ if loving you is wrong

♪ i don't wanna be right [ record scratch ] what?! it's not bad for you. it just tastes that way. [ female announcer ] honey nut cheerios cereal -- heart-healthy, whole grain oats. you can't go wrong loving it. ♪ [ male announcer ] how do you engineer a true automotive breakthrough? ♪ you give it bold new styling,

unsurpassed luxury and nearly 1,000 improvements. introducing the redesigned 2013 glk. see your authorized mercedes-benz dealer for exceptional offers through mercedes-benz financial services.

>> it now seems likely that by the time liam o murchu and ralph langner finally unraveled the mystery in november of 2010, stuxnet had already accomplished at least part of its mission. months before the virus was first detected, inspectors from the international atomic energy agency had begun to notice that iran was having serious problems with its centrifuges at natanz. >> what we know is that an iaea report said that 1,000 to 2,000 centrifuges were removed from natanz for unknown reasons. and we know that stuxnet targets 1,000 centrifuges. so from that, people are drawn to the conclusion, "well, stuxnet got in and succeeded." that's the only evidence that we have. >> the only information that's not classified. >> yes. >> and there are lots of things about stuxnet that are still top secret. who was behind it? >> what we do know is that this was a very large operation. you're really looking at a

government agency from some country who is politically motivated and who has the insider information from a uranium enrichment facility that would facilitate building a threat like this. >> an intelligence agency, probably. >> probably. >> we know from reverse engineering the attack codes that the attackers have full-- and i mean this literally-- full tactical knowledge of every damn detail of this plant. so you could say, in a way, they know the plant better than the iranian operator. >> we wanted to know what retired general michael hayden had to say about all this, since he was the cia director at the time stuxnet would have been developed. you left the cia in 2009? >> 2009, right. >> does it surprise you that this happened? >> you need to separate my experience at cia with your question, all right? >> right. you can't talk about the cia. >> no, and i don't even want to suggest what may have been on the horizon or not on the horizon, or anything like that. >> right. if you look at the countries that have the capability of

designing something like stuxnet and you take a look at the countries that would have a motive for trying to destroy natanz-- >> where do those two sets intersect? >> you're pretty much left with the united states and israel. >> well, yes, but there is no good with someone of my background even speculating on that question, so i won't. >> iran's president, mahmoud ahmadinejad, shown here at natanz in 2008, blamed the cyber attack on enemies of the state and downplayed the damage. both the u.s. and israel maintain that it set back the iranian program by several years. what's impossible to know is how much damage the attackers might have inflicted if the virus had gone undetected and not been exposed by computer security companies trying to protect their customers. >> they planned to stay in that plant for many years and to do the whole attack in a completely covert manner, that anytime a centrifuge would

break, the operators would think, "this is, again, a technical problem that we have experienced," for example, "because of poor quality of these centrifuges that we are using." >> we had a good idea that this was a blown operation, something that was never meant to be seen. it was never meant to come to the public's attention. >> you say blown, meaning? >> if you're running an operation like this to sabotage a uranium enrichment facility, you don't want the code uncovered. you want it kept secret, and you want it just to keep working, stay undercover, do its damage and disappear, and hopefully nobody would ever see it. >> do you think this was a blown operation? >> no, not at all. i think it's an incredibly sophisticated operation. >> but general hayden did acknowledge that there are all sorts of potential problems and possible consequences that come with this new form of warfare. >> when you use a physical weapon, it destroys itself, in addition to the target, if it's used properly. a cyberweapon doesn't.

