For the first time ever, the U.S. government is taking legal aim at China for hacking American companies. In an indictment filed today, Chinese military officers Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui, attached to the Chinese People’s Liberation Army (PLA) Unit 61398, were named as being allegedly responsible for attacking U.S. companies.
The indictment covers an eight-year period from 2006-2014 and specifically identifies Westinghouse Electric; U.S. subsidiaries of SolarWorld AG; U.S. Steel; Allegheny Technologies (ATI); the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (United Steelworkers, or USW); and Alcoa as being the victims of the Chinese attacks.
In a press conference this morning, U.S. Attorney General Eric Holder said the indictment represents the first time the United States has ever charged known state actors for infiltrating U.S. commercial targets by cyber means.
“Success in the marketplace should be based solely on a company’s ability to innovate and compete,” Holder said. “When a foreign nation uses military or intelligence tools and resources against corporations to obtain trade secrets or sensitive business information for the benefit of state-owned companies, we must say, enough is enough.”
Holder noted during the press conference that the investigation into Chinese hacking of U.S. companies has been ongoing for several years and involved the efforts of the FBI. Robert Anderson, executive assistant director of the Criminal, Cyber, Response, and Services Branch at the FBI, said during the press conference that 46 FBI field offices were involved in the investigation.
During the press conference, Holder was asked how the Chinese hacking of American interests is different from the activities undertaken by the U.S. National Security Agency (NSA).
“All nations are involved in intelligence gathering,” Holder said. “What distinguishes this case is that we have state-sponsored individuals using intelligence tools to gain commercial advantage.”
It is not clear when or how the five Chinese officers charged by the U.S. Department of Justice will ever actually be brought to justice.
“Our intention is for the defendants to have due process in an American court of law,” Holder said. “That is the intention of what we have done today—to hold accountable people that have engaged in activities that violate American criminal law.”
Security vendors contacted by eWEEK were not surprised by the U.S indictment of Chinese military officers. George Kurtz, CEO of CrowdStrike, told eWEEK that he is not surprised at the charges, as the problem of Chinese spying has been well-known for years.
“Over the last few years, we have seen more willingness to identify threat actors and call out China,” Kurtz said. “This is the next step of hopefully taking diplomatic as well as civil action.”
In some respects, the actions of the Department of Justice can be seen as a “naming and shaming” exercise against China. The indictment also helps raise awareness around the issue of nation-state sponsored intellectual property theft, Kurtz added.
“The intelligence community and companies like CrowdStrike know who the attackers are, so let’s start with the naming and shaming to get the issues on the table,” Kurtz said.
The reality is that there is little in the way of direct action that can be taken to stop someone under the protection of a foreign government, Eric Cowperthwaite, vice president of Advanced Security and Strategy at Core Security, told eWEEK.
“It’s not like the U.S. will be able to arrest the men in question, for example, unless they happen to travel outside China,” Cowperthwaite said. “What the U.S. government could do is take action that will empower critical industry to strengthen its information security.”
J.J. Thompson, CEO of Rook Security, noted that from his perspective, the challenge is that infrastructure in Shanghai makes it nearly impossible for the Chinese government to track down and hold hackers accountable.
“Either the U.S. is sure that it is members of Unit 61398 or the U.S. is trying to send a warning shot over the bow that we are serious about protecting U.S. corporate interests,” Thompson said.
In Kurtz’s view, there is absolutely no question that the Chinese People’s Liberation Army is actively involved in hacking American companies.
“If the American public knew how much intellectual property theft is taking place on a day-to-day basis from China, they would be appalled,” Kurtz said. “If in the physical world there was a helicopter that descended on Silicon Valley and paratroopers went into one of the big technology companies and grabbed all their IP, there would be missiles fired.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.