U.S. Charges Five Chinese Military Hackers for Cyber Espionage

[ameriken]

Chinese military unit charged with cyber-espionage against U.S. firms

 

 

By Ellen Nakashima and William Wan, Published: May 19 E-mail the writers

The Justice Department has indicted five members of the Chinese military on charges of hacking into computers and stealing valuable trade secrets from leading steel, nuclear plant and solar power firms, marking the first time that the United States has leveled such criminal charges against a foreign country.

The landmark case paves the way for more indictments and demonstrates that the United States is serious about holding foreign governments accountable for crimes committed in cyberspace, officials said at a news conference Monday.

The Obama administration “will not tolerate actions by any nation that seeks to illegally sabotage American companies and undermine the integrity of fair competition in the operation of the free market,” Attorney General Eric H. Holder Jr. said.

The decision to confront China grew out of a White House strategy formulated two years ago to impose increasing costs on Beijing if it didn’t respond to requests to stop its widespread hacking for commercial advantage. The indictment is intended to address what President Obama and senior intelligence officials have called one of the top threats to national and economic security, with an estimated annual cost to the U.S. economy that ranges from the tens of billions of dollars to more than $100 billion.

The criminal charges provoked a response from Beijing, which said Monday that it was suspending high-level cyber talks with the United States that began in June.

China has summoned the U.S. ambassador over the hacking charges. According to an online notice posted Tuesday by state-run Xinhua on Weibo, Assistant Foreign Minister Zheng Zeguang summoned Abassador Max Baucus to complain that U.S. authorities published their indictment ignoring the strong protests by Chinese authorities.

“Given the lack of sincerity by the United States for cooperation to solve cyber security problems through dialogue, China has decided to suspend the activities of the Sino-U.S. Cyber Working Group,” Foreign Ministry Spokesman Qin Gang said in a statement.

The charges are “purely ungrounded and absurd,” Qin said. He added that the United States had “fabricated facts” in the indictment, which he said “seriously violates basic norms of international relations and damages Sino-U.S. cooperation and mutual trust.”

The leaks from former National Security Agency contractor Edward Snowden already had complicated the talks. Beijing has pointed to disclosures by Snowden of vast NSA surveillance activities — including spying on Chinese companies — to assert that the United States is the greater aggressor in the area.

State Department spokeswoman Jen Psaki said, “We regret China’s decisions.” But she added that she does not think the development will affect strategic and economic dialogue meetings with China, scheduled for early July.

More: http://www.washingtonpost.com/world/national-security/us-to-announce-first-criminal-charges-against-foreign-country-for-cyberspying/2014/05/19/586c9992-df45-11e3-810f-764fe508b82d_story.html

[Randy W]

. . . and the response from Xinhua

China publishes latest data of US cyber attack

Quote

The US is the biggest attacker of China's cyber space, the spokesperson said, adding that the US charges of hacking against five Chinese military officers on Monday are "groundless".

Latest data from the National Computer Network Emergency Response Technical Team Coordination Center of China (NCNERTTCC) showed that from March 19 to May 18, a total of 2,077 Trojan horse networks or botnet servers in the US directly controlled 1.18 million host computers in China.

The NCNERTTCC found 135 host computers in the US carrying 563 phishing pages targeting Chinese websites that led to 14,000 phishing operations. In the same period, the center found 2,016 IP addresses in the US had implanted backdoors in 1,754 Chinese websites, involving 57,000 backdoor attacks.

The US attacks, infiltrates and taps Chinese networks belonging to governments, institutions, enterprises, universities and major communication backbone networks. Those activities target Chinese leaders, ordinary citizens and anyone with a mobile phone. In the meantime, the US repeatedly accuses China of spying and hacking.

 

[ameriken]

Shot across the bow...

[Greg.D.]

China's counter claims are pretty silly. Do they allege that the US government and/or military are behind building a network of Zombie PCs in China? To what end? Spamming? DDOS attacks? No, in fact, they're not alleging that. But, if you know much about computers and networks, their response sounds like North Korea composed it.

 

From The Register:

 

"In the past, when we brought concerns such as these to Chinese government officials, they responded by publicly challenging us to provide hard evidence of their hacking that could stand up in court," said Assistant Attorney General for National Security John Carlin.

 

"Well today, we are. For the first time, we are exposing the faces and names behind the keyboards in Shanghai used to steal from American businesses."

 

There's "spying", which all governments of significance do, and then there's state-sponsored industrial espionage for stealing trade secrets and helping to get an unfair advantage in business dealings, i.e. China's model.