so there are those out there who can take a look at this, study it, and maybe even attempt to turn it to their own purposes. >> such as launching a cyber attack against critical infrastructure here in the united states. until the fall of 2011, sean mcgurk was in charge of protecting it, as head of cyber defense at the department of homeland security. he believes that stuxnet has given countries like russia and china, not to mention terrorist groups and gangs of cybercriminals for hire, a textbook on how to attack key u.s. installations. >> you can download the actual source code of stuxnet now and you can repurpose it and repackage it and then, you know, point it back towards wherever it came from. >> sounds a little bit like pandora's box. >> yes. >> whoever launched this attack-- >> they opened up the box. they demonstrated the capability. they showed the ability and the desire to do so, and it's not something that can be put back. >> if somebody in the government

had come to you and said, "look, we're thinking about doing this. what do you think?" what would you have told them? >> i would have strongly cautioned them against it because of the unintended consequences of releasing such a code. >> meaning that other people could use it against you? >> yes. >> or use their own version of the code. >> something similar. son of stuxnet, if you will. >> as a result, what was once abstract theory has now become a distinct possibility. if you can do this to an uranium enrichment plant, why couldn't you do it to a nuclear power reactor in the united states or an electric company? >> you could do that to those facilities. it's not easy. it's a difficult task, and that's why stuxnet was so sophisticated, but it could be done. >> you don't need many billions. you just need a couple of millions. and this would buy you a decent cyber attack, for example, against the u.s. power grid. >> if you were a terrorist group or a failed nation-state and you had a couple of million dollars,

where would you go to find the people that knew how to do this? >> on the internet. >> they're out there? >> sure. >> most of the nation's critical infrastructure is privately owned and extremely vulnerable to a highly sophisticated cyberweapon like stuxnet. >> i can't think of another area in homeland security where the threat is greater and we've done less. >> after several failures, congress is once again trying to pass the nation's first cybersecurity law. and once again, there is fierce debate over whether the federal government should be allowed to require the owners of critical infrastructure to improve the security of their computer networks. whatever the outcome, no one can say the nation hasn't been warned. >> since the story first aired, new information about stuxnet has been revealed. according to the new york times, stuxnet was part of a secret u.s.-israeli operation hatched

during the bush administration and accelerated under president obama. according to the report, the operation was code-named "olympic games." [ticking] coming up: american agents track the world's most notorious arms dealer. >> he's arming not only designated terrorist groups, insurgent groups, but he's also arming very powerful drug trafficking cartels around the globe. >> the "merchant of death," when 60 minutes on cnbc returns. [ticking] ♪

[ male announcer ] when we built the cadillac ats from the ground up to be the world's best sport sedan... ♪ ...people noticed. ♪ the all-new cadillac ats -- 2013 north american car of the year. ♪ for a limited time, take advantage of this exceptional offer on the all-new cadillac ats.

exceptional offer living with moderate to semeans living with pain.is it could also mean living with joint damage. humira, adalimumab, can help treat more than just the pain. for many adults, humira is clinically proven to help relieve pain and stop further joint damage. humira can lower your ability to fight infections, including tuberculosis. serious, sometimes fatal events, such as infections, lymphoma, or other types of cancer, have happened. blood, liver and nervous system problems, serious allergic reactions, and new or worsening heart failure have occurred. before starting humira, your doctor should test you for tb. ask your doctor if you live in or have been to a region where certain fungal infections are common. tell your doctor if you have had tb, hepatitis b, are prone to infections or have symptoms such as fever, fatigue, cough, or sores. you should not start humira if you have any kind of infection. ask your rheumatologist about humira, to help relieve your pain and stop further joint damage.

revolutionizing an industry can be a tough act to follow, but at xerox we've embraced a new role. working behind the scenes to provide companies with services... like helping hr departments manage benefits and pensions for over 11 million employees. reducing document costs by up to 30%... and processing $421 billion dollars in accounts payables each year. helping thousands of companies simplify how work gets done. how's that for an encore? with xerox, you're ready for real business. [ticking]

>> viktor bout was an illusive international arms dealer known to law enforcement officials as the "merchant of death." according to the d.e.a., he sold weapons to insurgent groups, terrorists, and warring factions around the world. bout was thought to be uncatchable, but as cbs news correspondent armen keteyian reported in 2010, that didn't stop the d.e.a. from trying. >> viktor bout, in my eyes, is one of the most dangerous men on the face of the earth. >> on the face of the earth? >> without a doubt. >> mike braun, the former chief of operations for the u.s. drug enforcement administration, told us bout first exploded on the scene in war-torn west africa in the late 1980s, elevating bloody conflicts from machetes and single shot rifles to... >> ak-47s, not by the thousands, but by the tens of thousands. >> so he weaponizes civil war in africa.

