Monday, May 19, 2014

• U.S. Charges Chinese Army Personnel With Cyberspying By MICHAEL S. SCHMIDT

Monday, May 19, 2014

Attorney General Eric H. Holder Jr. announced charges against Chinese army personnel for hacking into American companies including Westinghouse, United States Steel and Alcoa.

WASHINGTON — The Department of Justice said on Monday it had charged five individuals in China’s People’s Liberation Army in connection with stealing trade secrets from some of the largest American companies, including Westinghouse, United States Steel and Alcoa.

The move marked a rare instance of the United States charging foreign governmentemployees with economic espionage, and it increased the tensions between American and Chinese officials who have accused each other in public and in private of using military assets to initiate hacks and cyberattacks.

The authorities said that the five men had worked at a 12-story white office tower on a Chinese Army base on the outskirts of Shanghai that was identified in a report last year as a source for many attacks on the American government and corporations.

According to the report, which was released by the American security firm Mandiant, the attacks were coming from Chinese hacking groups, known to many of their victims in the United States as the “Comment Crew” or “Shanghai Group,” that were based in that building.

At a news conference in Washington, senior Justice Department officials said that China should send the defendants — Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui — to the United States to face trial.
Those demands, however, were largely symbolic as the Chinese government, which said on Monday that the facts behind the charges were made up, is unlikely to turn them over.

John Carlin, an assistant attorney general for national security, said the men had “targeted the U.S. private sector for commercial advantage.”
“We allege that members of unit 61398 conspired to hack into computers of six U.S. victims to steal information that would provide an economic advantage to the victims’ competitors, including Chinese state-owned enterprises,” Mr. Carlin said.

In response to the charges, the Chinese government said that its military had never been involved in stealing trade secrets.
“The U.S., fabricating facts and using so-called stealing network secrets as an excuse, announced indictments against five Chinese military officers,” the Chinese Foreign Ministry said in a statement. 

“This is a serious violation of basic norms of international relations and damages Sino-U.S. cooperation and mutual trust.” 

China has “lodged a protest” with the United States and “urges the U.S. to immediately correct its error and revoke its so-called indictment,” it added.

According to the statement, China also decided to suspend the activities of a Chinese-American Internet working group “given the U.S. lack of sincerity in resolving Internet security issues through dialogue and cooperation.”
China “will make further responses” based on developments, the statement said.

 Press material displayed before Mr. Holder at the news conference on Monday.

The Justice Department said that the men were indicted on May 1 by a federal grand jury in Pennsylvania and charged with conspiring to commit computer fraud and accessing a computer without authorization for the purpose of commercial advantage.

Mr. Carlin gave examples of the damage done by the hackers.
He said that while SolarWorld was rapidly losing its market share to Chinese competitors that were pricing exports well below costs, the hackers were stealing cost, pricing and strategy information from SolarWorld’s computers.
And while Westinghouse was negotiating with a Chinese state-owned enterprise over the construction of nuclear power plants, he said, the hackers stole trade secret designs for components of those plants.

In 2013, amid reports that detailed the extent of Chinese hacking of American companies and corporations, American officials tried to pressure the Chinese government to stop its military from compromising American systems.

In March, it was revealed that the National Security Agency had created a back door into the computer networks of Huawei, a Chinese telecommunications giant that is considered a threat by the United States. The N.S.A. has also tracked more than 20 Chinese hacking groups — including some from the Chinese Army and Navy — that have broken into American government networks and companies.
The companies included Google, and drone and nuclear-weapon part makers.

In a separate case, the department was to announce charges later on Monday against several people who used hacking software called Blackshades. 

The software allows hackers to remotely control a computer.
Mr. Holder said the two cases showed that the United States was “stepping up” cyberenforcement, regardless of whether attacks are by people inside the United States.


 May. 19, 2014 10:46 PM EDT
Press materials are displayed on a table of the Justice Department in Washington, Monday, May 19, 2014, before Attorney General Eric Holder was to speak at a news conference. Holder was announcing that a U.S. grand jury has charged five Chinese hackers with economic espionage and trade secret theft, the first-of-its-kind criminal charges against Chinese military officials in an international cyber-espionage case. (AP Photo/Charles Dharapak)
WASHINGTON (AP) — Accusing China of vast business spying, the United States charged five military officials on Monday with hacking into U.S. companies to steal vital trade secrets in a case intensifying already-rising tensions between the international economic giants.

