WASHINGTON — The Obama administration has brought unprecedented criminal charges against five officials in the Chinese military for hacking into private U.S. companies’ systems and stealing trade secrets. It was the first time the U.S. has revealed any evidence the Chinese government was going after American companies’ private information for economic gain.
Q. What happened?
A. A federal grand jury in Pittsburgh charged five Chinese military officials with hacking into six U.S. companies’ systems, conducting economic espionage and stealing trade secrets. The targeted companies are leaders in the nation’s nuclear power, metals and solar products industries: Alcoa World Alumina, the nation’s largest producer of aluminum; Westinghouse Electric Co., one of the world’s leaders in the development of nuclear power technology; Allegheny Technologies, a large metals company; U.S. Steel Corp., the largest steel company in the U.S.; United Steelworkers Union, the biggest industrial labor union in the U.S.; and SolarWorld, which makes solar products.
Q. Why is it significant?
A. The indictment is the first of its kind. It fulfills a longtime Obama administration promise to bring charges against nation-state hackers.
The U.S. has brought economic espionage charges against individuals before, but this is believed to be the first time the U.S. has accused members of a foreign government’s military with hacking into U.S. companies without ever stepping foot in the country. The U.S. has long been concerned about cyber threats coming from China. The Chinese government has said there should be no finger-pointing without evidence.
Q. How did they pull it off?
A. At least in some instances, the alleged hackers were accused of “spear-phishing,” or tricking employees into opening an infected email. In one case, the U.S. said they created a fake email account under the misspelled name of a then-Alcoa board of director — apparently it was Nissan chief executive Carlos Ghosn — and fooled an employee into opening an infected email attachment called “agenda.zip” that let the hackers inside the company’s network. In another case, a hacker emailed U.S. Steel employees with a link to a report about industry observations, but clicking the link quietly installed malicious software that unlocked the company’s network.
Q. Who were these guys?
A. The U.S. says they operated under hacker aliases such as “KandyGoo” and “Jack Sun.” At least one of them, identified as Wang Dong, known as “Ugly Gorilla,” was described more than a year ago in a landmark report by U.S. security vendor Mandiant as being one of dozens, if not hundreds, of Chinese hackers who were “likely government-sponsored and one of the most persistent of China’s cyber threat actors.”
Q. What are the chances the five Chinese military officials will ever see the inside of a U.S. courtroom?
A. Very slim. No one really expects China to turn them over to the U.S. The Justice Department said it intends to bring them to the U.S. to face a trial, but Attorney General Eric Holder said it’s never clear how things will play out. The U.S. and China have no formal extradition treaty.
Q. What happens if they don’t?
A. “Absolutely nothing,” said Mark Rasch, a former U.S. cybercrimes prosecutor. But the indictment — and any formal request for extradition — puts China on the defensive until the charges are resolved.
Q. What does this mean for U.S. relations with China?
A. It is expected to put further strains on the relationship, and the Chinese will likely accuse Americans of hacking into their systems.
“Everybody now is going to jump into the act, using their own criminal laws to go after what other countries are doing,” Rasch said.
Q. Does this put U.S. executives at risk when they’re traveling in China?
A. This is likely to trigger a tit-for-tat situation with China, said Frank Cilluffo, director of the Homeland Security Policy Institute at George Washington University. This is not unlike what happens when diplomats are asked to leave a country after allegations of undiplomatic behavior, he said. It’s widely believed that many Americans doing business in China are already being watched by the Chinese, Cilluffo said. And, while it’s possible that the Chinese could retaliate by detaining Americans, Cilluffo said that type of response is unlikely and ill-advised.
China also announced the suspension of the U.S.-China Cyber Security Working Group, which was to have met in July as part of the annual U.S.-China Strategic and Economic Dialogue that Secretary of State John Kerry and Treasury Secretary Jack Lew are to lead in Beijing. On Tuesday, China warned the United States was jeopardizing military ties and demanded Washington withdraw the indictment.
The indictment comes as Russian President Vladimir Putin heads to China to bolster ties between Moscow and Beijing. The indictment may give the two nations more common ground as the United States seeks to win their support on a wide range of diplomatic and military issues, including dealing with Iran and North Korea’s nuclear programs and the conflict in Syria.
Q. The U.S. denies that it engages in a type of economic espionage that it’s accusing China of doing. Is that credible?
A. In Monday’s indictment, the U.S. is trying to distinguish between national espionage — nation-on-nation spying — and economic espionage that’s intended to help private companies or industry.
Unlike in some foreign countries, there are no nationalized U.S. industries. American officials, including U.S. intelligence officials and members of Congress, have denied that the government spies on foreign companies and then hands over such commercially valuable information to American companies, such as stealing an Airbus jet design and giving it to Boeing. There is no evidence this happens in the United States.
However, China’s Internet information agency said Tuesday that Chinese networks and websites have been the target of thousands of hacking attacks from computers in the United States.
“Every country in the world, large and small, engages in intelligence gathering and that is an occasional source of tension but is generally practiced within bounds,” President Barack Obama said last June. “There’s a big difference between that and a hacker directly connected with the Chinese government or the Chinese military breaking into Apple’s software systems to see if they can obtain the designs for the latest Apple product. That’s theft. And we can’t tolerate that.”
However, if the U.S. government were to steal the specifications for a new foreign fighter jet, it would almost certainly reveal such information to the defense contractor selected to build a U.S. jet that would fly against it in combat.
EILEEN SULLIVAN, Associated Press
Associated Press writers Eric Tucker and Matthew Lee contributed to this story.