 

Greg

[Randy W]

More in the New York Times today - past my bedtime, I'll check it out tomorrow. Right off hand, though, it's not clear why these files would be left exposed on their networks, even internally.

 

For U.S. Companies That Challenge China, the Risk of Digital Reprisal

 

Two large American steel makers, U.S. Steel and Allegheny Technologies, each lost confidential files giving access to their computer networks.

 

The largest solar panel manufacturer in the United States, SolarWorld, allegedly lost technological secrets, production cost data, cash flow projections and the details of its legal strategy.

The United Steelworkers union lost computer records containing trade policy strategies and discussions about rare earth metals and auto parts.

All four had something in common besides data theft: Each was in the middle of pushing back against China’s trade policies by seeking help from the World Trade Organization or the Commerce Department.

 

[lhp]

Absolutely, Greg. The US's allegation is that members of the Chinese military performed acts of corporate espionage (a) in an official capacity (b) in order to provide Chinese companies with a competitive advantage. This is very different to regular acts of spying…but what with the Snowden/Greedwald leaks, in the court of public opinion it'll be hard for the US to look like it has any sort of moral high ground.

[danb]

Seems like the war of words and actions are ratcheting up a bit or at least has returned. A month or so ago everyone was playing nice and trying to cooperate in finding the missing Malaysian airline MH370. But now we are back to "he is...not you are and He said ...no I didn't..." type games. It is a shame. Danb

 

[Greg.D.]

I guess the recent show of naming names (in the military) was planned for just about the time that Snowden started talking (coincidentally from HK) so it was delayed.

 

If you do business in China, you know these "revelations" merely describe the standard operating procedure in nearly every stratum of the culture. So, China, for your own sake: will you stubbornly hold to these behaviors and lose even more trust? For now, the answer seems to be "yes". I could say more, but I would either be preaching to the choir or riling those who still see China through rose-tinted glasses.

Greg

[credzba]

. . . and the response from Xinhua

 

China publishes latest data of US cyber attack

 

Quote

 

 

The US is the biggest attacker of China's cyber space, the spokesperson said, adding that the US charges of hacking against five Chinese military officers on Monday are "groundless".

 

Latest data from the National Computer Network Emergency Response Technical Team Coordination Center of China (NCNERTTCC) showed that from March 19 to May 18, a total of 2,077 Trojan horse networks or botnet servers in the US directly controlled 1.18 million host computers in China.

 

The NCNERTTCC found 135 host computers in the US carrying 563 phishing pages targeting Chinese websites that led to 14,000 phishing operations. In the same period, the center found 2,016 IP addresses in the US had implanted backdoors in 1,754 Chinese websites, involving 57,000 backdoor attacks.

 

The US attacks, infiltrates and taps Chinese networks belonging to governments, institutions, enterprises, universities and major communication backbone networks. Those activities target Chinese leaders, ordinary citizens and anyone with a mobile phone. In the meantime, the US repeatedly accuses China of spying and hacking.

 

link is missing an 'E' It is corrected in this reply

[Randy W]

 

. . . and the response from Xinhua

 

China publishes latest data of US cyber attack

 

Quote

 

 

The US is the biggest attacker of China's cyber space, the spokesperson said, adding that the US charges of hacking against five Chinese military officers on Monday are "groundless".

 

Latest data from the National Computer Network Emergency Response Technical Team Coordination Center of China (NCNERTTCC) showed that from March 19 to May 18, a total of 2,077 Trojan horse networks or botnet servers in the US directly controlled 1.18 million host computers in China.

 

The NCNERTTCC found 135 host computers in the US carrying 563 phishing pages targeting Chinese websites that led to 14,000 phishing operations. In the same period, the center found 2,016 IP addresses in the US had implanted backdoors in 1,754 Chinese websites, involving 57,000 backdoor attacks.

 

The US attacks, infiltrates and taps Chinese networks belonging to governments, institutions, enterprises, universities and major communication backbone networks. Those activities target Chinese leaders, ordinary citizens and anyone with a mobile phone. In the meantime, the US repeatedly accuses China of spying and hacking.

 

link is missing an 'E' It is corrected in this reply

 

 

It sure is. Thanks. I corrected the original also.

[Randy W]

From the Global Times

 

http://www.globaltimes.cn/Portals/0/attachment/2011/f79aaebe-8653-4f5d-8933-b8f8e0329970.jpeg