>> he transformed these young adolescent warriors into insidious, mindless, maniacally driven killing machines that operated with assembly line efficiencies. >> bout, from the soviet republic of tajikistan, is a mystery man who reportedly served in the soviet air force and intelligence service. the u.s. has indicted him on four terror-related charges, including conspiracy to kill americans. what makes him a threat to the united states? he is a shadow facilitator. he's arming not only designated terrorist groups, insurgent groups, but he's also arming very powerful drug trafficking cartels around the globe. >> taking advantage of russian military contacts at the highest levels and the collapse of the soviet union, federal prosecutors allege bout essentially became a one-stop shop, offering an unlimited supply of stockpiled cold war weapons to bad guys around the world, including charles taylor

of liberia, who was later convicted of war crimes. according to the u.s. indictment, bout had a unique selling point when it came to weapons trafficking: a fleet of cargo airplanes capable of transporting weapons and military equipment anytime, anywhere. more than 60 planes in all, his own private air force. >> those russian aircraft were built like flying dump trucks. he could move this stuff and drop it with pinpoint accuracy to any desert, to any jungle, to any other remote place in the world, right into the hands of what i refer to as the potpourri of global scum. >> by the late 1990s, bout was a legend in the shadowy world of illicit arms dealing, so illusive that the only two pictures that surfaced of him back then were taken without bout's knowledge by a belgian photographer. later, bout became the inspiration behind the nicolas cage character in the movie lord of war. >> i was an equal opportunity

merchant of death. i supplied every army but the salvation army. >> u.s. treasury documents reveal a bout empire so sophisticated, so complex-- hidden behind a thick curtain of front companies-- that even the u.s. government unwittingly contracted with two of his companies to deliver supplies to u.s. troops in iraq. >> juan zarate, deputy national security advisor in the second bush white house and a cbs news consultant, told us hiring bout was a mistake. >> this was one of the grave complications for the united states. viktor bout's tentacles reached so far and so deep that he had access to planes that could provide services for the u.s. government. >> zarate admitted the u.s. could do business with bout, but it couldn't catch him. >> i had always thought of viktor bout as untouchable. and i also, frankly, didn't think that anyone could get to him. >> a challenge zarate from the white house threw out at a

meeting with mike braun and his d.e.a. team. the d.e.a. had just pulled off a string of extraordinarily successful captures of high-value terrorism targets around the world, like afghan drug lords. >> d.e.a. agents live for the hunt. >> but, mike, no one had even gotten a sniff on this guy. >> let me tell you something, armen, when i'm sitting there next to juan and my guys are sitting across the table from him--the very best that our government's got to offer--and he tosses this out on the table, and i look at him in the eyes and they're looking back at me, like, "we'll do this. we can do this." >> but it was about a 5% chance in the back of my mind. and so, you know, i wished them well, and i went back to the white house. >> mike braun's thinking 95%, okay. 5 and 95 make 100. he was going down. he was in our crosshairs. [ticking] >> coming up: the sting hits a possible snag. >> the thought did cross my mind

that something really bad is gonna happen to him right here. >> that story when 60 minutes on cnbc returns. [ticking] i've always had to keep my eye on her... but, i didn't always watch out for myself. with so much noise about health care... i tuned it all out. with unitedhealthcare, i get information that matters... my individual health profile. not random statistics. they even reward me for addressing my health risks. so i'm doing fine... but she's still going to give me a heart attack. we're more than 78,000 people looking out for more than 70 million americans. that's health in numbers. unitedhealthcare.

[ man ] i've been out there most of my life. you name it...i've hooked it. but there's one... one that's always eluded me. thought i had it in the blizzard of '93. ha! never even came close. sometimes, i actually think it's mocking me. [ engine revs ] what?! quattro!!!!! ♪ quattro!!!!! ♪

♪ no two people have the same financial goals. pnc works with you to understand yours and help plan for your retirement. visit a branch or call now for your personal retirement review.

