Image 01 Image 03

U.S. charges Chinese military officers in cyber espionage case

U.S. charges Chinese military officers in cyber espionage case

Indictment alleges defendants conspired to hack into computers of commercial entities in the U.S.

The Justice Department today announced the indictment of several Chinese military officers over accusations of economic cyber espionage against American companies and organizations.

From the Washington Post:

A federal grand jury in Pittsburgh has found that five Chinese People’s Liberation Army members hacked into the computers of a number of businesses and organizations in western Pennsylvania — including U.S. Steel, Westinghouse Electric, and United Steel Workers.

According to an indictment unsealed Monday, the Chinese men — Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui —  have been collectively charged with 31 crimes. This is the first criminal indictment against state-sponsored hackers who allegedly engaged in cyberespionage for economic purposes, according to the Justice Department. And the FBI said it’s just the beginning of a larger crackdown.

The government said the accused were members of  PLA Unit 61398, a military group based in Shanghai. Last year in a widely reported investigation, the cybersecurity firm Mandiant identified this group as a source of economic cyberspying.

At a press conference Monday morning, government officials alleged the defendants hacked into the computer networks of companies as they engaged in trade disputes or competed against Chinese companies for major contracts — stealing both technical trade secrets and strategic information. In some cases, the U.S. government alleges, the stolen information was used to benefit Chinese state-sponsored companies.

While many suspect it’s unlikely the accused will ever be brought to justice, U.S. authorities emphasized that they were specifically “exposing the faces and names behind the keyboards in Shanghai used to steal from American businesses.”

From the LA Times:

The indictment included the five officers’ names, their unit, their photographs and the building in Shanghai where U.S. officials said they worked. There is little prospect of them ever being brought to justice in the U.S., officials said.

Instead, the indictment appeared to be intended to send a message to Chinese leaders, who have denied that the People’s Liberation Army is engaged in economic espionage and have challenged the U.S. to provide proof.

“Well today, we are” providing proof, said John Carlin, assistant attorney general for national security. “For the first time, we are exposing the faces and names behind the keyboards in Shanghai used to steal from American businesses.”

“This indictment describes, with particularity, specific actions on specific days by specific actors to use their computers to steal information from across our economy,” Carlin said.

For those who have been following the cyber-saga between the U.S. and China for some time, today’s news may not seem surprising.  Last year, similar accusations about Chinese hackers surfaced in industry reports and from a Pentagon report.

From the NY Times on this day in 2013:

Three months after hackers working for a cyberunit of China’s People’s Liberation Army went silent amid evidence that they had stolen data from scores of American companies and government agencies, they appear to have resumed their attacks using different techniques, according to computer industry security experts and American officials.

The Obama administration had bet that “naming and shaming” the groups, first in industry reports and then in the Pentagon’s own detailed survey of Chinese military capabilities, might prompt China’s new leadership to crack down on the military’s highly organized team of hackers — or at least urge them to become more subtle.

But Unit 61398, whose well-guarded 12-story white headquarters on the edges of Shanghai became the symbol of Chinese cyberpower, is back in business, according to American officials and security companies.

It is not clear precisely who has been affected by the latest attacks. Mandiant, a private security company that helps companies and government agencies defend themselves from hackers, said the attacks had resumed but would not identify the targets, citing agreements with its clients. But it did say the victims were many of the same ones the unit had attacked before.

Not surprisingly, China is vehemently denying the charges and has accused the U.S. of having “fabricated” the facts in the indictment.

From another Washington Post report:

In a statement, Chinese Foreign Ministry spokesman Qin Gang said: “The United States fabricated facts in an indictment of five officers for so-called cybertheft by China, a move that seriously violates basic norms of international relations and damages Sino-U.S. cooperation and mutual trust. China has lodged a protest with the United States, urged the U.S. to correct the error immediately and withdraw its so-called prosecution.”

Qin asserted that “China is a staunch defender of cyber security” and denied that the Chinese government, military and “associated personnel” have ever “engaged or participated in the theft of trade secrets through cyber means.” He called the U.S. accusations “purely fictitious, extremely absurd.”

The statement continued: “For a long time, it has been obvious that the relevant U.S. departments have been carrying out large-scale, organized cybertheft and cyber-surveillance on foreign dignitaries, corporations and individuals. China is the victim of U.S. cybertheft and cyber-surveillance.” It accused U.S. authorities of “constantly conducting cyber-intrusions, surveillance and monitoring against the Chinese government departments, agencies, businesses, universities and individuals,” adding that “China has already lodged solemn complaints” with the U.S. government and urges it to “explain itself clearly and immediately stop such activities.”

Qin said: “Given the lack of sincerity by the United States for cooperation to solve cyber-security problems through dialogue, China has decided to suspend the activities of Sino-U.S. Cyber Working Group. China will assess developments of the so-called U.S. prosecution for further reaction.”

The U.S. has maintained that its own cyber activities directed against China have not been for the purpose of passing information off to others for economic gain, but for national security and intelligence purposes.

Of course, in the aftermath of the leaks from former NSA contractor Edward Snowden, the U.S. has spent a good deal of time on the defensive on this issue.

You can read the Justice Department announcement here, and the full indictment here.

The announcement from Attorney General Eric Holder can be viewed below, via CNN.

[Featured image: video via CNN]


Donations tax deductible
to the full extent allowed by law.



Well, somebody better notify the CIA and the rest of the U.S. intelligence bureaucrats, they’ve been focused on those evil Israeli spies.

great unknown | May 19, 2014 at 7:42 pm

Not only will these gentlemen never face American “justice”, but I suspect the DOJ is ultimately going to look even more stupid over this.

How long will it take for America to apologize to the Chinese for “insulting” them?

    Emperor Penguin in reply to great unknown. | May 19, 2014 at 9:43 pm

    Or Obama could really get angry and give them a firm talking to! That ought to show the Chinese that we mean business. And if that doesn’t work then we will really get angry and knock them over the head with some sanctions!

    (So yeah, I totally agree with great unknown)

Sounds like somebody has to draw another “red line”. That’ll learn ’em.

The DoJ CHARGED someone not a conservative US citizen? No wonder Satan ordered heaters.

Not to be worrying the hash tag # closely resembles an ancient Chinese logogram for Screw You.

What a pointless exercise in stupidity.

This is the kind of thing I might do, knowing next to nothing about foreign policy in general or China in particular. That doesn’t make it wrong, of course, but I hope they know what they’re doing. On second thought, I hope they stumbled into the right move through the fortunes of the blind squirrel rule, as there is zero evidence that Kerry or Obama know what they’re doing.

Let’s make a deal. We’ll trade you 15 million of your citizens for Sgt. Tahmooresi. Sound fair? It does to me too.

Sorry, that was supposed to go in the Boehner-Jarrett discussion.

I suspect it is a pretext for an Internet kill switch. This administration is known for creating crisis (Fast and Furious) and then using that to consolidate power.

Holder and Obama still have not grasped the concept of jurisdiction.

PersonFromPorlock | May 20, 2014 at 11:37 am

The fun part comes when the Chinese start charging administration guys.

Henry Hawkins | May 20, 2014 at 12:00 pm

Dude, like, this story is so 2013.