The Justice Department today announced the indictment of several Chinese military officers over accusations of economic cyber espionage against American companies and organizations.

From the Washington Post:

A federal grand jury in Pittsburgh has found that five Chinese People’s Liberation Army members hacked into the computers of a number of businesses and organizations in western Pennsylvania — including U.S. Steel, Westinghouse Electric, and United Steel Workers.

According to an indictment unsealed Monday, the Chinese men — Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui —  have been collectively charged with 31 crimes. This is the first criminal indictment against state-sponsored hackers who allegedly engaged in cyberespionage for economic purposes, according to the Justice Department. And the FBI said it’s just the beginning of a larger crackdown.

The government said the accused were members of  PLA Unit 61398, a military group based in Shanghai. Last year in a widely reported investigation, the cybersecurity firm Mandiant identified this group as a source of economic cyberspying.

At a press conference Monday morning, government officials alleged the defendants hacked into the computer networks of companies as they engaged in trade disputes or competed against Chinese companies for major contracts — stealing both technical trade secrets and strategic information. In some cases, the U.S. government alleges, the stolen information was used to benefit Chinese state-sponsored companies.

While many suspect it’s unlikely the accused will ever be brought to justice, U.S. authorities emphasized that they were specifically “exposing the faces and names behind the keyboards in Shanghai used to steal from American businesses.”

From the LA Times:

The indictment included the five officers’ names, their unit, their photographs and the building in Shanghai where U.S. officials said they worked. There is little prospect of them ever being brought to justice in the U.S., officials said.

Instead, the indictment appeared to be intended to send a message to Chinese leaders, who have denied that the People’s Liberation Army is engaged in economic espionage and have challenged the U.S. to provide proof.

“Well today, we are” providing proof, said John Carlin, assistant attorney general for national security. “For the first time, we are exposing the faces and names behind the keyboards in Shanghai used to steal from American businesses.”

“This indictment describes, with particularity, specific actions on specific days by specific actors to use their computers to steal information from across our economy,” Carlin said.

For those who have been following the cyber-saga between the U.S. and China for some time, today’s news may not seem surprising.  Last year, similar accusations about Chinese hackers surfaced in industry reports and from a Pentagon report.

From the NY Times on this day in 2013:

Three months after hackers working for a cyberunit of China’s People’s Liberation Army went silent amid evidence that they had stolen data from scores of American companies and government agencies, they appear to have resumed their attacks using different techniques, according to computer industry security experts and American officials.

The Obama administration had bet that “naming and shaming” the groups, first in industry reports and then in the Pentagon’s own detailed survey of Chinese military capabilities, might prompt China’s new leadership to crack down on the military’s highly organized team of hackers — or at least urge them to become more subtle.

But Unit 61398, whose well-guarded 12-story white headquarters on the edges of Shanghai became the symbol of Chinese cyberpower, is back in business, according to American officials and security companies.

It is not clear precisely who has been affected by the latest attacks. Mandiant, a private security company that helps companies and government agencies defend themselves from hackers, said the attacks had resumed but would not identify the targets, citing agreements with its clients. But it did say the victims were many of the same ones the unit had attacked before.

Not surprisingly, China is vehemently denying the charges and has accused the U.S. of having “fabricated” the facts in the indictment.

From another Washington Post report:

In a statement, Chinese Foreign Ministry spokesman Qin Gang said: “The United States fabricated facts in an indictment of five officers for so-called cybertheft by China, a move that seriously violates basic norms of international relations and damages Sino-U.S. cooperation and mutual trust. China has lodged a protest with the United States, urged the U.S. to correct the error immediately and withdraw its so-called prosecution.”

Qin asserted that “China is a staunch defender of cyber security” and denied that the Chinese government, military and “associated personnel” have ever “engaged or participated in the theft of trade secrets through cyber means.” He called the U.S. accusations “purely fictitious, extremely absurd.”

The statement continued: “For a long time, it has been obvious that the relevant U.S. departments have been carrying out large-scale, organized cybertheft and cyber-surveillance on foreign dignitaries, corporations and individuals. China is the victim of U.S. cybertheft and cyber-surveillance.” It accused U.S. authorities of “constantly conducting cyber-intrusions, surveillance and monitoring against the Chinese government departments, agencies, businesses, universities and individuals,” adding that “China has already lodged solemn complaints” with the U.S. government and urges it to “explain itself clearly and immediately stop such activities.”

Qin said: “Given the lack of sincerity by the United States for cooperation to solve cyber-security problems through dialogue, China has decided to suspend the activities of Sino-U.S. Cyber Working Group. China will assess developments of the so-called U.S. prosecution for further reaction.”

The U.S. has maintained that its own cyber activities directed against China have not been for the purpose of passing information off to others for economic gain, but for national security and intelligence purposes.

Of course, in the aftermath of the leaks from former NSA contractor Edward Snowden, the U.S. has spent a good deal of time on the defensive on this issue.

You can read the Justice Department announcement here, and the full indictment here.

The announcement from Attorney General Eric Holder can be viewed below, via CNN.

[Featured image: video via CNN]


Donations tax deductible
to the full extent allowed by law.