By William Knowles @c4i
May 19, 2014
For the first time ever, a U.S. grand jury in the Western District of Pennsylvania has indicted five Chinese military hackers for computer hacking, economic espionage, trade secret theft, aggravated identity theft, and other offenses directed at six American victims such as a labor union, critical infrastructure, metals and solar industries from 2006 to the present.
The 56 page indictment alleges that the defendants, Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui, who were officers in Unit 61398 of the Third Department of the Chinese People’s Liberation Army (PLA) hacked into American entities, to maintain unauthorized access to their computers and to steal information from those entities that would be useful to their competitors in China.
This including state-owned enterprises (SOEs). In some cases, it alleges, the conspirators stole trade secrets that would have been particularly beneficial to Chinese companies at the time they were stolen. In other cases, it alleges, the conspirators also stole sensitive, internal communications that would provide a competitor, or an adversary in litigation, with insight into the strategy and vulnerabilities of the American entity.
“For too long, the Chinese government has blatantly sought to use cyber espionage to obtain economic advantage for its state-owned industries,” said FBI Director James B. Comey. “The indictment announced today is an important step. But there are many more victims, and there is much more to be done. With our unique criminal and national security authorities, we will continue to use all legal tools at our disposal to counter cyber espionage from all sources.”
“This is a case alleging economic espionage by members of the Chinese military and represents the first ever charges against a state actor for this type of hacking,” U.S. Attorney General Eric Holder said. “The range of trade secrets and other sensitive business information stolen in this case is significant and demands an aggressive response. Success in the global marketplace should be based solely on a company’s ability to innovate and compete, not on a sponsor government’s ability to spy and steal business secrets. This Administration will not tolerate actions by any nation that seeks to illegally sabotage American companies and undermine the integrity of fair competition in the operation of the free market.
“State actors engaged in cyber espionage for economic advantage are not immune from the law just because they hack under the shadow of their country’s flag,” said John Carlin, Assistant Attorney General for National Security. “Cyber theft is real theft and we will hold state-sponsored cyber thieves accountable as we would any other transnational criminal organization that steals our goods and breaks our laws.
Soon after the indictment, the Ministry of Foreign Affairs for the People’s Republic of China, Foreign Ministry Spokesperson Qin Gang made the following remarks regarding the US Justice Department’s announcement of indictment against five Chinese military officers:
On May 19, the US side announced the indictment against five Chinese military officers on allegation of cyber theft. This US move, which is based on fabricated facts, grossly violates the basic norms governing international relations and jeopardizes China-US cooperation and mutual trust. China lodged a protest with the US side right after the announcement, urging the US side to immediately correct its mistake and withdraw the “indictment”
China has decided to suspend activities of the China-US Cyber Working Group. China will react further to the US “indictment” as the situation evolves.
In February 2013, The Alexandria VA. based information security company Mandiant, published their APT1 report featuring PLA Unit 61398 which showed the PLA conducted economic espionage against 141 victims across multiple industries, Unit 61398’s modus operandi (tools, tactics, procedures) including a compilation of videos showing actual APT1 activity.