U. S. charges Chinese hackers in theft of vast trove of confidential data in 12 countries
By Ellen Nakashima and David J. Lynch/posttv-thumbnails-prod.s3.amazonaws.com/12-20-2018/t_6aeb80a377a34f1a9983dda7ab6c9138_name_APT10_presser_scaled.jpg)
Prosecutors unsealed an indictment charging two Chinese with computer hacking attacks on a wide range of U.S. government agencies and corporations.
The United States and four of its closest allies on Thursday blamed China for a 12-year campaign of cyberattacks that vacuumed up technology and trade secrets from corporate computers in 12 countries, affecting almost every major global industry.
The coordinated announcements in five capitals marked the Trump administration’s broadest anti-China initiative to date, yet it fell short of even stronger measures that officials had planned.
During debate, Treasury Secretary Steven Mnuchin blocked a proposal to impose financial sanctions on those implicated in the hacking, according to five sources familiar with the matter.
Two administration officials said Mnuchin acted out of fear that sanctions would interfere with U.S.-China trade talks.
The centerpiece of Thursday’s synchronized accusations came in Washington, where the Justice Department unveiled indictments against two Chinese hackers, who it said acted “in association with” the Chinese Ministry of State Security (MSS).
Zhu Hua and Zhang Shilong, members of a hacking squad known as “Advanced Persistent Threat 10” or “Stone Panda,” were accused of conspiracy to commit computer intrusions, wire fraud and aggravated identity theft while pilfering “hundreds of gigabytes” of confidential business data, the indictment said.
“China’s goal, simply put, is to replace the U.S. as the world’s leading superpower, and they’re using illegal methods to get there,” said FBI Director Christopher A. Wray.
U.S. allies echoed the Justice Department action, signaling a growing consensus that Beijing is flouting international norms in its bid to become the world’s predominant economic and technological power.
The centerpiece of Thursday’s synchronized accusations came in Washington, where the Justice Department unveiled indictments against two Chinese hackers, who it said acted “in association with” the Chinese Ministry of State Security (MSS).
Zhu Hua and Zhang Shilong, members of a hacking squad known as “Advanced Persistent Threat 10” or “Stone Panda,” were accused of conspiracy to commit computer intrusions, wire fraud and aggravated identity theft while pilfering “hundreds of gigabytes” of confidential business data, the indictment said.
“China’s goal, simply put, is to replace the U.S. as the world’s leading superpower, and they’re using illegal methods to get there,” said FBI Director Christopher A. Wray.
U.S. allies echoed the Justice Department action, signaling a growing consensus that Beijing is flouting international norms in its bid to become the world’s predominant economic and technological power.
Xi Jinping's empty promises
In the capitals of the United Kingdom, Australia, Canada and New Zealand, ministers knocked China for violating a 2015 pledge — offered by Chinese dictator Xi Jinping in the White House’s Rose Garden and repeated at international gatherings such as the Group of 20 summit — to refrain from hacking for commercial gain.
“This campaign is one of the most significant and widespread cyber intrusions against the U.K. and allies uncovered to date, targeting trade secrets and economies around the world,” British Foreign Secretary Jeremy Hunt said in a statement.
Still, some administration allies were skeptical that Thursday’s announcement would alter China’s behavior.
Deputy Attorney General Rod J. Rosenstein announces on Thursday the indictments of two Chinese for hacking attacks.
“Just as when the Obama administration did it, indicting a handful of Chinese agents out of the tens of thousands involved in economic espionage is necessary but not important,” said Derek Scissors, a China analyst at the American Enterprise Institute.
“This campaign is one of the most significant and widespread cyber intrusions against the U.K. and allies uncovered to date, targeting trade secrets and economies around the world,” British Foreign Secretary Jeremy Hunt said in a statement.
Still, some administration allies were skeptical that Thursday’s announcement would alter China’s behavior.
Deputy Attorney General Rod J. Rosenstein announces on Thursday the indictments of two Chinese for hacking attacks.
