The indictment of alleged Chinese military hackers announced Monday illuminates the shadowy world of cyber theft and exacerbates the tense relations between China and the United States.
Capping a multi-year investigation that began in Pennsylvania and reached all the way to Datong Road in Shanghai, Justice Department officials charged five People’s Liberation Army officers with stealing secrets from U.S. nuclear power, solar power and steel companies, among others.
The stolen materials include emails, technical documents and financial spreadsheets, Justice Department officials say. The alleged corporate victims include some straight from the U.S. heartland, several of them blue chip symbols of American industry, such as Alcoa, U.S. Steel and Westinghouse Electric.
“When a foreign nation uses military or intelligence resources against an American executive or corporation to obtain trade secrets or sensitive business information for the benefit of its state-owned companies, we must say, ‘Enough is enough,’ ” Attorney General Eric Holder said at a news conference.
Chinese officials immediately denounced the indictments, formally issued May 1 by a Pittsburgh-based federal grand jury in the Western District of Pennsylvania.
“This U.S. move, which is based on fabricated facts, grossly violates the basic norms governing international relations and jeopardizes China-U.S. cooperation and mutual trust,” Foreign Ministry representative Qin Gang said in a statement.
The Foreign Ministry official further called the indictments “purely ungrounded and absurd” and declared that “the Chinese government, the Chinese military and their relevant personnel have never engaged or participated in cyber theft of trade secrets.”
In retaliation, the Chinese government said it was suspending its participation in a China-U.S. cyber working group. The working group was established in April 2013 after finger-pointing and complaints from both countries about cross-border hacking.
President Barack Obama has talked with Chinese President Xi Jinping about the U.S. concern over government-sponsored, cyber-enabled theft of trade secrets and business information for commercial gain. The two presidents discussed the issue as recently as March.
“We have consistently and candidly raised these concerns with the Chinese government, and today’s announcement reflects our growing concerns that this Chinese behavior has continued,” White House spokesman Jay Carney said.
Tip of the iceberg
More pointedly, though, the indictments exposed the tip of what many U.S. officials consider to be the cyber-war iceberg. The Republican and Democratic leaders of the House Intelligence Committee said Monday that “thousands of People’s Liberation Army [are] hackers working every day, at the behest of the Chinese government, to steal American trade secrets.”
The indictments of the five officers associated with a Shanghai-based military signal intelligence detachment known as Unit 61398 mark the first time criminal charges have been brought against known “state actors for infiltrating U.S. commercial targets by cyber means,” Holder said. All told, the officers face 31 criminal counts, including conspiring to commit computer fraud, economic espionage and theft of trade secrets.
The officers, purportedly known by such online aliases as “KandyGoo,” “Jack Sun” and “UglyGorilla,” will be brought to trial only if the Chinese government hands them over, which appears unlikely. Nonetheless, the FBI took pains Monday to publish “wanted” posters for each of the five, accompanied by color photographs.
“We hope we will be able to bring them to justice,” said John Carlin, assistant attorney general for national security. “We hope these individuals will come to face their charges in a U.S. courtroom.”
Early last year, the U.S. security company Mandiant reported that 140 U.S. and foreign companies had been the victims of cyber intrusions from a unit of the People’s Liberation Army.
Targeting trade secrets
The 48-page indictment spells out details of how the five Chinese officers are accused of used malicious software, called malware, as well as hacking techniques with names such as “spear phishing,” to swipe U.S. secrets.
Since at least 2006, Justice Department officials say, the Chinese officers targeted trade secrets at particularly sensitive times. The indictment alleges, for example, that while the suburban Pittsburgh-based Westinghouse Electric Co. was negotiating with a Chinese state-owned nuclear power company for construction of four power plants, a Chinese military officer finagled his way into the Westinghouse computer system.
From 2010 to 2011, according to the indictment, the Chinese officer stole technical and design specifications, as well as internal Westinghouse communications concerning the company’s strategy for doing business in China. Some of the stolen emails belonged to the CEO, officials say.
“Our future is being built every day by the innovation and effort of American workers and companies,” said Robert Anderson, executive assistant director of the FBI. “None of us can afford to watch it be stolen.”