[ticking] >> the d.e.a. supervisor in charge of the hunt for arms dealer viktor bout was louis milione. >> we felt that we could create a scenario that would pull him in. >> the plan was to pull bout out of moscow with a huge arms deal he couldn't refuse. to do that, the d.e.a. hired an undercover agent to contact a trusted associate of bout's named andrew smulian. the d.e.a. operative said he had a big business deal for bout. i'm thinking in terms of

fishing here. it's almost like you've thrown the line in the water. there's a little bit of bait. this is a business proposition, and you're waiting to see if anything comes back with a nibble. >> we're really waiting to see-- yeah, exactly--what smulian says and, you know, what he says about bout. >> and as it comes back, "spoke to boris. anything possible with farming equipment?" >> that's correct. >> "boris" was code for bout, "farming equipment" for weapons. that exchange led to the island of curacao, a few hundred miles off the coast of colombia. it was here that bout's buddy, andrew smulian, would first meet the two d.e.a. undercover operatives posing as officials in the colombian rebel terrorist group known as the farc. >> the two fake rebels, eduardo and el comandante, would say they want to buy millions of dollars' worth of weapons to fight the colombian army and the u.s. military pilots protecting them. smulian has to believe that eduardo and el comandante are

real. >> right, if smulian doesn't believe it, we're done, and, uh--and we go home. >> the meeting is about to take place. what's your temperature like? >> oh, your heart rate is up a little bit, and your adrenaline's going a little bit. you have butterflies. >> emotions that only escalated when, at this hotel in curacao, the fake rebels tell smulian, bout's buddy, they want to spend $12 million on everything from sniper rifles to surface-to-air missiles. >> he bites off on it. in fact, he eats the whole thing whole. so it was very successful. >> so successful, smulian immediately flew to moscow to present the deal to boris, the man the d.e.a. believes is bout. two weeks later, in another meeting, this time in copenhagen, smulian told the d.e.a. operatives that his russian business partner really liked the deal, and then he revealed who that man in moscow really is. >> "do you know who this man is that we're getting the weapons from? this is bout. b-o-u-t.

he's wanted by the world. they call him the 'merchant of death.'" >> b-o-u-t. >> yeah, he spelled it out for him. we marveled that smulian would do that, but it was just great evidence. >> the d.e.a. was in the game, but bout was still safe and secure in russia and reluctant to leave. the d.e.a. undercovers insisted they couldn't go to moscow but had to meet bout to seal the deal. >> and bout's gonna know that that's how these deals are gonna work. comandante is not going to release these millions of dollars for these weapons to anybody until he at least shakes hands, talks, looks bout in the eye, and then we can move on. that's how we countered, and bout went for it. >> next stop, romania, just three days later. the play was to entice bout to bucharest, claiming that's where the money was stashed to pay for the weapons. bout said he'd come, but then he had trouble getting a visa. the case stalled. after ten days of waiting for bout, the top d.e.a. agent made a gutsy call to walk away.

so you've been chasing this guy hard for two months. you almost got him, and you got to make the decision to step away from the table. >> if we were real, we wouldn't stay there forever. we're gonna now step away and say, "look we need to take care of some other things, but it's time for us to leave." >> over the next two weeks, milione came up with a new plan to reel bout in. the phony rebels told bout they would be in bangkok soon. asked if he could get there, bout agreed. the morning bout arrived in bangkok, the d.e.a. and thai police had gathered downtown, waiting for word from cops at the airport that the "merchant of death" had landed. >> they call us in the room and they tell us that he's here. >> what was the moment like there? >> it was just unbelievable, because we knew--at that point, you know you're kind of, like, holding on as you climb up the mountain at different points in the investigation. this was one where at that point, i believed, and the other investigators believed, not only are we in the game, he shows up

