The US has charged five Chinese army officers with hacking into private-sector American companies in a bid for competitive advantage, in the first cyber-espionage case of its kind.
Attorney General Eric Holder said the alleged breaches were “significant” and demanded “an aggressive response”.
US prosecutors say the officers stole trade secrets and internal documents from five companies and a labour union.
China denied the charges and warned the case would harm US-China relations.
Potentially more victims
China always insists it is a victim of hacking, not a perpetrator. And when US intelligence contractor Edward Snowden appeared in Hong Kong a year ago with evidence of US hacking into Chinese networks, Beijing felt vindicated.
The US acknowledges that it conducts espionage but says unlike China it does not spy on foreign companies and pass what it finds to its own companies.
Beijing typically shrugs this off as a smear motivated by those who find its growing technological might hard to bear. But to see five named officers of the People’s Liberation Army indicted by a US grand jury is not something that can be brushed aside so easily. China has already announced the suspension of co-operation with the US on an internet working group. And once it has had time to digest this loss of face, it is likely to consider more serious retaliation.
In Washington on Monday, Mr Holder said a grand jury had laid hacking charges against the Chinese nationals, the first against “known state actors for infiltrating US commercial targets by cyber means”.
He identified the alleged victims as Westinghouse Electric, US Steel, Alcoa Inc, Allegheny Technologies, SolarWorld and the US Steelworkers Union.
“The alleged hacking appears to have been conducted for no reason other than to advantage state-owned companies and other interests in China, at the expense of businesses here in the United States,” Mr Holder said.
He said the US government rejected economic espionage as a trade tactic.
“As President Obama has said on numerous occasions, we do not collect intelligence to provide a competitive advantage to US companies, or US commercial sectors,” Mr Holder said.
In response to the charges, the Chinese government said its “stance on the issue of internet security is consistent and clear”.
What is Unit 61398?
- A unit of China’s People’s Liberation Army, to whose Shanghai address US cyber security firm Mandiant says it traced a prolific hacking team
- The team was said to have hacked into 141 computers across 20 industries, stealing hundreds of terabytes of data
- Mandiant says the team would have been staffed by hundreds, possibly thousands of proficient English speakers
- China said Mandiant’s report was flawed and lacked proof
Foreign ministry spokesman Qin Gang said the allegations were “made up” and would “damage Sino-American co-operation and mutual trust”.
“China is a staunch defender of network security, and the Chinese government, military and associated personnel have never engaged in online theft of trade secrets,” he said.
In an indictment in the western district of Pennsylvania, the heart of the US steel industry, the US named Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui, all officers in Unit 61398 of the Chinese People’s Liberation Army (PLA), as the alleged conspirators.
FBI officials said the hacking in the years 2006-14 caused “significant losses” at the companies and that there were likely many more victims.
John Carlin, head of the justice department’s national security division, said, “While the men and women of our American businesses spent their business days innovating, creating, and developing strategies to compete in the global marketplace, these members of unit 61398 spent their business days in Shanghai stealing the fruits of our labour.”
It’s no coincidence that four of the six groups named in the prosecution are in the metal industry, business figures say.
“Trade enforcement is always mainly a steel story – it’s the only big American manufacturer that uses the trade law system effectively,” says Alan Tonelson of the US Business and Industry Educational Foundation.
He says the indictments are symbolic – an attempt to mollify a US steel industry at odds with the Obama administration over proposed international trade deals. Talks for the TTIP pact between the US and EU resumed on Monday.
“Clearly we’re not going to have US Justice Department officials marching into the PLA’s [People’s Liberation Army’s] headquarters to arrest the indicted personnel,” he says.
Michael Wessel, the commissioner of the US-China Economic and Security Review Commission, said the case “sends a message that the US is going to actively protect its own interests and make sure that China plays by the rules.”
For example, Mr Carlin said that as SolarWorld, a maker of solar panels and accessories, was rapidly losing market share to cheaply priced Chinese competitors, the hackers were stealing documents on pricing strategy from them.
While Westinghouse was negotiating a deal with a Chinese state-owned firm to build nuclear power plants, Unit 61398 stole secret designs for plant components, he said.
“In the past, when we brought concerns such as these to Chinese government officials, they responded by publicly challenging us to provide hard evidence of their hacking that could stand up in court,” Mr Carlin said.
Last year, cyber-defence company Mandiant published a report on a Chinese military unit the firm said was behind the vast majority of significant attacks on American federal agencies and companies.
In March, Defence Secretary Chuck Hagel said the Pentagon planned to more than triple its cyber-security capabilities in the next few years to defend against such internet attacks.
US President Barack Obama has called cyber-attacks a “real threat” to US security and its economy.