Five Chinese military officers were indicted Monday by a federal grand jury in the Western District of Pennsylvania on charges of computer hacking and economic espionage, among other crimes. The hackers were allegedly targeting six entities in the U.S. nuclear power, metals and solar products industries.
According to the indictment, the defendants conspired to hack into American entities so they could gain and maintain illegal access to their computers and to steal information that would be useful to their competitors in China, including state-owned enterprises.
The indictment also alleges that the hackers, using Chinese military and intelligence resources, downloaded massive amounts of industrial information, including strategic plans, from U.S. businesses. The six U.S. entities were Westinghouse Electric, U.S. Steel, SolarWorld, the United Steel Workers Union, Allegheny Technologies and Alcoa.
First Time for Everything
U.S. Attorney General Eric Holder said the case represents the first-ever charges against a state actor for this type of hacking. He called the range of trade secrets and other sensitive business information stolen in this case "significant" and said it demands an aggressive response.
"Success in the global market place should be based solely on a company's ability to innovate and compete, not on a sponsor government's ability to spy and steal business secrets," Holder said. "This administration will not tolerate actions by any nation that seeks to illegally sabotage American companies and undermine the integrity of fair competition in the operation of the free market."
Mike Davis, CTO of CounterTack, a real-time endpoint security firm, told us there's a growing legion of criminal enterprises like the Chinese People's Liberation Army that are looking to try anything to get data as part of large-scale cyber-espionage efforts.
"It's just part of the game now, but these enterprises are well funded, and they are persistent. It's interesting that this news surfaced today," Davis said. "There is a substantial long-term play in terms of how the U.S. will prosecute these types of criminals, striking a delicate balance between using a heavy hand now to send a message -- depending on what the charges and sentence is -- but also to say that the U.S. isn't showing any type of weakness in its cyber-security approach."
An Important Move
Tom Cross, director of security research at network security firm Lancope, said this was an important move by the U.S. Department of Justice toward establishing a set of international norms regarding cyber-espionage.
"A clear international legal framework exists for acts of warfare between nation states, even if those acts occur in cyberspace, but that framework only applies to attacks that damage physical infrastructure or that have the potential to harm people," Cross told us. "There are fewer rules that apply to spying activity."
Cross said the Internet has proven to be a bonanza for spies, who can now directly connect to the computers and communications devices that are being used by their targets, without having to leave the comfort of their home countries. Spying in cyberspace has become rampant and affects organizations of all sizes and in all lines of work, he said, from multinational corporations to individual political activists.
Part of addressing the problem of international spying on the Internet involves setting standards for what is and is not an acceptable target, Cross said. While he doubts that foreign military commanders who are prosecuted by the U.S. Department of Justice will be apprehended and brought to justice, he said, these prosecutions do send a clear message regarding what sort of behavior the United States views as unacceptable.
His conclusion: "That message will prompt a dialog about international norms in this area, and having that dialog is a vital part of coming to grips with the impact that Internet security issues are having on our societies."