The Justice Department’s indictments of five Chinese army officials accused of hacking U.S. companies escalated cybersecurity tensions between Washington and Beijing on Monday and opened what some analysts and U.S. lawmakers called a new phase in the confrontation between the world’s two most powerful nations.
The first cyber-related criminal indictment Washington has made against officials from any foreign government says an elite Chinese army group known as “unit 61398” has spent nearly a decade engaging in state-sponsored theft of trade secrets from several top-tier private energy and steel companies.
“We allege that members of unit 61398 conspired to hack into computers of six U.S. victims to steal information that would provide an economic advantage to the victims’ competitors, including Chinese state-owned enterprises,” John Carlin, assistant attorney general for national security, told reporters at the Justice Department on Monday.
The charges triggered a rebuke from the Chinese Foreign Ministry, which said Washington’s move was “ungrounded and absurd” and that China was responding by halting participation in cybersecurity talks that officials from both nations pursued over the past year.
Officials at the State Department said they intend to continue pursuing the dialogue, but the Obama administration’s decision to level the criminal charges suggests that overall U.S. government frustration with suspected Chinese hacking has reached a boiling point.
The Obama administration won quick praise from both sides of the aisle Monday. Some lawmakers revealed how China’s denial of state-sponsored hacking during recent and high-level meetings with U.S. officials appears to have provoked the administration to tighten the screws on Beijing.
SEE ALSO: China whacks Justice Dept.’s ‘ungrounded and absurd’ hacking charges
“The issue of state-sponsored theft of intellectual property from private American companies has been raised at the highest levels with China, including by [President Obama] himself,” Rep. Patrick Meehan, Pennsylvania Republican, who chairs a House Homeland Security subcommittee on cybersecurity, told The Washington Times in an interview.
“But China has not abated their activity,” said the congressman, who added that he other Republicans, including House Majority Leader Eric Cantor of Virginia, also raised the issue directly with Chinese Premier Li Keqiang during an official visit to Beijing last month.
“We were very deliberate and specific and in all honesty, the response from the Chinese was disciplined and circular,” Mr. Meehan said. “They made no admissions.”
With those interactions serving as a backdrop to Monday’s development, Peter W. Singer, a scholar focused on cyber-related issues at the Brookings Institution, said the leveling of criminal charges by the Obama administration should be seen as a serious “next step” in “a dance that will play out for the coming years.”
“No one should expect the indictment to end hacking,” Mr. Singer told The Times in an email. “While just five people were indicted, behind them is an immense human network of hackers, both inside Chinese military units and in broader cyber militia that numbers in the hundreds of thousands.”
The activities of China’s Unit 61398 drew significant attention in the Western media last year after a report by the American security firm Mandiant, which estimated that the unit is “staffed by hundreds, and perhaps thousands of people.”
SEE ALSO: Justice Department charges China with cyber-spying crimes on U.S. firms
The report said Mandiant investigators had gathered evidence on the unit’s hacking of some 141 companies across 20 major industries since 2006.
Mr. Carlin said Monday that the FBI’s own probe into Unit 61398 uncovered evidence identifying “specific actions on specific days by specific actors to use their computers to steal information from across [the U.S.] economy.”
The indictments against five of the unit’s members “describes how they targeted information in industries ranging from nuclear to steel to renewable energy,” Mr. Carlin said. “While the men and women of our American businesses spent their business days innovating, creating and developing strategies to compete in the global marketplace, these members of unit 61398 were spending their business days in Shanghai stealing the fruits of our labor.”
The FBI sting should serve as a “wake-up call” to the seriousness of the ongoing threat of cybercrimes and how the U.S. plans on dealing with them, said U.S. Attorney General Eric H. Holder Jr., who announced the charges with Mr. Carlin.
Mr. Holder said the U.S. doesn’t collect intelligence to help U.S. companies, unlike what the Chinese were attempting to do. He said he hopes China will cooperate with the indictment and allow the five accused to stand trial in the U.S., although the prospect of that would be slim regardless of politics because the U.S. has no extradition treaty with China.
“When a foreign nation uses military or intelligence resources and tools against an American executive or corporation to obtain trade secrets or sensitive information for the benefit of its state-owned companies we must say: Enough is enough,” Mr. Holder said. “This administration will not tolerate actions by any nation that seeks to illegally sabotage American companies and undermine the integrity of fair competition in the operation of the free market.”
In what perhaps is an effort to shame the suspects, U.S. authorities released photos, including one man in military uniform. The investigation dated back at least a year as the Obama administration searched for more punitive measures against Chinese hackers. The most serious charge of economic espionage includes a maximum 15-year prison sentence.
The gesture is largely symbolic and draws a U.S. line in the sand to foreign entities trying to steal commercial secrets, said Shawn Henry, former executive assistant director of the FBI’s Criminal, Cyber, Response and Services Branch, where he oversaw all of the bureau’s criminal and cyber programs and investigations worldwide.
“It’s a good first step,” said Mr. Henry, who is now the president of CrowdStrike Services, a cybersecurity detection and prevention firm.
He has long advocated that because the U.S. government’s primary responsibility is the protection, safety and security of its citizens, it should actively be defending cyberspace with the same red lines, diplomatic gestures, military moves and legal ramifications as it does when lines or borders are crossed in the physical world.
“The U.S. government can have some pretty candid conversations with heads of state and other governments about what’s acceptable and what’s not acceptable and what the red lines are,” said Mr. Henry. “If you launch a cyberattack into our space, this is what the results are going to be.”
The Chinese attempted to steal secrets from six entities in the steel and energy segments: U.S. Steel Corp., Alcoa Inc., Allegheny Technologies Inc., Westinghouse Electric Corp., the United Steelworkers union, and SolarWorld AG.
The scheme is thought to have begun in 2006.
The indictment accuses five people, named Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui, with conspiracy to commit computer fraud and abuse. The indictment was handed up by a grand jury in Pittsburgh, close to many of the firms targeted.
U.S. government officials have long said that China is aggressive in pursuing cyberespionage — trying to gather trade secrets and intellectual property from U.S. companies. China has denied this charge.
Despite the tense rhetoric on both sides, there appeared to be potential for positive dialogue on cybersecurity issues after the high-level Strategic and Economic Dialogue in which U.S. and Chinese officials engaged last year.
After the July talks, the State Department circulated a fact sheet outlining how both sides agreed to “promote an open, cooperative, secure, and reliable cyber space.”
Heading into the talks, the State Department document said, U.S. and Chinese officials “held the first meeting of the civilian-military Cyber Working Group, where the two sides committed to work together on cooperative activities and further discussions on international norms of state behavior in cyberspace.”
“Both sides commented positively on the candid, in-depth dialogue,” the department said.
Such optimism appeared to dissolve with Monday’s indictments. The Chinese Foreign Ministry asserted that it is China, not the U.S., that is “a victim of severe U.S. cyber theft, wiretapping and surveillance activities.”
“Given the lack of sincerity on the part of the U.S. to solve issues related to cyber security through dialogue and cooperation, China has decided to suspend activities of the China-U.S. Cyber Working Group,” Chinese Foreign Ministry spokeswoman Qin Gang said in a statement posted on the ministry’s website. “China will react further to the US ’indictment’ as the situation evolves.”
In Washington, State Department spokeswoman Jennifer Psaki said U.S. officials regretted the Chinese announcement and “continue to believe that dialogue is an essential part of resolving these and other cybersecurity concerns.”
Pressed to respond to the Chinese accusation that the Washington is engaged in its own spying on China, Ms. Psaki responded: “Well, our intelligence activities are focused on the national security interests of the United States.”
• Kelly Riddell can be reached at kriddell@washingtontimes.com.
• Guy Taylor can be reached at gtaylor@washingtontimes.com.
Please read our comment policy before commenting.