The US Justice Department filed charges against five individuals in
the Chinese military, accusing them of hacking into five U.S. steel,
solar and nuclear companies and a labor organization for trade secrets
and other information.
The indictment, unsealed Monday, marks the first time the U.S.
government has publicly accused employees of a foreign power with
cybercrimes against U.S. firms and represents a major escalation of the
fight with China over such intrusions. U.S. government officials have
long complained that China aggressively targets U.S. companies for trade
secrets that would give Chinese companies a competitive advantage--a
charge China has denied, saying such accusations have no basis in fact.
"The range of trade secrets and other sensitive business
information stolen in this case is significant and demands an aggressive
response," Attorney General Eric Holder said. "Success in the global
market place should be based solely on a company's ability to innovate
and compete, not on a sponsor government's
ability to spy and steal
business secrets."
The U.S. said five officers in Unit 61398 of the People's
Liberation Army in Shanghai engaged in espionage
by hacking into five
U.S. companies and a labor union in the steel, solar and nuclear power
industries. Authorities said the individuals were attempting to gain
access to "trade secrets" and other information that would help the
Chinese compete and gain advantage at key moments, such as during
negotiations to build a nuclear power plant in China or during trade
talks.
China's Foreign Ministry reacted angrily to the indictment, calling
its allegations groundless and demanding its withdrawal. "This US move,
which is based on fabricated facts, grossly violates the basic norms
governing international relations and jeopardizes China-US cooperation
and mutual trust," spokesman Qin Gang said in a statement posted to the
ministry's website. Mr. Qin said, "The Chinese government, the Chinese
military and their relevant personnel have never engaged or participated
in cyber theft of trade secrets. The U.S. accusation against Chinese
personnel is purely ungrounded and absurd."
Mr. Qin said that "China is a victim of severe U.S. cybertheft,
wiretapping and surveillance activities." In a reference to disclosures
by former National Security Agency contractor Edward Snowden, Mr. Qin
said that "publicly disclosed information" showed that the U.S. has
targeted Chinese government departments, institutions, companies,
universities and individuals.
Underscoring Beijing's anger, Mr. Qin announced that it is
suspending participation in a U.S.-China working group on cybersecurity,
announced in April 2013 by Secretary of State John Kerry and Chinese
Foreign Minister Wang Yi.
U.S. officials signaled that the charges marked the beginning of a
new, more aggressive approach to Chinese economic cyberespionage.
"Diplomatic efforts and public exposure have failed to curtail
these activities," said Robert Anderson, the Federal Bureau of
Investigation executive who runs the divisions that oversee criminal and
cyber investigations.
Monday's action, he said, "clears the way to additional charges to be made."
"This is the new normal," he said. "This is what you're going to see on a recurring basis."
The suspects were allegedly part of a group that hacked into U.S.
systems to obtain information about 1,753 computers at U.S. Steel Corp.,
piping systems for nuclear power plants from Westinghouse Electric Co.,
and cost and pricing information from a solar panel firm. A U.S. Steel
Corp. spokesperson said it was referring all questions to the Justice
Department for now.
Another company, Allegheny Technologies Inc., a specialty metals
manufacturer, had its network credentials for thousands of employees
stolen, according to U.S. officials. The hacking allegedly took place
from 2010 to 2012.
Allegheny Technology was aware of the indictment but "we're not
going to comment," at least for now, said Dan Greenfield, vice president
for investor relations and communications at the company.
The hackers also targeted Alcoa Inc. executives, and were able to
steal at least 2,907 emails and roughly 863 attachments from that
company's computer system, the indictment charges.
Alcoa Inc. spokeswoman Monica Orbe said, "to our knowledge, no
material information was compromised during this incident which occurred
several years ago. Safeguarding our data is a top priority for Alcoa
and we continue to invest resources to protect our systems."
The group also allegedly hacked into employee email accounts for
officials at a union of manufacturing and energy workers, according to
the indictment. The union, the United Steel, Paper and Forestry, Rubber,
Manufacturing, Energy, Allied Industrial and Service Workers
International Union, also known as USW, had long criticized Chinese
trade practices.
United Steelworkers President Leo Gerard is meeting with lawyers to
discuss the hacking Monday morning, and a USW statement will be
released later in the day, a union official said. "We think it's pretty
ludicrous the Chinese government is bothering to spy on us, given our
skill with computers," the official said. "We don't have any secrets, we
just think trade laws should be enforced fairly."
SolarWorld Industries American Inc., a unit of SolarWorld AG, said
it was "deeply troubled" by the allegations of hacking. A spokesman said
SolarWorld had tightened its information-technology security and that
"no databases of employee or customer information were breached."
Falling prices for solar-energy materials have pushed dozens of
U.S. and European producers into bankruptcy in recent years and sparked
trade disputes among China, the U.S. and the European Union. In 2012,
responding to a complaint from SolarWorld, the U.S. Commerce Department
imposed tariffs on Chinese-made solar cells after determining that
Chinese companies had dumped such products in the U.S. at unfairly low
prices.
The indictment was handed up by a grand jury in Pittsburgh, a city close to many of the U.S. firms targeted.
The five individuals named in the indictment unsealed Monday are
Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui, with
conspiracy to commit computer fraud and abuse.
In an unusual move, prosecutors also released photos of the
suspects, including one man in military uniform. The release of the
photographs points to one of the factors that make the case unique: It
is highly unlikely China will turn the suspects over to the U.S. for
prosecution, so the indictment may act instead as a public effort to
name and shame the suspects.
The move was long-planned, dating back at least a year as the Obama
administration was searching for more punitive measures to take against
Chinese hackers.
In the first months of last year, the administration ratcheted up
the public pressure in China to cease its cyberespionage against U.S.
companies. Behind the scenes prosecutors were poring over Chinese
hacking cases to find the ones they thought could withstand the most
public scrutiny--and whose exposure wouldn't damage the U.S. company.
Companies are often reluctant to acknowledge hacking incidents because
they fear the potential loss of trust by investors or the public.
That Obama administration offensive seemed to wane in the wake of
disclosures starting in June 2013 by Mr. Snowden exposing U.S.
cyberspying efforts against China, including Chinese companies. Some
disclosures specifically showed the U.S. penetrating Chinese
telecommunications giant, Huawei, which U.S. officials say is a vehicle
for Chinese government cyberspying.
The Obama administration has struggled in the wake of those disclosures to regain the upper hand.
It argues that it doesn't conduct corporate espionage, as it
accuses China of doing, but it relies on a nuanced argument. U.S.
officials privately acknowledge they spy on companies for foreign
intelligence purposes, particularly those they believe are at least in
part state-controlled, but they say they won't steal corporate secrets
to provide an advantage to U.S. companies.
In China, where many companies are state-controlled in some fashion, that nuanced argument has fallen flat.
Lawmakers praised the move. "For far too long hackers in China have
stolen our intellectual property, our technology blueprints, our
business plans--in effect, our ideas--which has put some Americans in
manufacturing states like Maine out of work. It's time we fight back,"
said Sen. Angus King (I., Maine) a member of the Senate Intelligence
committee. He said Congress needs to do its part and pass "long-overdue
legislation" to bolster U.S. cyberdefenses.
John Carlin, head of the Justice Department's national security
division, said the case also reflects what he called a "sea change" in
U.S. corporate attitudes toward hacking penetrations. More and more, he
said, companies are willing to be identified as victims to help the U.S.
government pursue hackers.
Source: Wall Street Journal
Social Plugin