A U.S. grand jury in Pennsylvania indicted five Chinese military officials on 31 counts involving cyber espionage, Attorney General Eric Holder said Monday.
The indictment named five defendants who were part of the Chinese People’s Liberation Army — Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui.
They targeted five U.S. companies and one U.S. labour union as part of their hacking — Westinghouse Electric Co. (Westinghouse), U.S. subsidiaries of SolarWorld AG (SolarWorld), United States Steel Corp. (U.S. Steel), Allegheny Technologies Inc. (ATI), the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (USW) and Alcoa Inc.
The grand jury brought 31 counts in total. All defendants were charged in all counts:
• One count of conspiring to commit computer fraud and abuse. This count carries a maximum penalty of 10 years in prison.
• Eight counts of accessing (or attempting to access) a protected computer without authorization to obtain information for the purpose of commercial advantage and private financial gain. These counts each carry a maximum of five years in prison.
• 14 counts of transmitting a program, information, code, or command with the intent to cause damage to protected computers. Each count carries a maximum of 10 years in prison.
• Six counts of aggravated identity theft. Each carries a maximum of two consecutive years in prison.
• One count of economic espionage, which carries a maximum penalty of 15 years in prison.
• One count of trade secret theft, which carries a maximum penalty of 10 years in prison.
“The range of trade secrets and other sensitive business information stolen in this case is significant and demands an aggressive response,” Holder said Monday.
“Success in the global marketplace should be based solely on a company’s ability to innovate and compete, not on a sponsor government’s ability to spy and steal business secrets. This administration will not tolerate actions by any nation that seeks to illegally sabotage American companies and undermine the integrity of fair competition in the operation of the free market.”
Here’s a breakdown of some of the criminal conduct alleged against the individual companies and labour union:
• Westinghouse — In 2010, while Westinghouse was building four power plants in China, the defendant Sun allegedly stole confidential and proprietary technical and design specifications for pipes, pipe supports, and pipe routing.
• SolarWorld — In 2012, the defendant Wen and others allegedly stole “thousands of files including information about SolarWorld’s cash flow, manufacturing metrics, production line information, costs, and privileged attorney-client communications relating to ongoing trade litigation, among other things.” The Justice Department said this would have theoretically enabled a Chinese competitor to gain an advantage and target SolarWorld on multiple angles.
• U.S. Steel — The defendant Sun allegedly sent phishing emails to U.S. Steel employees while the company was participating in trade cases with Chinese steel companies. After the resulting malware was installed on the U.S. Steel computers, Wang allegedly stole hostnames and descriptions of U.S. Steel computers.
• ATI — The defendant Wen allegedly stole network credentials for “virtually every ATI employee” in 2012, when the company was involved in a public trade dispute with a China state-owned enterprise.
• USW — Also in 2012, Wen allegedly stole emails and other sensitive documents from senior USW employees, at the time USW was involved in public trade disputes with Chinese state-owned enterprises in at least two areas.
• Alcoa — The defendant Sun allegedly sent a phishing email to Alcoa addresses about three weeks after the company announced a partnership with a Chinese company. About four months later, unidentified individuals stole thousands of email messages and attachments from Alcoa’s computers.
The FBI also released photos of the alleged hackers, who are now included on the FBI’s Most Wanted list of cyber targets: