Hacker indictments against China's military unlikely to change anything
The move makes for good publicity, but will do little to deter hackers
Computerworld - The U.S. government's decision Monday to formally indict five members of the Chinese military on criminal hacking charges marks a significant escalation of what until now has been largely a war of words between officials of both countries.
Many see the indictments as long overdue. U.S. government officials and security experts have long pointed to China as the single largest source of state-sponsored attacks against U.S. government, military and corporate networks. Over the past several years, China-based hackers are believed to have stolen huge troves of military and industrial data from the U.S.
The big question is whether today's indictments will accomplish anything.
It's a near certainty that China will not hand over the five individuals to the U.S. or hold them accountable in that country. And it's unlikely that the indictments alone will significantly slow the alleged Chinese attacks against U.S. assets -- if that is, indeed, the goal.
Instead, all the move is likely to do is provoke China to retaliate in similar fashion. Already, the Chinese government has said it would suspend its participation in the activities of the China-US Cyber Working Group.
In a statement, Monday, the Chinese government promised further action. "It is a fact known to all that relevant U.S. institutions have long been involved in large-scale and organized cyber theft as well as wiretapping and surveillance activities against foreign political leaders, companies and individuals," the statement read, with an obvious reference to the National Security Agency.
"China is a victim of severe U.S. cyber theft, wiretapping and surveillance activities," the Chinese government said. The statement went on to say that the indictments are based on "fabricated facts."
The U.S. Department of Justice (DOJ) earlier today handed down indictments against Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui, all officers in Unit 61398 of the Third Department of the Chinese People's Liberation Army (PLA).
A report by security firm Mandiant last year had identified Unit 61398 as a Shanghai-based Chinese military operation responsible for hacking attacks against nearly 150 companies around the world.
In its complaint, the DOJ charged the individuals with hacking, or conspiring to hack, into several major U.S. companies, including Westinghouse Electric Co, United States Steel Corp., Allegheny Technologies Inc., United Steel and the U.S. subsidiary of SolarWind AG. The incidents allegedly occured between 2006 and 2014.
The intrusion at Westinghouse took place in 2010 when the company was building four power plants in China and was negotiating terms of the construction with a Chinese state-owned entity. Sun allegedly stole proprietary technical information and design specifications for pipes, pipe supports and other equipment from the company.
The data theft at SolarWind happened in 2012 about the same time Chinese solar product manufacturers were dumping products in the U.S market at below market prices, the indictment alleged. A group led by Wen and other unnamed conspirators allegedly broke into computers at SolarWind and stole thousands of documents pertaining to the company's manufacturing costs, production lines, cash flow and other proprietary information.
- DOJ's charges against China reframe security, surveillance debate
- Hacker indictments against China's military unlikely to change anything
- U.S. to formally accuse Chinese military of hacking
- Cyberattacks could paralyze U.S., former defense chief warns
- The NSA blame game: Singling out RSA diverts attention from others
- Jury still out on FISA court
- Suspected China-based hackers 'Comment Crew' rises again
- Chinese hackers master the art of lying in wait
- Spy court OK'd all U.S. wiretap requests it received in 2012
- Groups denounce FBI plan to require Internet backdoors for wiretaps
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily... All Cybercrime and Hacking White Papers | Webcasts