The Justice Department announced Monday that it had indicted five members of the Chinese People’s Liberation Army on charges of cybertheft. According to the indictment, the five hackers systematically stole business secrets from American corporations — household names like Westinghouse, Alcoa, and U.S. Steel.
The alleged thefts were not aimed at boosting Chinese national security or undermining ours. Rather they appear to be part of a scheme, going back at least to 2006, to boost Chinese companies by stealing American know-how.
For example, while one company was negotiating to build and operate four power plants in China, the Chinese stole the bidder’s proprietary and confidential business specifications for piping used in its nuclear power plants. Beijing apparently finds it easier to steal a new idea than think one up.
The indictments should surprise no one. In 2013, Mandiant, a private American cybersecurity company, released a report on the activities of Unit 61398 of the signals-intelligence branch of the PLA — the same group cited in the indictment. According to Mandiant, Unit 61398 had penetrated more than 140 western companies. Also in 2013, the congressionally chartered Commission on the Theft of American Intellectual Property estimated that the losses from IP cybertheft totaled some $300 billion per year.
And, so, this week’s indictment is quite welcome. Finally, after a number of years of just talking about the problem, the United States is responding.
To be sure, nobody actually expects this case to ever come to trial. The Chinese are simply not going to extradite members of their military to stand trial in an American courtroom. Still, the indictment sends several powerful messages.
First, the charges set an important precedent: That the U.S. government sees state-sponsored economic espionage as a crime. While the five PLA officers are beyond our borders, the companies that benefit from the theft are not. Someday, therefore, we may see Chinese companies and corporate officials indicted for their role in the theft of American intellectual capital.
Second, the charges tell corporate America that the government will defend their interests. Even if the Chinese hackers are never brought to justice, the indictment will have the positive effect of assuring American companies that Washington is willing to incur significant diplomatic costs on their behalf. This will likely persuade corporations, in turn, to be more willing to come forward when they are victimized.
Third, the indictment serves as a warning. It says to the Chinese “we are watching you and we know what you are doing.” This remarkably transparent action reflects a conscious decision to risk the disclosure of sources and methods of how the U.S. collects intelligence data for the benefit of deterring Chinese misconduct. Buried in the indictment, for example, is a discussion of Chinese cyber espionage tradecraft (which false domains and websites they use). It contains the details of specific intrusions into specific identified companies and provides a highly particular list of exactly how the attacks were carried out. That kind of detail has to give Chinese hackers some pause. They can no longer be sure they are cloaked in anonymity.
And, finally, the indictment says that the U.S. is coming out of its post-Snowden defensive crouch. No matter what the world may think of Snowden’s revelations, we are putting the embarrassment behind us and resuming our efforts to manage the cyber domain.
The indictment may have been a long time coming. (I suspect that the Snowden disclosures altered the timing quite a bit). But whatever the timing, it is good news that our government is finally willing to stand up to Chinese theft and call it what it is: state-sponsored crime.
- Paul Rosenzweig, an expert in homeland security and cybersecurity issues, is the founder of Red Branch Consulting PLLC and a visiting fellow at the Heritage Foundation.
Originally appeared in the Boston Herald