“Just as when the Obama administration did it, indicting a handful of Chinese agents out of the tens of thousands involved in economic espionage is necessary but not important,” said Derek Scissors, a China analyst at the American Enterprise Institute.
“International denouncements may irritate Xi, but they place no real pressure on him.”
Scissors said it would be more effective for the United States to hit high-profile Chinese companies with financial sanctions, including potential bans on their ability to do business with American companies.
The five governments that joined in the statements about China are partners in the “Five Eyes” intelligence alliance, sharing some of their most closely guarded technical and human reporting.
The foreign ministries of Denmark, Sweden and Finland tweeted statements saying they shared the concerns over rampant cyberespionage against corporations.
The united front against Chinese hacking and economic espionage stands in contrast to the “America First” president’s preference for taking a unilateral course to many of his trade goals.
“This demonstrates there’s a strong well of international support the United States can tap... Countries are fed up,” said Ely Ratner, executive vice president of the Center for a New American Security.
The hackers named in the indictment presided over a state-backed campaign of cybertheft that targeted advanced technologies with commercial and military applications.
Scissors said it would be more effective for the United States to hit high-profile Chinese companies with financial sanctions, including potential bans on their ability to do business with American companies.
The five governments that joined in the statements about China are partners in the “Five Eyes” intelligence alliance, sharing some of their most closely guarded technical and human reporting.
The foreign ministries of Denmark, Sweden and Finland tweeted statements saying they shared the concerns over rampant cyberespionage against corporations.
The united front against Chinese hacking and economic espionage stands in contrast to the “America First” president’s preference for taking a unilateral course to many of his trade goals.
“This demonstrates there’s a strong well of international support the United States can tap... Countries are fed up,” said Ely Ratner, executive vice president of the Center for a New American Security.
The hackers named in the indictment presided over a state-backed campaign of cybertheft that targeted advanced technologies with commercial and military applications.
They also hacked into companies called “managed service providers,” which act as gatekeepers to computer networks serving scores of corporate clients.
The Chinese targeted companies in the finance, telecommunications, consumer electronics and medical industries, along with U.S. government laboratories operated by the National Aeronautics and Space Administration and the military.
Along with the United States and the United Kingdom, countries targeted by China include Canada, France, Germany, Japan, Sweden and Switzerland.
“The list of victim companies reads like a who’s who of the global economy,” said Wray.
The Stone Panda team made off with personal information, including Social Security numbers belonging to more than 100,000 U.S. Navy personnel.
The hackers employed a technique known as “spear-phishing,” tricking computer users at the business and government offices into opening malware-infected emails giving them access to log-in and password details.
They worked out of an office in Tianjin, China, and engaged in hacking operations during working hours in China.
Geoffrey Berman, the U.S. attorney for the Southern District of New York, called the Chinese cyber-campaign “shocking and outrageous.”
Over the past seven years, more than 90 percent of cases alleging economic espionage involved China as did more than two-thirds of trade-secret theft prosecutions, according to Deputy Attorney General Rod J. Rosenstein.
The industries targeted in the Stone Panda hacks are featured in the Chinese government’s Made in China 2025 program, which aims to supplant the United States as the global leader in 10 advanced technologies including artificial intelligence, robotics and quantum computing, Rosenstein added.
The Chinese targeted companies in the finance, telecommunications, consumer electronics and medical industries, along with U.S. government laboratories operated by the National Aeronautics and Space Administration and the military.
Along with the United States and the United Kingdom, countries targeted by China include Canada, France, Germany, Japan, Sweden and Switzerland.
“The list of victim companies reads like a who’s who of the global economy,” said Wray.
The Stone Panda team made off with personal information, including Social Security numbers belonging to more than 100,000 U.S. Navy personnel.
The hackers employed a technique known as “spear-phishing,” tricking computer users at the business and government offices into opening malware-infected emails giving them access to log-in and password details.
They worked out of an office in Tianjin, China, and engaged in hacking operations during working hours in China.