at this meeting, we've got him. he's gonna be arrested. >> bout drove to this hotel and met the two fake arms buyers in a conference room on the 27th floor. here, the d.e.a.'s undercover team told bout they want his weapons to kill americans. >> the comandante and eduardo make it very clear. they said, "we're fighting against the united states." bout responds and says, "look, they're after me too." he said, "but we are together in this. they are my enemy also." eduardo and comandante talk about how they want sniper sights for the rifles that they have so that they could, "start blowing the heads off american pilots." bout's response immediately is, "yes." >> then the d.e.a. said bout jotted down on these pages what he intended to deliver for $12 million, including between 700 and 800 surface-to-air missiles. >> 5,000 ak-47s, antipersonnel mines, fragmentation grenades, armor piercing rockets, money laundering services,

and all within the context of speaking about a shared ideology of communism and fighting against the americans. >> after two hours, one of the d.e.a. undercovers made a call, a signal it was time to move in. within minutes, the thai police and d.e.a. agents burst into the room. >> we see bout across the far end of, like, a boardroom type table, standing up with his hands inside his briefcase, and they give him the command to put his hands up, and he hesitates. and they immediately focused in with their weapons and gave him the command again. >> are you thinking, "we've come all this way to see viktor bout shot by a thai policeman"? >> the thought did cross my mind that something really bad is gonna happen to him right here, but then he complied. >> it turned out there was no weapon in the briefcase. the disarming of viktor bout was now officially complete. >> the thais cuff him. he's taken into custody. smulian's taken into custody. >> does bout say anything? >> "the game is over," or something like that.

>> "the game is over." >> right. >> but then a new game began: bout became the center of a legal tug-of-war between the u.s. and russia, which wanted him released back to moscow. bout and the russians managed to delay his extradition to america for more than 2 1/2 years. but on november 16, 2010, after a sting that played out on three continents, the d.e.a. finally got their man. when bout rode under tight security in a convoy to jail in manhattan, riding right along with him was louis milione. this is the "lord of war," the "merchant of death." >> right. >> and you've got him in your hands. >> right, he's in custody. it's a great feeling. it's an absolutely great feeling. >> bout's trial in new york was swift: only three weeks. the jury convicted him of conspiracy to sell weapons to men he believed were colombian terrorists intent on killing americans. in april of 2012, viktor bout

was sentenced to 25 years in prison. [ticking] coming up next: what espionage looks like. >> let you take the money. >> oh, oh. are you sure that that's okay? >> yeah, yeah, fine. >> you're sure? >> stealing america's secrets, when 60 minutes on cnbc returns. [ticking] [ whirring ]

[ creaking ] [ male announcer ] trophies and awards lift you up. but they can also hold you back. unless you ask, what's next? [ zapping ] [ clang ] this is the next level of performance. the next level of innovation. the next rx. the f sport. this is the pursuit of perfection. mallon brothers magic? watch this -- alakazam! ♪ [ male announcer ] staples has always made getting office supplies easy. ♪ another laptop? don't ask. disappear! abracadabra! alakazam!

[ male announcer ] and now we're making it easier to get everything for your business. and for my greatest trick! enough! [ male announcer ] because whatever you need, we'll have it or find it, and get it to you fast. staples. that was easy. all right that's a fifth-floor andprobleok.. you fast. not in my house! ha ha ha! ha ha ha! no no no! not today! ha ha ha! ha ha ha! jimmy how happy are folks who save hundreds of dollars switching to geico? happier than dikembe mutumbo blocking a shot. get happy. get geico. fifteen minutes could save you fifteen percent or more.

[ticking]

>> this is a case of two guys who didn't set out to be spies, but it turned out that way, at least partly, because of money: one, a chinese-american businessman, the other, a pentagon analyst. the fbi discovered the analyst was planning to pass classified information to china and installed hidden cameras in their car. and as scott pelley reported in 2010, the two spies were caught red-handed. >> there's a nice thai restaurant out there. >> oh, okay. >> this is what espionage looks like. the man driving the car is gregg bergersen. he's a civilian analyst at the pentagon with one of the nation's highest security clearances. his companion is tai shen kuo, a spy for the people's republic of china. this is kuo in an fbi surveillance photo. he was born in taiwan, but he's a naturalized american citizen who owns a number of businesses in louisiana.

