5 Chinese PLA officials accused of cyber espionage on US companies

The United States has filed criminal charges against five Chinese military PLA officials for cyber espionage and hacking against several US companies.

The United States early this week charged five Chinese military PLA officers and accused them of hacking into computers of American companies. US authorities accused the China’s People’s Liberation Army officers of hacking into US companies in the energy sector to steal trade secrets and intellectual property.

DoJ has issued a press release which revealed the names of the five hackers, the victim companies and the time period of the cyber attacks, following an abstract from the indictment:

Defendants : Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui, who were officers in Unit 61398 of the Third Department of the Chinese People’s Liberation Army (PLA). The indictment alleges that Wang, Sun, and Wen, among others known and unknown to the grand jury, hacked or attempted to hack into U.S. entities named in the indictment, while Huang and Gu supported their conspiracy by, among other things, managing infrastructure (e.g., domain accounts) used for hacking.

Victims : Westinghouse Electric Co. (Westinghouse), U.S. subsidiaries of SolarWorld AG (SolarWorld), United States Steel Corp. (U.S. Steel), Allegheny Technologies Inc. (ATI), the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (USW) and Alcoa Inc.

Time period : 2006-2014.

The FBI accused the PLA‘s official for hacking and applied total 31 counts charges, for:

Conspiring to commit computer fraud and abuse
Accessing (or attempting to access) a protected computer without authorization to obtain information for the purpose of commercial advantage and private financial gain
Transmitting a program, information, code, or command with the intent to cause damage to protected computers
Aggravated identity theft
Economic espionage
Trade secret theft

“When a foreign nation uses military or intelligence resources and tools against an American executive or corporation to obtain trade secrets or sensitive business information for the benefit of its state-owned companies, we must say, ‘Enough is enough,'” U.S. Attorney General Eric Holder declared at a news conference.

The accompanying indictment states:

“From at least in or about 2006 up to and including at least in our about April 2014, members of the People’s Liberation Army (“PLA”), the military of the People’s Republic of China (“China”), conspired together and with each other to hack into the computers of commercial entities in the Western District of Pennsylvania and elsewhere in the United States.”

The Chinese Government denied the charges, saying that this incident would damage the relationship between the two countries. Cyber espionage is a top national security concern for both governments, top U.S. Intelligence officials released early 2014 a new Worldwide Threat Assessment Report during a Senate hearing, the document considers the effects of cyber campaigns conducted by foreign state-sponsored hackers as a serious threat for Homeland security.

US Intelligence Security Affairs Worldwide Threat Assessment Report 13-14 PLA

The US authorities suspect hackers work for the PLA’s Unit 61398 based in Shanghai, according investigation the hackers have stolen trade secrets and also sensitive data related to nuclear power plant design and a solar panel company’s cost and pricing data.

Federal prosecutors suspect the list of targeted companies is very long and includes Alcoa Inc, Allegheny Technologies Inc, United States Steel Corp, Toshiba Corp unit Westinghouse Electric Co, the U.S. subsidiaries of SolarWorld AG, and a steel workers’ union.According US Officials losses to the companies were “significant.”

“The victims had all filed unfair trade claims against their Chinese rivals, helping Washington draw a link between the alleged hacking activity and its impact on international business.” reports Reuters.

The five PLA Chinese officials are considered by US authorities, international fugitives, the indictment is a clear message to other governments, the US doesn’t want to accept further cyber espionage on its companies, curious if we consider recent revelation based on Snowden documents on US cyber espionage activities against foreign countries.

Be aware as reported in the text of the indictment, “An indictment is merely an accusation and a defendant is presumed innocent unless proven guilty in a court of law.“.

Pierluigi Paganini

(Security Affairs – Chinese PLA officials, hacking)