Start the conversation
A year ago this month we told you that China had declared a full-fledged war on the United States … in cyberspace.
As tough as it was to say so, we had to concede that China was clearly winning.
You couldn't blame us for making that statement: After all, just days before we told you this, The Washington Post revealed that Beijing-sponsored hackers had systematically picked the Pentagon's pocket.
Citing a report prepared for the U.S. Defense Department by the Defense Science Board, The Post said Chinese hackers have accessed the designs for aircraft, ships and missile systems – including those that would be used in confrontations in Europe, Asia and the Persian Gulf.
The damage to America's weapons systems and military strategy was so widespread it was almost impossible to believe.
Yesterday, the United States fired back.
And that means this cyberspace "Cold War" is about to get very hot.
Holder the Hit Man
I'm a big Law & Order fan. And I used to get a big charge out of it when Assistant District Attorney Jack McCoy (Sam Waterston) would say "I can indict a ham sandwich" – meaning grand jury indictments were relatively easy to get … it was the convictions at trial that were the real challenge.
U.S. Attorney General Eric Holder might want to argue that point.
The U.S. Department of Justice yesterday said it had charged five alleged members of China's vaunted People's Liberation Army Unit 61398 with computer hacking and stealing "trade secrets" from six U.S. firms involved with the steel, solar power and nuclear power industries.
As we explained in our special report "China's Internet Army," PLA unit 61398 is a specialized cyber-espionage unit that operates out of a white office tower on Datong Road in Shanghai. An industrial-grade military data pipeline leads right to it.
In making the announcement yesterday, Holder said the indictments – while more symbolic than anything else — should "serve as a notice" that the DOJ takes state-sponsored cyber theft seriously – and will act to stop it.
"The range of trade secrets and other sensitive business information stolen in this case is significant and demands an aggressive response," Holder said. "The alleged hacking appears to have been conducted for no reason other than to advantage state-owned companies and other interests in China, at the expense of businesses here in the United States."
The charges stem from grand-jury indictments filed in Pennsylvania. And they mark the first time the Justice Department has pursued hacking allegations against what are referred to as "state actors."
The hacking targeted United States Steel (NYSE: X), Westinghouse Electric Co., subsidiaries of SolarWorld AG (OTC ADR: SRWRY), and other organizations. It took place between 2006 and this year. And the cyber-hacking efforts were directed at companies whose information would benefit their counterparts in China, the Justice Department said.
"This administration will not tolerate actions by any nation that seeks to illegally sabotage American companies and undermine the integrity of fair competition in the operation of the free market," Holder said.
Other named cyber-hacking targets were specialty-metals player Allegheny Technologies Inc. (NYSE: ATI ), aluminum giant Alcoa Inc. (NYSE: AA), and the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (USW), a key labor union that represents workers in the steelmaking and related trades.
The inclusion of the USW union underscores the fact that cyber-espionage leads to lost jobs, says David Hickton, U.S. attorney for the Western District of Pennsylvania.
"The important message is cyber-theft impacts real people in real and painful ways," Hickton said. "When these cyber-intrusions occur, production slows, workers get laid off and lose their homes. This 21st-century burglary has to stop."
Now facing federal charges are Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui – each alleged to be members of Unit 61398 of the Third Department of the PLA.
According to the indictment, Wang, Sun, and Wen, among others, either hacked – or tried to hack – into U.S. organizations. Huang and Gu allegedly supported the activities by managing the hacking infrastructure.
Each person faces 31 charges, including economic espionage (a maximum sentence of 15 years in prison), conspiring to commit computer fraud and abuse (a 10-year sentence) and trade-secret theft (also 10 years).
Holder actually told reporters that he hopes Beijing will honor the indictments, meaning the defendants would have to face the charges in U.S. federal court.
Most experts believe that Unit 61398 operates with the blessing of – and takes direction from – China's central government in Beijing. It's almost a form of "industrial policy" – using purloined research to further the nation's commercial interests and military technologies, many experts allege.
Indeed, FBI Director James B. Comey pulled no punches yesterday.
"For too long, the Chinese government has blatantly sought to use cyber espionage to obtain economic advantage for its state-owned industries," Comey said. "The indictment announced today is an important step. But there are many more victims, and there is much more to be done. With our unique criminal and national security authorities, we will continue to use all legal tools at our disposal to counter cyber espionage from all sources."
This apparently wasn't just pure "hacking" – where the PLA targeted a company from afar and cyber-grabbed the data. In some of the cases that led to the charges, the "target" was involved in trade disputes with China, or joint ventures with China-based firms, the Justice Department said.