Geoffrey Berman, the U.S. attorney for the Southern District of New York, called the Chinese cyber-campaign “shocking and outrageous.”
Over the past seven years, more than 90 percent of cases alleging economic espionage involved China as did more than two-thirds of trade-secret theft prosecutions, according to Deputy Attorney General Rod J. Rosenstein.
The industries targeted in the Stone Panda hacks are featured in the Chinese government’s Made in China 2025 program, which aims to supplant the United States as the global leader in 10 advanced technologies including artificial intelligence, robotics and quantum computing, Rosenstein added.
In November, in one of his last official actions, then-Attorney General Jeff Sessions announced a major initiative to combat Chinese commercial spying, building on four years of prosecutorial effort. The department vowed to aggressively pursue trade-secret theft cases and identify researchers and defense industry employees who have been “co-opted” by Chinese agents seeking to transfer technology to China.
While the show of anti-China unity was notable, the administration pulled back from plans for tougher action after warnings from the treasury secretary.
Mnuchin’s 11th-hour intervention left administration officials fearing Beijing would view the limited actions as a sign that Trump lacks the stomach for an all-out confrontation.
“We don’t comment on sanctions actions or deliberations, but it’s important to note that these issues are completely separate from trade,” said a Treasury Department spokesman asked to comment on the reports.
The administration’s action entailed statements from four Cabinet agencies — Justice, State, Energy and Homeland Security — while Treasury remained on the sidelines.
The condemnations also pose a complication as Trump and Xi seek to negotiate a trade deal.
While the show of anti-China unity was notable, the administration pulled back from plans for tougher action after warnings from the treasury secretary.
Mnuchin’s 11th-hour intervention left administration officials fearing Beijing would view the limited actions as a sign that Trump lacks the stomach for an all-out confrontation.
“We don’t comment on sanctions actions or deliberations, but it’s important to note that these issues are completely separate from trade,” said a Treasury Department spokesman asked to comment on the reports.
The administration’s action entailed statements from four Cabinet agencies — Justice, State, Energy and Homeland Security — while Treasury remained on the sidelines.
The condemnations also pose a complication as Trump and Xi seek to negotiate a trade deal.
Over dinner in Buenos Aires earlier this month, the two leaders agreed to a truce in their months-long tariff war.
Talks between U.S. and Chinese diplomats are expected to begin early next month.
The Trump administration is seeking a deal that would involve structural changes to China’s state-led economic model, greater Chinese purchases of American farm and industrial products and a halt to what the United States says are coercive joint-venture licensing terms.
The indictments were followed by a joint statement from Secretary of State Mike Pompeo and Homeland Security Secretary Kirstjen Nielsen that assailed China for violating Xi’s landmark 2015 pledge to refrain from hacking U.S. trade secrets and intellectual property to benefit Chinese companies.
“These actions by Chinese actors to target intellectual property and sensitive business information present a very real threat to the economic competitiveness of companies in the United States and around the globe,” they said.
Thursday’s push to confront China over its cyber-aggression comes at a fraught time, as Canada has arrested a Chinese telecommunications executive at the United States’ request on a charge related to violating sanctions against Iran.
Talks between U.S. and Chinese diplomats are expected to begin early next month.
The Trump administration is seeking a deal that would involve structural changes to China’s state-led economic model, greater Chinese purchases of American farm and industrial products and a halt to what the United States says are coercive joint-venture licensing terms.
The indictments were followed by a joint statement from Secretary of State Mike Pompeo and Homeland Security Secretary Kirstjen Nielsen that assailed China for violating Xi’s landmark 2015 pledge to refrain from hacking U.S. trade secrets and intellectual property to benefit Chinese companies.
“These actions by Chinese actors to target intellectual property and sensitive business information present a very real threat to the economic competitiveness of companies in the United States and around the globe,” they said.
Thursday’s push to confront China over its cyber-aggression comes at a fraught time, as Canada has arrested a Chinese telecommunications executive at the United States’ request on a charge related to violating sanctions against Iran.
