After a respectful pause in the wake of the Snowden leaks, the United States has moved to refocus on what President Obama has called “one of the most serious economic and national security challenges we face.”
Announcing the move, Attorney-General Eric Holder confirmed the unprecedented nature of the action: “These represent the first ever charges against known state actors for infiltrating Unites States commercial targets by cyber means.”
The case involved indictments against five members of Chinese military unit 61398. The unit has attracted notice for some time. It shot to fame after The New York Times was hacked and brought in tech firm Mandiant to monitor, trace and eventually out the attackers. Wikileaks cables reveal it was attracting U.S. government attention even further back.
China’s Commercial Cyber Espionage
The United States had been building pressure on China to diminish its support for commercial cyber espionage in the lead up to the “shirt sleeves summit” between President Obama and Chinese President Xi in June 2013. In May 2013, for the first time the Pentagon named China as responsible for a string of cyber intrusions. Also in May, the Commission on the Theft of American Intellectual Property co-chaired by former U.S. Ambassador to China Jon M. Huntsman Jr. and Dennis C. Blair, former director of national intelligence, estimated annual losses from cyber theft at over $300 billion—or the equivalent of all U.S. exports to Asia. It identified China as “the world’s largest source of IP theft.”
On June 1, at the annual Shangri-La Dialogue, U.S. Defense Secretary Chuck Hagel publicly rebuked the Chinese: “The U.S. has expressed our concerns about the growing threat of cyber intrusions, some of which appear to be tied to the Chinese government and military.”
In the lead up to the shirt sleeve summit, the pressure seemed to have laid the ground for some progress. Just before the summit Reuters reported:
“In a sign of an easing of tension over hacking, an Obama administration official said on Saturday a previously agreed high-level working group on cybersecurity would convene for its first talks in July and meet regularly after that. The official said the panel would focus not only on hacking but on ‘developing rules of the road for operating in cyberspace.’”
Unfortunately, June also marked the start of the Snowden leaks that retired former NSA director, General Martin Hayden has described as having the potential “to be the single most destructive leak of American security information in our history.”
The Snowden revelations froze these efforts in their tracks. But the Attorney-General’s announcement suggests a return to where we left off.
Foreign Theft of U.S. Intellectual Property
The Commissioners on the Theft of American Intellectual Property described individual stories of stolen intellectual property as “infuriating.” In one instance they said, “…a foreign company counterfeited a high-tech product it had been purchasing from a U.S. manufacturer. The customer then became the U.S. company’s largest competitor, devastating its sales and causing its share price to plummet 90 percent within six months.”
The indictment is targeting these very cases. Assistant Attorney General for National Security John Carlin gave a this example in his remarks:
“Right about the time SolarWorld was rapidly losing its market share to Chinese competitors that were pricing exports well below costs, these hackers were stealing cost, pricing and strategy information from SolarWorld’s computers.”
With no realistic possibility China would ever hand over the five indicted hackers, this is a clear move to start rebuilding pressure for change. But with more Snowden leaks to come, can the momentum be regained?