© The Financial Times Ltd 2015 FT and 'Financial Times' are trademarks of The Financial Times Ltd.
May 23, 2014 7:11 pm
Near the shore of the East China Sea, where giant cranes and piles of shipping containers mark the skyline of one of the world’s busiest ports, stands the 12-storey building at the centre of a cyber-espionage showdown between the US and China.
There are no outward signs betraying what the US Department of Justice asserts is the Shanghai building’s purpose: housing Unit 61398, a cyber-hacking group attached to the People’s Liberation Army.
A lone uniformed soldier stood guard at the building’s entrance in the days after the DoJ announced criminal charges against five Chinese military officers working at the unit, alleging they had stolen trade secrets and technological knowhow from US companies and unions.
Local residents, oblivious to the geopolitical storm, went about their daily business in the slightly down-at-heel suburb at the end of one of the city’s far-flung subway lines, buying fruit, and getting a massage or a haircut at the neighbourhood beauty shop.
Yet the DoJ’s very public indictment of the five men it claims have been stealing trade secrets from this outpost of China Inc’s intelligence operations has put the building and its occupants on the global stage.
Not only is it the first time the US has charged members of a foreign government with cyber espionage. The case has also redefined an era of geopolitical competition between the world’s creaky reigning superpower and its rising challenger over the uses of cyber space for intelligence and economic advancement.
The Obama administration is using the threat of naming and shaming in criminal cases as part of an effort to raise the cost of Chinese hacking, officials say. But so far, there is no sign that Beijing is listening.
The DoJ’s case was driven by a policy change about 18 months ago in the White House. After warning China repeatedly to stop what it says has been rampant cyber theft, officials decided a new tactic was required.
“The Chinese always said to us – show us some specific cases,” says a former senior administration official, only for Beijing to dismiss the evidence American officials presented.
A report issued by Mandiant, a security consultancy, in April 2013 tracing cyber attacks back to the Shanghai unit, and identifying a number of the PLA officers, added ballast to the policy change under way in the administration.
For Congress, always more hawkish on China than occupants of the White House, the case against the Chinese is overdue. The fact it is largely symbolic and never likely to go to court is beside the point.
“This had to be done. There has been the unmitigated rape of American intellectual property,” says Mike Rogers, chair of the House intelligence committee. “The US government has been very reluctant to do this; people were worried about a trade war or what the Chinese might do to American debt. The Chinese knew this and they have taken full advantage.”
The initial Chinese reaction has been what anyone schooled in tracking Beijing’s rise would expect – a blanket, indignant denial of the charges and defiance in the face of US pressure to change.
A year of leaks about the US’s vast electronic spying operations from Edward Snowden, the exiled intelligence contractor, has reinforced Chinese cynicism about what they regard as hypocritical bullying aimed at constraining a potential rival.
“It’s really amazing some people still believe they have the moral high ground and credibility to accuse others, if we consider the Snowden revelations,” Cui Tiankai, China’s ambassador to Washington, told CNN.
This had to be done. There has been the unmitigated rape of American intellectual property
- Mike Rogers, chair of the House intelligence committee
More than that, Chinese experts see the 56-page US indictment and its damning detail on hacking not as confirmation Beijing should cease its activities. Instead, it is a wake-up call for China to enhance its capabilities to compete with the US.
“Compared even to other countries like Russia, the quality of Chinese hacking attacks is very poor,” says one Chinese cyber-security expert who asked not to be named because of his government job.
“Of 100 attacks we make, the US is able to detect 80 of them, whereas for Russia it’s the opposite. For every 100 they make, only 20 are discovered.”
In a sign of how seriously Beijing takes cyber security, Xi Jinping, China’s president, recently set up a new policy-making body on the issue inside the Communist party and named himself chairman. Mr Xi will oversee the development of the internet and all elements of China’s internet security, which includes its pervasive censorship and information control apparatus.
“At the very least we need to elevate this field [of cyber warfare] to the same level as tactical nuclear warfare and develop our asymmetrical capabilities,” says Fang Binxing, the father of China’s “great firewall” internet censorship regime.
The US announcement was calculated to cause offence in China, with the FBI publishing “Wanted” notices on its website depicting the alleged hackers, some in full PLA regalia, as common criminals.
“They are pretty annoyed, especially with pictures of guys in uniforms on wanted posters,” says Chris Johnson, of the Center for Strategic and International Studies, and formerly the CIA’s chief China analyst, who discussed the case with Chinese officials in Beijing this week.
“This touches on the guardians of the regime at a time when the high politics [in Beijing] are very sensitive,” he says.
One powerful Chinese who will be especially offended is General Fang Fenghui, the chief of the general staff of the PLA, who had just been to Washington but was not told of the coming indictments.
“This is a huge loss of face for Fang Fenghui – he will be in the mood to push back hard and oversees the tools to do so,” says Mr Johnson. “I think we can forget about the military dimensions of the cyber discussions for the moment.”
The lengthy indictment also provides an official imprimatur to what has long been suspected – that the PLA not only hacks on behalf of the government, but also subcontracts its services to Chinese state companies in disputes with the US.
“You had 1,000 guys working for the government during the day coming at you; now you had a 1,000 at night, moonlighting, working against you as well,” says Mr Rogers.
This is a huge loss of face for Fang Fenghui – he will be in the mood to push back hard and oversees the tools to do so
- Chris Johnson, of the Center for Strategic and International Studies
The origins of China’s extensive economic espionage programmes lie in the mid-1980s, when cyber spying and state-sponsored hacker armies still existed only in science fiction. In March 1986 four of China’s most distinguished strategic weapons technicians proposed a programme of scientific and technological development to modernise the economy and military.
The proposal, known as the “863 programme” after the date – the third month of 1986 – was enthusiastically endorsed by then paramount leader Deng Xiaoping and soon became a national priority.
In 1986, with the programme under way, the top posts of every key industrial, science and planning bureaucracy in China were held by strategic weapons experts who had come out of the military science system.
The stated role of the programme was to develop China’s technological prowess for the glory of the nation and the Communist party by “absorption and digestion” of foreign technology. But from the start the programme blurred the lines between national security, defence and economic development, initially by state-owned enterprises but later by private companies as well.
In dealing with China’s cyber spies, the US has tried hard to draw a distinction between military spying, which it acknowledges all countries engage in, and state-sponsored commercial espionage, which it denies any involvement with.
The revelations about US electronic spying have eroded Washington’s credibility on this point. But China’s policies make such distinctions difficult in any case, because the economy is still dominated by state enterprises, under the Communist party.
Jon Lindsay, a research scientist at the University of California in San Diego, estimates China has about 20 large hacking groups. But he cautions against a simplistic belief that any theft is easily translated into economic gains. “You have a lot of difficulty in converting that into something that is useful,” he says.
Some analysts argue that the US indictments will ultimately prove self-defeating since they will antagonise China without providing impetus for Beijing to change its behaviour.
Rogier Creemers of Oxford university says the US could have filed a civil intellectual property or trade secrets suit against Chinese companies that use allegedly stolen information. “A civil conviction would impact Chinese SOEs’ ability to operate lawfully in overseas markets, apply for stock exchange listings and even settle payments in dollars,” he says.
Still, the announcement of the case against Unit 61398 bought bipartisan applause in the US Congress – and whetted the appetite for more.
“Strap on your helmet,” says Mr Rogers. “It’s going to be a bumpy flight.”
Additional reporting by Gu Yu
Please don't cut articles from FT.com and redistribute by email or post to the web.
Sign up for email briefings to stay up to date on topics you are interested in