Cybersecurity

U.S. Files Criminal Charges Against Chinese Military Officials for Hacking American Companies

Charles Dharapak/AP

The Department of Justice said it will charge five members of the Chinese military for hacking into American companies, marking the first time that U.S. is taking legal action against employees of a foreign government over cyber crimes. 

One unnamed military source told NBC that those accused "used military and intelligence facilities to commit cyber espionage against U.S. companies." U.S. officials have long pointed to China as the source of cyber attacks on American firms, per NBC, but never made such concrete charges before.

"Chinese actors are the world's most active and persistent perpetrators of economic espionage," said the Office of the National Counterintelligence Executive, a U.S. government agency, in a 2011 report. A year ago, several U.S. newspapers, including TheNew York Times and The Wall Street Journal, said hackers traced to China attacked their newsroom computer systems.

The accusations have flown both ways. The Washington Post reported back in March that China was not pleased with the U.S. government's treatment of its computer systems: 

Tensions over U.S. cyber operations intensified again last weekend after a report that the NSA had penetrated the networks of a Chinese telecommunications giant, Huawei Technologies, in search of evidence that it was involved in espionage operations for Beijing and to use its equipment to spy on adversaries such as Iran. After the disclosure, first reported by the New York Times and Der Spiegel, China demanded a halt to any such activity and called for an explanation.

Attorney General Eric Holder is set to announce more details of the criminal charges later today. The Wall Street Journal reports that the individuals charged apparently work for Unit 61398 of the People's Liberation Army in Shanghai, and stole proprietary information from yet-unnamed firms — including nuclear power plant designs, and information about solar panel cost and pricing.

Update 10:35 a.m.: In a press conference on Monday, Attorney General Eric Holder named the six companies affected by the hack: Westinghouse, Alcoa, U.S. Steel, the United Steel Workers Union, Allegheny Technologies Inc. and Solar World. Holder called the indictment a "groundbreaking step forward in addressing" the threat of cyber security. "Enough is enough," he added. 

Holder and the DOJ and FBI representatives said that the indictment outlines specific incidences where Chinese hacking has made it impossible for these companies to compete on a global scale. The loss of intellectual property, they say, has led to layoffs and other economic setbacks at home.

CNN is also reporting that the FBI joined police in several countries to arrest more than 100 hackers worldwide for using the malware known as Blackshades, in the culmination of a years-long investigation. Per CNN: 

The malware sells for as little as $40. It can be used to hijack computers remotely and turn on webcams, access hard drives and capture keystrokes to steal passwords without the victim's knowledge. Criminals have used it for everything from extortion to bank fraud, the FBI says.

The malware is one of the most popular softwares cyber criminals use to target victims. Holder said that another press conference will be held to discuss Blackshades later on Monday. 

Threatwatch Alert

Network intrusion

UC Berkeley Waits Three Months to Inform Hack Victims

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
// 11:26 AM ET
X CLOSE Don't show again

Like us on Facebook