The USW, for instance, was engaged in a very public dispute having to do with China "trade practices" involving two different sectors.
Wen was allegedly able to steal e-mails from senior union officials – missives that contained sensitive, non-public information about USW strategies. And those strategies included USW plans for dealing with ongoing trade disputes, the Justice Department alleges.
The Battle is Joined
In our briefing on this a year ago, we told you that China was alleged to have cyberjacked the designs of more than two dozen of America's top weapons systems. The compromised aircraft included the still-in-development F-35 Lightning II Joint Strike Fighter, the frontline F/A-18 Hornet fighter jet, the Black Hawk helicopter and the V-22 Osprey transporter.
The PLA unit had also allegedly grabbed the designs for such key defensive systems as the U.S. Navy Aegis and U.S. Army Patriot missile-defense systems, and the "THAAD" missile-defense system that had only recently been deployed to Guam, The Post and other news outlets said.
As we explained in our special report "China's Internet Army," the design thefts were just the latest element of a long campaign of U.S.-focused cyber-espionage that the PLA unit had been waging.
In a study of its own, Mandiant Corp., a U.S.-based computer-security firm, concluded that 141 U.S. companies have had their data systems breached or had data stolen since 2006.
The acts of cyberespionage have been a frequent sparring point between Beijing and the Obama administration. So it's been clear that Washington understands the threat – it just hasn't been doing much about it in a public forum.
In a 2011 report called "Foreign Spies Stealing U.S. Economic Secrets in Cyberspace," the U.S. Office of the National Counterintelligence Executive said "Chinese actors are the world's most active and persistent perpetrators of economic espionage."
Like Mandiant, the government agency also noted that "U.S. private sector firms and cybersecurity specialists have reported an onslaught of computer network intrusions that have originated in China."
As part of their dealings, Washington and Beijing last year agreed to hold semi-regular discussions on espionage and cybersecurity. And that had led to at least two meetings between U.S. President Barack Obama and Chinese President Xi Jinping – one of which we reported on.
After the September meeting as part of the G-20 Summit in St. Petersburg, Russia – where cybersecurity was the focal issue – President Obama was said to have "underscored that we view this not simply through a security prism, but what we're focused on is concerns about the potential theft of trade secrets emanating from China," Ben Rhodes, the deputy national security adviser for strategic communications, told reporters.
There will be fallout from these indictments.
Although the United States and China have been throwing mud at each other for years – swapping allegations of cyber-spying and other related misbehaviors – this is the first time either has leveled formal, public charges.
China was clearly caught off-guard, says Adam Segal an expert on Chinese cyber-espionage who's with the Council on Foreign Relations (COFR).
Bet on a "forceful response," he told the International Herald Tribune.
It's "Game On"
It didn't take long for China's Foreign Ministry to say that Washington "fabricated facts" in the indictment – and did so in a way that "seriously violates basic norms of international relations and damages Sino-U.S. cooperation and mutual trust." The ministry said it has already lodged a formal protest with the Obama administration, and has retaliated by unilaterally deciding to "suspend the activities of the Sino-U.S. Cyber Working Group."
And it left open the prospect of "further reaction" in the case.
In the meantime, this opening move by the Justice Department signals more aggressive legal and foreign-policy moves to come, experts say.
David P. Fidler, and Indiana University legal and cybersecurity expert, said the indictments will not lead to convictions and will intensify already tense Sino-American relations. But he said they are important moves, too.
"The U.S. government knows the likelihood of successfully prosecuting these individuals for violating U.S. criminal law is virtually nil because the cooperation of the Chinese government would be necessary for the U.S. government to gain custody and conduct a criminal trial in the U.S.," says Fidler, the James Louis Calamaras Professor of Law at the IU Maurer School of Law. "This move is really not about attempting to faithfully execute these laws."
Fidler, also a senior fellow at the IU Center for Applied Cybersecurity Research, said the charges will generate criticism of the U.S. government given recent disclosures by former National Security Agency analyst Edward Snowden that made embarrassing revelations of U.S. cyber-espionage activities.
Even so, the indictments indicate that Washington "is shifting from playing defense in response to Snowden to going on the offensive on matters of fundamental concern to U.S. cybersecurity and economic power," Prof. Fidler said. "One casualty of Snowden's leaks was the initiatives the Obama administration mounted in the first half of 2013 against the pervasive nature of Chinese economic cyber-espionage. The U.S. government is returning to what had been, pre-Snowden, one of the biggest cybersecurity problems the U.S. and other countries faced."
