Modern field guide to security and privacy

US hacking charges against China for economic cyber-spying: Why now?

The US indictment of five military officials in China's secret 'Unit 61398' aims to put China on notice but also plays to US corporate concerns that Washington has done too little to curb cyber threats.

Charles Dharapak/AP
Press materials are displayed on a table of the Justice Department in Washington on Monday, before Attorney General Eric Holder announced that a US grand jury has charged five Chinese hackers with economic espionage and trade secret theft, the first-of-its-kind criminal charges against Chinese military officials in an international cyber-espionage case.

Indictment of five members of China’s military for economic cyber-spying and theft of US corporations’ trade secrets is just one part of a two-pronged Obama administration strategy to nudge the globe’s second-largest economic power toward a new normal – whether or not anyone ever stands trial.

On one level, Monday's federal indictment  is a diplomatic and legal cudgel that could be the precursor to trade enforcement actions at the World Trade Organization – or other punitive measures by the US. On another, it’s a response to rising domestic pressure by US businesses demanding that Washington step up and protect them from hyper-sophisticated nation-state cyber threats, while at the same time shedding cyber-security costs onto the government, cyber experts say.

While many believe it is unlikely those Chinese military officers will ever be extradited for trial in the US, the public outing of China’s military for engineering the cyber theft of the crown jewels of US companies’ intellectual property is the punitive part of a multipart “carrot and stick” policy the Obama administration adopted to deal with a problem shortly after it took office, these experts say.

In the administration's early days, cyber threats were already a priority. But by 2010, cyber espionage had vaulted to the top of the list. The next year, a nonpublic internal federal review determined that “China’s economic espionage activities were greater than all others combined, including Russia,” says James Lewis, a senior fellow at the Center for Strategic and International Studies in Washington.

By early 2013, the US and China had agreed to regular diplomatic talks – a cyber working group – that was one of the White House “carrots” designed to deal with sensitive cyber issues behind closed doors. In those talks, the US told Chinese representatives that using the powerful state-controlled military to conduct cyber-espionage operations against hundreds of US corporations was unacceptable.

But with no discernible shift or reduction in the massive thrust of Chinese economic espionage, the FBI in 2013 alone privately notified 3,000 US companies that they had been hacked, Dr. Lewis notes.

The White House was set to deploy the first “stick” part of its China-cyber plan with criminal indictments in mid-to-late 2013. But the indictments were derailed by the global uproar over revelations of National Security Agency (NSA) surveillance operations, two sources close to the administration told the Monitor.

“There was a very deliberate White House strategy to deal with China’s cyber espionage against US companies – and this indictment was part and parcel of that,” says a former administration official, who asked for anonymity to preserve business and government ties. “But that part of the plan was derailed by [former NSA contractor Edward] Snowden’s disclosures last year. Its reemergence now may signal an administration return to that strategy and a bid to regain the initiative in any diplomatic negotiations.”

“People are over-thinking these indictments when really they are just part of a long-term diplomatic strategy that will take years to work,” Dr. Lewis says in an interview. “This approach worked in the past with nuclear missile proliferation – and even with gaining Chinese assistance in reining in pirate activity on the high seas. China cooperates now on these issues.”

The White House refused to elaborate, suggesting that its statements already made clear the US position. But White House spokesman Jay Carney seemed to echo the idea that the indictments were the logical next step in an ongoing policy, not a knee-jerk move.

“This is an issue that has been brought up by President Obama with President Xi in their meetings as recently as in March as a general problem that we have seen, and reflects the president’s overall concern about cybersecurity,” Mr. Carney told reporters on Monday, responding to questions about the indictments.

“We have consistently and candidly raised these concerns with the Chinese government," he added. "And today’s announcement reflects our growing concerns that this Chinese behavior has continued."

China’s reaction so far, however, has been to cancel the cyber working group. It remains to be seen, as well, whether China will indict any US individuals on alleged cyber-spying charges in a tit-for-tat move, as some observers expect.

On Monday, US Ambassador to China Max Baucus was called in by Zheng Zeguang, assistant foreign minister, who "protested" the US indictments, saying they had seriously harmed relations between both countries, the Chinese Foreign Ministry said in a statement on its website. Mr. Zheng also told Ambassador Baucus that, depending on the development of the situation, China "will take further action on the so-called charges by the United States," Reuters reported.

In its recent indictment, the US alleges that China targeted America's top manufacturers over an eight-year period from 2006 through last month, including: nuclear power plant maker Westinghouse Electric Co., the US-based subsidiary of SolarWorld AG, United States Steel Corp., Allegheny Technologies, and Alcoa.

Yet those five companies are just a tiny sample of all cyber-theft by Unit 61398 of China’s People's Liberation Army, where the five indicted officers are alleged to work as hackers. The same PLA unit allegedly also stole from computer networks of 141 companies (115 of them US based) spanning 20 industries over nearly a decade, according to a landmark 2013 report by cybersecurity firm Mandiant.

If China doesn’t take the hint from the indictments, it could lead to even more punitive measures, such as placing US financial sanctions on individual Chinese businessmen, as was done with Russia after its takeover of Crimea.

“This is a strategy that will, over time, make it clear to the Chinese that there’s a problem in the bilateral relationship,” Lewis says. “It will show them they’re behavior is a departure from international norms. Now other countries need to tell them, too: ‘Hey, this is how responsible states act, it's not just the crazy Americans saying it. It’s what responsible states do.’”

But there’s another aim to the White House policy as well – and that’s placating US businesses that have felt themselves under siege and are eager to reduce their own potential legal and financial liability by assigning blame to China’s powerful military.

“The indictments are really a good example of a two-pronged policy response by the White House that attempts to address both domestic political concerns as well as give the US some political leverage with China,” says the former administration official.

“Yes, it’s an attempt to get China to change its behavior. But it's also an attempt, domestically, to placate US businesses that are demanding that something be done about this threat. That’s what this is about.”

of 5 stories this month > Get unlimited stories
You've read 5 of 5 free stories

Only $1 for your first month.

Get unlimited Monitor journalism.