WASHINGTON – The United States, accusing China of vast business spying, charged five military officials on Monday with hacking into U.S. companies to steal vital trade secrets in a case intensifying already-rising tensions between the international economic giants.
The Chinese targeted big-name American makers of nuclear and solar technology, stealing confidential business information, sensitive trade secrets and internal communications for competitive advantage, according to a grand jury indictment that the Justice Department said should be a national “wake-up call” about cyber intrusions.
A company’s success in the international marketplace should not be based “on a sponsor government’s ability to spy and steal business secrets,” Attorney General Eric Holder declared at a news conference.
The alleged targets were Alcoa World Alumina, Westinghouse Electric Co., Allegheny Technologies, U.S. Steel Corp., the United Steelworkers Union and SolarWorld. The indictment, which includes charges of trade-secret theft and economic espionage, was issued in Pittsburgh, where most of the companies are based.
China denied it all. In a statement, the Foreign Ministry said the charges were based on “fabricated facts” and would jeopardize China-U.S. “co-operation and mutual trust.”
“China is steadfast in upholding cybersecurity,” said the statement. “The Chinese government, the Chinese military and their relevant personnel have never engaged or participated in cybertheft of trade secrets. The U.S. accusation against Chinese personnel is purely ungrounded and absurd.”
In a further move late Monday, China announced it was suspending co-operation with the U.S. in a joint cybersecurity working group and warned of further retaliation “as the situation evolves.”
The working group was established in April 2013 following the publication of allegations of spying by the Chinese military and held its first meeting last July.
The announcement from Chinese Foreign Ministry spokesman Qin Gang posted to the ministry’s website also sought to turn the spying allegations on the U.S. “China is a victim of severe U.S. cyber theft, wiretapping and surveillance activities,” Qin said.
Monday’s prosecution was announced on the heels of a separate worldwide operation over the weekend that resulted in the arrests of 97 people in 16 countries who are suspected of developing, distributing or using malicious software called BlackShades. Holder said the two cases illustrate an increased emphasis on cyber threats.
The charges underscore a longtime Obama administration goal to prosecute state-sponsored cyberthreats, which U.S. officials say they have grappled with for years. One government report said more than 40 Pentagon weapons programs and nearly 30 other defence technologies have been compromised by cyber intrusions from China. The cybersecurity firm Mandiant issued a report last year alleging links between a secret Chinese military unit and years of cyberattacks against U.S. companies.
Monday’s prosecution was announced on the heels of a separate worldwide operation over the weekend that resulted in the arrests of 97 people in 16 countries who are suspected of developing, distributing or using malicious software called BlackShades.
The new indictment attempts to distinguish spying for national security purposes – which the U.S. admits doing – from economic espionage intended to gain commercial advantage for private companies or industries, which the U.S. denies it does. Classified documents disclosed by former National Security Agency analyst Edward Snowden have described aggressive U.S. efforts to eavesdrop on foreign communications that would be illegal in those countries.
Unlike in some countries, there are no nationalized U.S. industries. American officials have flatly denied that the government spies on foreign companies and then hands over commercially valuable information to U.S. companies. In China, though, many companies are state owned, particularly those that supply the military.
“These five people were just doing their jobs. It’s just that we object to what their jobs are,” said Mark Rasch, a former U.S. cybercrimes prosecutor. “We have tens of thousands of dedicated, hard-working Americans who are just doing their jobs, too.”
The indictment says that hackers, officers with the China’s People’s Liberation Army, stole proprietary information from the companies and the labour union, including design specification for Westinghouse pipes and pricing and strategy information from SolarWorld. Working from a building in Shanghai, prosecutors say, the hackers in some cases gained access to computer networks by sending emails to company employees that looked authentic but that actually contained a link to malicious code.
The defendants are all believed to be in China and it was unclear whether any might ever be turned over to the U.S. for prosecution. But the Justice Department, publicizing the charges, identified all five by name and issued “wanted” posters.
“For the first time, we are exposing the faces and names behind the keyboards in Shanghai used to steal from American businesses,” said John Carlin, the head of the Justice Department’s National Security Division.
U.S. officials have previously asserted that China’s army and other China-based hackers have launched computer attacks on American industrial and military targets, often to steal secrets or intellectual property. The Chinese say that actually they are the ones who face a major threat from hackers, and the country’s military is believed to be among the biggest targets of the NSA and U.S. Cyber Command.
The new indictment will put a greater strain on the U.S.-China relationship and could provoke retaliatory acts in China or elsewhere.
“What we can expect to happen is for the Chinese government to indict individuals in the United States who they will accuse of hacking into computers there,” said Rasch, the cybersecurity expert. “Everybody now is going to jump into the act, using their own criminal laws to go after what other countries are doing.”
In recent months, Washington has been increasingly critical of what it describes as provocative Chinese actions in pursuit of territorial claims in disputed seas in East Asia. Beijing complains that the Obama administration’s attempt to redirect its foreign policy toward Asia after a decade of war in the Middle East is emboldening China’s neighbours and causing tension.
“If we were trying to make things smoother in this region, this isn’t going to help,” said Richard Bejtlich, chief security strategist at FireEye, a network security company.
Despite the ominous-sounding allegations, at least one of the firms minimized the hacking. Monica Orbe, Alcoa’s director of corporate affairs, said the company believed no sensitive data had been compromised. A spokesperson for SolarWorld, which has long accused China of unfair trade practices, said the company was troubled by the allegations but that no customer information was breached.
Last September, President Barack Obama discussed cybersecurity issues on the sidelines of a summit in St. Petersburg, Russia, with Chinese President Xi Jinping.
“China not only does not support hacking but also opposes it,” Premier Li Keqiang said last year in a news conference when asked if China would stop hacking U.S. websites. “Let’s not point fingers at each other without evidence, but do more to safeguard cyber security.”
Associated Press reporters Matthew Pennington and Ted Bridis in Washington, Joe Mandak in Pittsburgh, and Didi Tang and Christopher Bodein in Beijing contributed to this report.