The Chinese targeted big-name American makers of nuclear and solar technology, stealing confidential business information, sensitive trade secrets and internal communications for competitive advantage, according to a grand jury indictment that the Justice Department said should be a national "wake-up call" about cyber intrusions.
A company's success in the international marketplace should not be based "on a sponsor government's ability to spy and steal business secrets," Attorney General Eric Holder declared at a news conference.
The alleged targets were Alcoa World Alumina, Westinghouse Electric Co., Allegheny Technologies, U.S. Steel Corp., the United Steelworkers Union and SolarWorld. The indictment, which includes charges of trade-secret theft and economic espionage, was issued in Pittsburgh, where most of the companies are based.
China denied it all. In a statement, the Foreign Ministry said the charges were based on "fabricated facts" and would jeopardize China-U.S. "cooperation and mutual trust."
"China is steadfast in upholding cybersecurity," said the statement. "The Chinese government, the Chinese military and their relevant personnel have never engaged or participated in cybertheft of trade secrets. The U.S. accusation against Chinese personnel is purely ungrounded and absurd."
In a further move late Monday, China announced it was suspending cooperation with the U.S. in a joint cybersecurity working group and warned of further retaliation "as the situation evolves." The working group was established in April 2013 following the publication of allegations of spying by the Chinese military and held its first meeting last July.
The announcement from Chinese Foreign Ministry spokesman Qin Gang also sought to turn the spying allegations on the U.S. "China is a victim of severe U.S. cyber theft, wiretapping and surveillance activities," Qin said.
Monday's prosecution was announced on the heels of a separate worldwide operation over the weekend that resulted in the arrests of 97 people in 16 countries who are suspected of developing, distributing or using malicious software called BlackShades. Holder said the two cases illustrate an increased emphasis on cyber threats.
The criminal charges underscore a longtime Obama administrationgoal to prosecute state-sponsored cyberthreats, which U.S. officials say they have grappled with for years. One government report said more than 40 Pentagon weapons programs and nearly 30 other defense technologies have been compromised by cyber intrusions from China. And the cybersecurity firm Mandiant issued a report last year alleging links between a secret Chinese military unit and years of cyberattacks against U.S. companies.
The new indictment attempts to distinguish spying for national security purposes - which the U.S. admits doing - from economic espionage intended to gain commercial advantage for private companies or industries, which the U.S. denies it does. Classified documents disclosed by former National Security Agency analyst Edward Snowden have described aggressive U.S. efforts to eavesdrop on foreign communications that would be illegal in those countries.
Unlike in some countries, there are no nationalized U.S. industries. American officials have flatly denied that the government spies on foreign companies and then hands over commercially valuable information to U.S. companies. In China, though, many companies are state owned, particularly those that supply the military.
"These five people were just doing their jobs. It's just that we object to what their jobs are," said Mark Rasch, a former U.S. cybercrimes prosecutor. "We have tens of thousands of dedicated, hard-working Americans who are just doing their jobs, too."
The indictment says the hackers, officers with China's People's Liberation Army, stole proprietary information from the companies and the labor union, including design specification for Westinghouse pipes and pricing and strategy information from SolarWorld. Working from a building in Shanghai, prosecutors say, the hackers in some cases gained access to networks by sending emails to company employees that looked authentic but that actually contained a link to malicious code.
The defendants are believed to be in China and it was unclear whether any might ever be turned over to the U.S. for prosecution. But the Justice Department, publicizing the charges, identified all five by name and issued "wanted" posters.
"For the first time, we are exposing the faces and names behind the keyboards in Shanghai used to steal from American businesses," said John Carlin, the head of the Justice Department's National Security Division.
U.S. officials have previously asserted that China's army and other China-based hackers have launched computer attacks on American industrial and military targets, often to steal secrets or intellectual property. The Chinese say that actually they are the ones who face a major threat from hackers, and the country's military is believed to be among the biggest targets of the NSA and U.S. Cyber Command.
The new indictment will put a greater strain on the U.S.-China relationship and could provoke retaliatory acts in China or elsewhere, experts say.
"What we can expect to happen is for the Chinese government to indict individuals in the United States who they will accuse of hacking into computers there," said Rasch, the cybersecurity expert. "Everybody now is going to jump into the act, using their own criminal laws to go after what other countries are doing."
In recent months, Washington has been increasingly critical of what it describes as provocative Chinese actions in pursuit of territorial claims in disputed seas in East Asia. Beijing complains that the Obama administration's attempt to redirect its foreign policy toward Asia after a decade of war in the Middle East is emboldening China's neighbors and causing tension.
"If we were trying to make things smoother in this region, this isn't going to help," said Richard Bejtlich, chief security strategist at FireEye, a network security company.
Despite the ominous-sounding allegations, at least one of the firms minimized the hacking. Monica Orbe, Alcoa's director of corporate affairs, said the company believed no sensitive data had been compromised. A spokesperson for SolarWorld said the company was troubled by the allegations but that no customer information was breached.
Last September, President Barack Obama discussed cybersecurity issues on the sidelines of a summit in St. Petersburg, Russia, with Chinese President Xi Jinping.
"China not only does not support hacking but also opposes it," Premier Li Keqiang said last year in a news conference when asked if China would stop hacking U.S. websites. "Let's not point fingers at each other without evidence, but do more to safeguard cyber security."
Associated Press writers Matthew Pennington and Ted Bridis in Washington, Joe Mandak in Pittsburgh and Didi Tang and Christopher Bodeen in Beijing contributed to this report.