China warns Washington it could take 'further action' over US hacking charges

The US Justice Department on Monday indicted five members of the Chinese military on charges they stole US secrets through hacking to aid state-owned companies. Beijing quickly rejected the claims

PUBLISHED : Monday, 19 May, 2014, 10:19pm
UPDATED : Thursday, 14 June, 2018, 12:01pm

Watch: US indicts five members of China military for hacking

China summoned the US ambassador after the United States accused five Chinese military officers of hacking into American companies to steal trade secrets, warning Washington it could take "further action", state media said today.

The US Ambassador to China, Max Baucus, met with Zheng Zeguang, assistant foreign minister, shortly after the United States charged the five Chinese, accusing them of hacking into American nuclear, metal and solar companies to steal trade secrets.

Zheng "protested" the actions by the United States, saying the indictment had seriously harmed relations between both countries, state news agency Xinhua said.

Zheng told Baucus that depending on the development of the situation, China "will take further action on the so-called charges by the United States".

The Chinese are accused of targeting big-name American makers of nuclear and solar technology, and stealing confidential business information, sensitive trade secrets and internal communications for competitive advantage, according to a grand jury indictment which the Chinese government swiftly denied.

The alleged targets were Alcoa, Westinghouse, Allegheny Technologies, US Steel, the United Steelworkers Union and SolarWorld. The indictment, which includes charges of trade-secret theft and economic espionage, was issued in Pittsburgh, where most of the companies are based.

China denied the charges and summoned the US ambassador. In a statement, the Foreign Ministry said they were based on “fabricated facts” and would jeopardise China-US “co-operation and mutual trust”.

“China is steadfast in upholding cybersecurity,” said the statement. “The Chinese government, the Chinese military and their relevant personnel have never engaged or participated in cybertheft of trade secrets. The US accusation against Chinese personnel is purely ungrounded and absurd.”

China also decided to suspend activities of the China-US Cyber Working Group as the US announced the indictment. “Given the lack of sincerity on the part of the US to solve issues related to cybersecurity through dialogue and co-operation, China has decided to suspend activities of the China-US Cyber Working Group,” said Foreign Ministry spokesman Qin Gang said on Monday.

China has, on many occasions, made serious representations with the US side, Qin said, “We once again strongly urge the US side to make a clear explanation of what it has done and immediately stop such kind of activities.” Qin warned that China would react further to the US “indictment” as the situation evolves.

A statement release by Xinhua, citing a foreign ministry press release, said: "Chinese Assistant Foreign Minister Zheng Zeguang summoned US Ambassador to China Max Baucus on Monday night, lodging a solemn representation with the U.S. side over the indictment against five Chinese military officers despite China's strong protest."

Watch: Hacker’s toolbox

The US charges underscore a longtime Obama administration goal to prosecute state-sponsored cyberthreats, which US officials say they have grappled with for years. One government report said more than 40 Pentagon weapons programmes and nearly 30 other defence technologies have been compromised by cyber intrusions from China.

A company’s success in the international marketplace should not be based “on a sponsor government’s ability to spy and steal business secrets,” Attorney General Eric Holder declared at a news conference.

The cybersecurity firm Mandiant issued a report last year alleging links between a secret Chinese military unit and years of cyberattacks against US companies.

Monday’s prosecution was announced on the heels of a separate worldwide operation over the weekend that resulted in the arrests of 97 people in 16 countries who are suspected of developing, distributing or using malicious software called BlackShades.

The new indictment attempts to distinguish spying for national security purposes – which the US admits doing – from economic espionage intended to gain commercial advantage for private companies or industries, which the US denies it does. Classified documents disclosed by former National Security Agency analyst Edward Snowden have described aggressive US efforts to eavesdrop on foreign communications that would be illegal in those countries.’

Beijing has said Washington is hypocritical because it conducts widespread surveillance around the world, as revealed by Snowden.

Snowden’s leaks have indicated that the US has hacked into Chinese telecom giant Huawei – whose own attempts to penetrate the US market have been blocked by US lawmakers’ concerns on national security.

The US is known to have invested heavily in cyberwarfare, with the Pentagon setting up a dedicated unit, and it is widely suspected to have worked with Israel to infect Iran’s nuclear programme.

There are no nationalised US industries. American officials have flatly denied that its government spies on foreign companies and then hands over commercially valuable information to US companies. In China, though, many companies are state owned, particularly those that supply the military.

“These five people were just doing their jobs. It’s just that we object to what their jobs are,” said Mark Rasch, a former US cybercrimes prosecutor. “We have tens of thousands of dedicated, hard-working Americans who are just doing their jobs, too.”

The indictment says that hackers, officers with the China’s People’s Liberation Army, stole proprietary information from the companies and the labour union, including design specification for Westinghouse pipes and pricing and strategy information from SolarWorld.

Working from a non-descript, 12-storey building on the outskirts of Shanghai the hacking group known as APT1 – which stands for “Advanced Persistent Threat” – was believed to be a branch of what is known as Unit 61398 of the PLA. It had stolen data from at least 141 organisations spanning 20 industries, the 2013 Mandiant study said.

US prosecutors say, the hackers in some cases gained access to computer networks by sending e-mails to company employees that looked authentic but that actually contained a link to malicious code.

The defendants – Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui – are all believed to be in China and it was unclear whether any might ever be turned over to the US for prosecution. But the Justice Department, publicising the charges, identified all five by name and issued “wanted” posters.

“For the first time, we are exposing the faces and names behind the keyboards in Shanghai used to steal from American businesses,” said John Carlin, the head of the Justice Department’s National Security Division.

US officials have previously asserted that China’s army and other China-based hackers have launched computer attacks on American industrial and military targets, often to steal secrets or intellectual property. The Chinese say that actually they are the ones who face a major threat from hackers, and the country’s military is believed to be among the biggest targets of the NSA and US Cyber Command.

A separate report led by former US officials estimated last year that hacking was costing the US economy more than US$300 billion each year – equivalent to what the United States sells to Asia per annum.

The new indictment will put a greater strain on the US-China relationship and may provoke retaliatory acts in China or elsewhere.

“What we can expect to happen is for the Chinese government to indict individuals in the United States who they will accuse of hacking into computers there,” said Rausch, the cybersecurity expert. “Everybody now is going to jump into the act, using their own criminal laws to go after what other countries are doing.”

In recent months, Washington has been increasingly critical of what it describes as provocative Chinese actions in pursuit of territorial claims in disputed seas in East Asia. Beijing complains that the Obama administration’s attempt to redirect its foreign policy toward Asia after a decade of war in the Middle East is emboldening China’s neighbours and causing tension.

“If we were trying to make things smoother in this region, this isn’t going to help,” said Richard Bejtlich, chief security strategist at FireEye, a network security company.

Despite the ominous-sounding allegations, at least one of the firms minimised the hacking. Monica Orbe, Alcoa’s director of corporate affairs, said the company believed no sensitive data had been compromised. A spokesperson for SolarWorld, which has long accused China of unfair trade practices, said the company was troubled by the allegations but that no customer information was breached.

Last September, President Barack Obama discussed cybersecurity issues on the sidelines of a summit in St Petersburg, Russia, with Chinese President Xi Jinping.

“China not only does not support hacking but also opposes it,” Premier Li Keqiang said last year in a news conference when asked if China would stop hacking US websites. “Let’s not point fingers at each other without evidence, but do more to safeguard cyber security.”