and this is bergersen, who worked at the pentagon's defense security cooperation agency, which manages weapons sales to u.s. allies. bergersen knew a secret that the chinese desperately wanted to know: what kind of weapons was america planning to sell to taiwan, the rebellious chinese island that mainland china wants to reclaim. it's july 2007. they're driving outside washington, and neither man knows that what they are about to do is being recorded by two cameras the fbi has concealed in their car. >> i'll just give you-- let you have the money. >> oh, oh. are you sure that that's okay? >> yeah, yeah, fine. >> you're sure? >> we watched the tape with john slattery, the fbi agent at headquarters who oversaw the case. he retired as a deputy assistant director. what's happening there? >> information has been passed prior, and this is reward for

that, or there is expectation that passage of information is forthcoming. so that's what's happening right here. >> how much money is he holding in his hand? >> i think we're probably looking at about $2,000 thereabouts. >> tai shen kuo's money and contacts came to the fbi's attention while the bureau was investigating a different chinese espionage case. they followed him, tapped his phone, watched his email, and all of that led to bergersen. in the car, the pentagon employee and chinese spy were plotting the handover of secret documents that listed future weapons sales to taiwan and details of a taiwanese military communications system. >> i'm very, very, very, very reticent to let you have it because it's all classified, but i will let you see it, and you can take all the notes you want, which i think you can do today.

but if it ever fell into the wrong hands--and i know it's not going to--but if it ever was-- >> okay, that's fair. >> then i would be fired for sure. i'd go to jail, because i violated all the rules. >> when it comes to espionage against the united states, is china now the number one threat that we face? >> i would be hard-pressed to say whether it's the chinese or it's the russians, but they're one, two, or two, one. >> michelle van cleave was america's top counterintelligence officer. working for the director of national intelligence, she was in charge of coordinating the hunt for foreign spies from 2003 to 2006. >> the chinese are the biggest problem we have with respect to the level of effort that they're devoting against us versus the level of attention we are giving to them. >> the chinese have stolen technology used in the space shuttle and in submarine

propulsion systems. in the late 1990s, a congressional commission found that china now holds the most closely guarded secrets america had. >> we learned, and the cox commission reported, that the chinese had acquired the design information for all u.s. thermonuclear weapons currently in our inventory. >> make sure i understand. the chinese are in possession today of the designs of all of our nuclear weapons? >> yes. >> how did they get that? >> the questions of how they acquired it remain, to some extent, unknown. >> how the u.s. lost its atomic secrets may be unknown, but there are fewer mysteries in the case of tai shen kuo and gregg bergersen. the fbi says that kuo wanted to expand his louisiana businesses into china, and when he sought permission

from beijing, the chinese asked for a few favors for their intelligence service. the $2,000 was only part of kuo's development of bergersen. kuo wined and dined his spy, and bergersen seemed to have an appetite for espionage. at one dinner, kuo's tab came to $710. and the day of the ride, kuo brought a box of expensive cigars. all the while, kuo lied to bergersen, telling him that the information was being passed to taiwan, the u.s. ally. does that make any difference in the law, whether you're spying for a hostile government or a friendly one? >> of course not. classified information's not allowed to be passed without, you know, certain approvals, to any foreign government. >> but i think when you see the information, you can get out of it what you need. [ticking] >> coming up: what information does chinese intelligence want?

>> for example, what president obama thinks right now. >> they want to know what president obama thinks. >> yes. >> that and more, when 60 minutes on cnbc returns. [ticking] [ male announcer ] you are a business pro. omnipotent of opportunity. you know how to mix business... with business. and you...rent from national. because only national lets you choose any car in the aisle. and go. you can even take a full-size or above. and still pay the mid-size price. i could get used to this. [ male announcer ] yes, you could business pro.

yes, you could. go national. go like a pro. yes, you could. we replaced people with a machine.r, what? customers didn't like it. so why do banks do it? hello? hello?! if your bank doesn't let you talk to a real person 24/7, you need an ally. hello?

