The US made a rare move to pursue foreign government employees by charging five Chinese nationals with committing economic espionage against several large US organisations, in a move that serves as a warning and a wakeup call for both state-sponsored hackers and the companies that they attack.
According to the Department of Justice, a grand jury in the Western District of Pennsylvania handed down 31 indictments against five officers of the Third Department of the Chinese People's Liberation Army (PLA) — Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui.
At a press conference today, US Attorney General Eric Holder called the arrests “the first ever charges against known state actors for infiltrating US commercial targets by cyber means".
He said the range of trade secrets and other sensitive business information stolen in this case were significant, with the alleged hacking demanding “an aggressive response.”
But that aggressive response has angered the Chinese government, which swiftly issued a statement through the Chinese Foreign Ministry, accusing the US of “fabricating facts and using so-called stealing network secrets as an excuse.”
The Ministry called the action a “serious violation of basic norms of international relations and damages Sino-US cooperation and mutual trust".
As a result, China is putting a halt, at least temporarily, to the Sino-US Internet Working Group activities and has protested directly to the US, calling for the government to withdraw the indictment against the five men.
The indictments came after lengthy investigation and monitoring — for instance, court documents show that US-based aluminium producer Alcoa was hacked in 2008, according to reports.
Last year, US security specialists pinpointed an office building where the five accused officers were located on the outskirts of Shanghai as a part of a PLA military base and a hub of cyber activity.
In February 2013, cybersecurity firm Mandiant provided a detailed view inside the activities of APT1 – a unit of the People's Liberation Army (PLA) referred to as the “Shanghai Group” or the “Comment Crew” operating primarily out of Shanghai's Pudong New Area – which had compromised an estimated 141 organisations in 20 major industrial sectors.
Wang, Sun, and Wen allegedly hacked, or tried to hack, into US organisations while Huang and Gu conspired to help them by managing infrastructure and other participating in other activities that supported the group's hacking efforts. Holder said the five PLA officers “will be exposed for their criminal conduct and sought for apprehension and prosecution in an American court of law.”
