In an unprecedented move, the U.S. Justice Department has charged five officers in the People’s Liberation Army (PLA) with crimes related to cyber espionage. According to the Justice Department’s press release, a grand jury in Pittsburgh, Pennsylvania has “indicted five Chinese military hackers for computer hacking, economic espionage and other offenses directed at six American victims in the U.S. nuclear power, metals and solar products industries.” The defendants are identified as Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui, all officers in the PLA’s Unit 61398 (alleged to be a major source of Chinese cyber attacks). The victims are Westinghouse Electric Co; U.S. subsidiaries of SolarWorld AG; U.S. Steel; Allegheny Technologies Inc. (ATI); the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (USW); and Alcoa Inc.
In remarks at a press conference, U.S. Attorney General Eric Holder noted that the charges were “the first ever” to be filed “against known state actors for infiltrating U.S. commercial targets by cyber means.” Holder alleged that the PLA officers had stolen trade secrets and other sensitive business information “for no reason other than to advantage state-owned companies and other interests in China.” Holder concluded by saying that the case “should serve as a wake-up call to the seriousness of the ongoing cyberthreat. These criminal charges represent a groundbreaking step forward in addressing that threat.”
Assistant Attorney General for National Security John Carlin noted that the U.S. has often been challenged by China to provide evidence for its complaints about cyber espionage. “In the past, when we brought concerns such as these to Chinese government officials, they responded by publicly challenging us to provide hard evidence of their hacking that could stand up in court. Well today, we are,” Carlin said. He added, “Cyber theft is real theft and we will hold state sponsored cyber thieves accountable as we would any other transnational criminal organization that steals our goods and breaks our laws.”
Carlin also provided specific examples of how the alleged hacking worked. While Westinghouse was in the midst of negotiations with a Chinese state-owned enterprise over constructing nuclear power plants, Carlin said, “the hackers stole trade secret designs for components of those plants. “ He also noted that the hackers stole “cost, pricing, and strategy information” from SolarWorld at the same time that Chinese competitors were driving SolarWorld out of the Chinese market.
The Obama administration has been emphasizing cyber espionage as an issue in U.S.-China relations since early 2013, when a series of public reports of Chinese hacking appeared. However, this is the first time that the U.S. government has proved specific details on allegations of Chinese hacking, including names, dates, and the type of information stolen. This may be the first such case, but it apparently won’t be the last. The AP quoted Bob Anderson, executive assistant director of the FBI’s criminal, cyber response and services division, as saying, “This is the new normal.”
The charges are sure to create a major backlash in China, which has always denied any involvement in hacking activities. Beijing will undoubtedly point to U.S. cyber espionage activities as evidence of U.S. hypocrisy. Documents leaked by former NSA contractor Edward Snowden revealed hacking by the National Security Agency into universities and businesses in Hong Kong and mainland China, including extensive hacking into telecommunications giant Huawei. Beijing might seek to retaliate by bringing its own charges against the NSA or other U.S. agencies for their hacking activities. China’s Foreign Ministry has already demanded an explanation for the U.S. hacking activities, a call it renewed after the indictment of the PLA officers.
China’s Foreign Ministry released a statement condemning the charges as “grossly violat[ing] the basic norms governing international relations.” China demanded that the U.S. withdraw the charges, which the Foreign Ministry said are “based on fabricated facts.” “The Chinese government, the Chinese military and their relevant personnel have never engaged or participated in cyber theft of trade secrets. The U.S. accusation against Chinese personnel is purely ungrounded and absurd,” the statement said. In response, Beijing has suspended the U.S.-China Cyber Working Group, a dialogue platform for cyber issues.
The decision to go public and charge specific Chinese individuals with crimes suggests that Obama feels diplomacy with China is not making sufficient progress on this issue. Cybersecurity and cyber espionage have been raised repeatedly at high-level meetings, including at the famous Sunnylands summit between Obama and Xi Jinping. The case against the PLA officers is unlikely to move forward, as there’s no chance China will extradite the accused to the U.S. for prosecution. It’s mostly a symbolic move, then, designed to demonstrate Washington’s strong dissatisfaction with China’s hacking activities. It also signals that the U.S. does have concrete evidence of Chinese hacking, evidence Beijing has always insisted on seeing.