EUA-China: a nova Guerra Fria cibernetica

U.S. charges Chinese military personnel with Cyberspying

Michael Schmidt

The New York Times, May 19, 2014

WASHINGTON — The Department of Justice said on Monday it had charged five individuals in China’s People’s Liberation Army in connection with stealing trade secrets from some of the largest American companies, including Westinghouse, United States Steel and Alcoa.

The move marked a rare instance of the United States charging foreign government employees with economic espionage, and it increased the tensions between American and Chinese officials who have accused each other in public and in private of using military assets to initiate hacks and cyberattacks.

The authorities said that the five men had worked at a 12-story white office tower on a Chinese Army base on the outskirts of Shanghai that was identified in a report last year as a source for many attacks on the American government and corporations.

According to the report, which was released by the American security firm Mandiant, the attacks were coming from Chinese hacking groups, known to many of their victims in the United States as the “Comment Crew” or “Shanghai Group,” that were based in that building.

At a news conference in Washington, the Justice Department said it was searching for Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui. It is unlikely that any of them will ever be brought to trial in the United States.

John Carlin, an assistant attorney general for national security, said the men “have targeted the U.S. private sector for commercial advantage.”

“We allege that members of unit 61398 conspired to hack into computers of six U.S. victims to steal information that would provide an economic advantage to the victims’ competitors, including Chinese state-owned enterprises,” Mr. Carlin said.

In response to the charges, the Chinese Foreign Ministry said that the United States had made up the facts behind the charges and that its military had never been involved in stealing trade secrets.

“The U.S., fabricating facts and using so-called stealing network secrets as an excuse, announced indictments against five Chinese military officers,” the ministry said in a statement. “This is a serious violation of basic norms of international relations and damages Sino-U.S. cooperation and mutual trust.” China has “lodged a protest” with the United States about this and “urges the U.S. to immediately correct its error and revoke its so-called indictment.”

According to the statement, China has also decided to suspend the Sino-U.S. Internet Working Group’s activities “given the U.S. lack of sincerity in resolving Internet security issues through dialogue and cooperation.” China “will make further responses” based on developments, the statement said.

The Justice Department said that the men were indicted on May 1 by a federal grand jury in Pennsylvania and charged with conspiring to commit computer fraud and accessing a computer without authorization for the purpose of commercial advantage.

Mr. Carlin gave examples of the damage done by the hackers.

He said that while SolarWorld was rapidly losing its market share to Chinese competitors that were pricing exports well below costs, the hackers were stealing cost, pricing and strategy information from SolarWorld’s computers. And while Westinghouse was negotiating with a Chinese state-owned enterprise over the construction of nuclear power plants, he said, the hackers stole trade secret designs for components of those plants.

In 2013, amid reports that detailed the extent of Chinese hacking of American companies and corporations, American officials tried to pressure the Chinese government to stop its military from compromising American systems.

In March, it was revealed that the National Security Agency had created a back door into the computer networks of Huawei, a Chinese telecommunications giant that is considered a threat by the United States. The N.S.A. has also tracked more than 20 Chinese hacking groups — including some from the Chinese Army and Navy — that have broken into American government networks and companies. The companies included Google, and drone and nuclear-weapon part makers.

In a separate case, the department was to announce charges later on Monday against several people who used hacking software called Blackshades. The software allows hackers to remotely control a computer.

Mr. Holder said the two cases showed that the United States was “stepping up” cyberenforcement, regardless of whether attacks are by people inside the United States.