© The Financial Times Ltd 2015 FT and 'Financial Times' are trademarks of The Financial Times Ltd.
Last updated: May 19, 2014 6:23 pm
The US has filed criminal charges against five Chinese military officers, alleging they hacked into the computer systems of five US companies and a labour union to steal trade secrets, the first time Washington has singled out a foreign government for such offences.
The announcement by Eric Holder, the attorney-general, marks a substantial escalation in US efforts to curb what it claims has been widespread theft of information and technology by Chinese military and intelligence for commercial advantage.
The justice department said a unit of the People’s Liberation Army in Shanghai had targeted Alcoa, Allegheny Technologies, SolarWorld, US Steel and Westinghouse Electric, as well as the United Steelworkers Union.
The charges follow the leaks by Edward Snowden, the former US intelligence contractor, detailing how US intelligence has hacked into foreign companies, including Chinese enterprises such as Huawei.
However, Mr Holder maintained that while all countries engage in espionage, the US does not provide information gathered by its intelligence agencies to US companies for commercial gain.
“What distinguishes this case is that we have state-sponsored entities using intelligence tools to gain commercial advantage,” he said.
China reacted angrily to the indictment, saying the charges were based on “fabrications” and a “serious breach of international norms”, and should be withdrawn.
“It is a fact known to all that US institutions have long been involved in large-scale and organised cyber theft as well as wiretapping and surveillance activities against foreign political leaders, companies and individuals,” said a foreign ministry spokesman, Qin Gang.
The impact of the indictments is largely political, as China will not hand over the officials named in the charges to the US. The individuals’ travel, however, will be restricted, as they could be arrested outside China.
Mr Holder said an FBI investigation traced the hacking back to a single building in Shanghai housing the PLA’s 61398 Unit, long alleged to be the source of hacking of overseas targets.
“These represent the first ever charges against known state actors for infiltrating US commercial targets by cyber means,” he said.
“The alleged hacking appears to have been conducted for no reason other than to advantage state-owned companies and other interests in China, at the expense of businesses here in the United States.”
As online threats race up national security agendas and governments look at ways of protecting their national infrastructures, a cyber arms race is causing concern
The US has been weighing for more than a year whether to prosecute foreign officials for the cyber theft of US commercial and government information in an effort to raise the potential cost of such attacks.
The justice department’s national security division has been training prosecutors on how to proceed with such indictments.
The US claims its companies and government departments have been subjected to a rising number of attacks by foreign hackers.
Along with Russia, the main source of those attacks in recent years has been China and groups linked to the Chinese military.
James Lewis, of the Center for Strategic and International Studies in Washington, said the US government had struggled to find companies that were willing to speak up and provide evidence that they had been hacked and their technology stolen.
“Multinationals and companies which have a lot of business in China were not willing to go public,” he said.
John Carlin, head of the justice department’s national security division, said the indictment contained “specific actions on specific days by specific actors to use their computers to steal information from across our economy”.
Mr Carlin alleged the PLA hacked into SolarWorld to benefit its Chinese competitors and Westinghouse when it was negotiating with Chinese state enterprises to build power plants in the country.
In a statement, Alcoa said: “To our knowledge, no material information was compromised during this incident, which occurred several years ago.”
“Safeguarding our data is a top priority for Alcoa and we continue to invest resources to protect our systems.”
SolarWorld said none of its employee or customer databases had been breached but added that it was deeply troubled by the allegations. “It’s yet another example of the Chinese government’s systematic campaign to seek unfair advantage in the US and global solar industry,” the company said.
Additional reporting by Ed Crooks in New York
Copyright The Financial Times Limited 2015. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.
Sign up for email briefings to stay up to date on topics you are interested in