Going on the offensive – and declaring "game on" – creates substantial risk for the administration and the country. It's likely to prompt Chinese state actors and other foreign hackers to intensify their efforts against the U.S. government and American companies. And that includes an elevated risk of potentially damaging cyber-attacks, he said.
"Going on the offensive and declaring 'game on' in the post-Snowden context constitutes a far more difficult challenge and risky endeavor," Prof. Fidler said. "The application of U.S. criminal law to Chinese officials will worsen Sino-American relations on cyber issues and potentially in the larger, increasingly tense competition between the two powers. Other countries, including China, might decide to charge NSA officials or employees with violating their espionage and cybercrime laws, producing adverse consequences for the U.S. government in its relations with these countries. This decision means that the Obama administration believes the benefits of going back on the offensive outweigh the risks of continuing to react to damaging disclosures about its own cyber espionage activities."
We've been predicting a more-aggressive Washington for more than a year. So you can bet that we'll keep watching this for you.
A Huge Gainer
In the March 20 briefing "Why I 'Insisted' You Get This Micro-Cap Stock Pick," we recommended eOn Communications Corp. (NasdaqCM: EONC) as a "micro-cap" telecom play with a huge potential upside.
But we also took care to emphasize that its exceptional risk – meaning it's not for the faint of heart.
Michael Robinson, our resident tech guru, said he expected this stock to experience substantial volatility – which is why we instructed folks to do a "split-entry" to manage risk, instead of employing our traditional "trailing stop."
The stock has taken it on the chin in recent weeks, then yesterday demonstrated that volatility runs in both directions. eOn shares soared as much as 73% yesterday, and closed 45% higher on the day – apparently because of the AT&T Inc. (NYSE: T) move to acquire DIRECTV (Nasdaq: DTV).
We're still down more than 37% on the stock. But we're not surprised by the swings – especially having been exacerbated by the tech-related sell-off we've seen in recent weeks.
[Editor's Note: Unless otherwise directed – as we've done with eOn Communications – we recommend investors employ a 25% "trailing stop" on all holdings.]
- Private Briefing: China Picked the Pentagon's Pocket – Here's What You Need to Do.
- Private Briefing Special Report: China's Internet Army.
- Private Briefing: Why I "Insisted" You Get This Micro-Cap Stock Pick.
- U.S. Office of the National Counterintelligence Executive: Foreign Spies Stealing U.S. Economic Secrets in Cyberspace.
- Private Briefing: Russia Joins the "Hacking of America" Club.
- Private Briefing: How the "Invisible Front" May Have Ensured a Russian Victory.
- Private Briefing: The Escalating Arms Race I'll Bet You're Not Watching.
- Private Briefing: As Obama's China Summit Nears, Let's Consider This Cybersecurity "Trifecta."
- Private Briefing: The Next Big Cyber Weapon: Your Car.
- Private Briefing: Why Congress Fears the Family Car.
- Private Briefing: This Hot Little Security Firm Has Plenty of Room to Run.
- Private Briefing: China: Did America Just Throw Down the Gauntlet?
- Private Briefing: The Real Cost of the Government Shutdown.
- Private Briefing: America Just Got Dragged Into the Explosive South China Sea Standoff.
- Private Briefing: As Obama's China Summit Nears, Let's Consider This Cybersecurity "Trifecta".
- Private Briefing: Is the Shooting About to Start in the South China Sea?
- Private Briefing: How China's "Deep Game" Gave Us Our Sixth Takeover Play
- Private Briefing: The Plot Thickens in the South China Sea.
- Private Briefing: Did You See What China Has Done Now?
- Private Briefing: I Hope You're Watching This.
- Private Briefing: Why Washington is Worried About the Syria Weapons Deal.
- Private Briefing: Here's a Secret: The War in Syria Has Already Started.
- Private Briefing: How a U.S. Strike on Syria Could Spark the World's First Cyber War.
- Private Briefing: Make These Moves Before the U.S. Hits Syria.
- Private Briefing: How Syria Could Ruin Your Day.
- Private Briefing: Double Your Money with This Cyber-Hacking of America Stock.
- Private Briefing: An Expert Update on These Three Stocks.
- Private Briefing: The Latest Scoop on the Cyber-Hacking of America.
- Private Briefing: Let's Peek Inside the Shadowy World of Cyber-Espionage.