recommended reading

U.S. Files Criminal Charges Against Chinese Military Officials for Hacking American Companies

Charles Dharapak/AP

The Department of Justice said it will charge five members of the Chinese military for hacking into American companies, marking the first time that U.S. is taking legal action against employees of a foreign government over cyber crimes. 

One unnamed military source told NBC that those accused "used military and intelligence facilities to commit cyber espionage against U.S. companies." U.S. officials have long pointed to China as the source of cyber attacks on American firms, per NBC, but never made such concrete charges before.

"Chinese actors are the world's most active and persistent perpetrators of economic espionage," said the Office of the National Counterintelligence Executive, a U.S. government agency, in a 2011 report. A year ago, several U.S. newspapers, including TheNew York Times and The Wall Street Journal, said hackers traced to China attacked their newsroom computer systems.

The accusations have flown both ways. The Washington Post reported back in March that China was not pleased with the U.S. government's treatment of its computer systems: 

Tensions over U.S. cyber operations intensified again last weekend after a report that the NSA had penetrated the networks of a Chinese telecommunications giant, Huawei Technologies, in search of evidence that it was involved in espionage operations for Beijing and to use its equipment to spy on adversaries such as Iran. After the disclosure, first reported by the New York Times and Der Spiegel, China demanded a halt to any such activity and called for an explanation.

Attorney General Eric Holder is set to announce more details of the criminal charges later today. The Wall Street Journal reports that the individuals charged apparently work for Unit 61398 of the People's Liberation Army in Shanghai, and stole proprietary information from yet-unnamed firms — including nuclear power plant designs, and information about solar panel cost and pricing.

Update 10:35 a.m.: In a press conference on Monday, Attorney General Eric Holder named the six companies affected by the hack: Westinghouse, Alcoa, U.S. Steel, the United Steel Workers Union, Allegheny Technologies Inc. and Solar World. Holder called the indictment a "groundbreaking step forward in addressing" the threat of cyber security. "Enough is enough," he added. 

Holder and the DOJ and FBI representatives said that the indictment outlines specific incidences where Chinese hacking has made it impossible for these companies to compete on a global scale. The loss of intellectual property, they say, has led to layoffs and other economic setbacks at home.

CNN is also reporting that the FBI joined police in several countries to arrest more than 100 hackers worldwide for using the malware known as Blackshades, in the culmination of a years-long investigation. Per CNN: 

The malware sells for as little as $40. It can be used to hijack computers remotely and turn on webcams, access hard drives and capture keystrokes to steal passwords without the victim's knowledge. Criminals have used it for everything from extortion to bank fraud, the FBI says.

The malware is one of the most popular softwares cyber criminals use to target victims. Holder said that another press conference will be held to discuss Blackshades later on Monday. 

Threatwatch Alert

Spear-phishing / Stolen credentials / User accounts compromised

Gmail Scam Tricks Users With Convincing Login Page

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.