ally bank. your money needs an ally. a body at rest tends to stay at rest... while a body in motion tends to stay in motion. staying active can actually ease arthritis symptoms. but if you have arthritis, staying active can be difficult. prescription celebrex can help relieve arthritis pain so your body can stay in motion. because just one 200mg celebrex a day can provide 24 hour relief for many with arthritis pain and inflammation. plus, in clinical studies, celebrex is proven to improve daily physical function so moving is easier. celebrex can be taken with or without food. and it's not a narcotic. you and your doctor should balance the benefits with the risks. all prescription nsaids, like celebrex, ibuprofen, naproxen and meloxicam have the same cardiovascular warning. they all may increase the chance of heart attack or stroke, which can lead to death. this chance increases if you have heart disease or risk factors such as high blood pressure or when nsaids are taken for long periods.

nsaids, including celebrex, increase the chance of serious skin or allergic reactions or stomach and intestine problems, such as bleeding and ulcers, which can occur without warning and may cause death. patients also taking aspirin and the elderly are at increased risk for stomach bleeding and ulcers. do not take celebrex if you've had an asthma attack, hives, or other allergies to aspirin, nsaids or sulfonamides. get help right away if you have swelling of the face or throat, or trouble breathing. tell your doctor your medical history. and find an arthritis treatment for you. visit celebrex.com and ask your doctor about celebrex. for a body in motion.

[ticking] >> the recruitment of pentagon analyst gregg bergersen by chinese intelligence has a familiar ring to fengzhi li. li recruited spies for china as an officer of the ministry of state security. the mss is their cia. give me a sense of all the different ways you would persuade someone to spy for china? >> that will be a long story. >> i've got time. >> oh, okay. >> in our interview, li switched between english and mandarin. he worked for chinese intelligence 14 years, recruiting spies in russia. he is now seeking political asylum in the u.s. >> [speaking mandarin] >> male translator: let me say this. intelligence work is different from other kind of work. when i target 100 people, even if 99 people have refused me, if there is one i

persuade... >> that's enough. >> that's enough. >> mm-hmm. yeah. >> li told us that he recruited spies through blackmail and sometimes greed, especially if someone wanted to do business in china. once, he says his agents recruited the official photographer for a european head of state that he still won't name. would you say the mss spends most of its effort on the united states? >> [speaking mandarin] >> definitely. without a doubt. >> what would some examples be of the kind of information that mss was interested in getting a hold of? >> for example, what president obama thinks right now. >> they want to know what president obama thinks. >> yes. >> if you make me part of the owner... >> thanks to gregg bergersen, the chinese were about to find out just what sort of weapons america intended to sell to taiwan. the day of that car ride, bergersen drove kuo and the secret documents to a restaurant

outside washington, d.c. inside the restaurant, kuo copied the secrets by hand. out in the parking lot, bergersen waited with a glass of wine, one of those cigars, and the fbi in tow. as they left, bergersen just couldn't stop talking. >> but i will be very careful to keep my tracks clean and no fingerprints. just like these documents-- no fingerprints. i can't afford to lose my job. >> later, kuo left the u.s. for beijing. but while he waited for his flight, federal agents got into his bags, photocopied his handwritten notes, and put them back. kuo's notes matched the secret document on the right. but john slattery, who oversaw the case for the fbi, told us the bureau didn't make arrests until six months later. but, i mean, this is drop-dead evidence. an espionage is occurring.

why didn't you arrest them sooner than that? >> well, these investigations are tremendously complex and tremendously difficult to begin with. >> the department of defense wants you to stop it right away. >> please, sooner than later, but the fbi says, "well, listen, we want to make sure we can sustain a conviction here. and are there other players in this?" >> it turns out there were other players. kuo had another source inside the pentagon, and kuo was connected to spies on the west coast who were giving up u.s. space and naval technology. presumably, the u.s. is doing the same kind of spying in china, but michelle van cleave says america has so much more to lose. >> i think we're a real candy store for the chinese and for others in terms of technology and commercial products or other proprietary information, and so we will always be the principal target for them. >> what is the most serious damage that ches