Eoin Treacy's view -
Secretary of State Michael Pompeo and Homeland Security Secretary Kirstjen Nielsen said in a statement they were “concerned” that the alleged operation violated a 2015 agreement China made with the U.S. to stop supporting cyber theft of intellectual property and trade secrets.
The indictments against the two, unsealed in federal court in Manhattan on Thursday, underscore one of the primary U.S. grievances in the ongoing trade fight between the Trump administration and Beijing: the systematic theft of U.S. intellectual property and forced technology transfers from companies doing business in China.
Those complaints are a central issue in negotiations U.S. and China are working under a 90-day deadline President Donald Trump and Chinese President Xi Jinping set after agreeing Dec. 1 to halt additional tariffs and trade penalties. Since July, the two countries have imposed tariffs on a combined $360 billion in each other’s imports, a bruising conflict could undermine the global economy at a time when growth is leveling off.
The hackers, known in the cybersecurity community as Advanced Persistent Threat 10, stole information from companies in an array of industries, including banking and finance, telecommunications, biotechnology, automotive, health care and mining, according to the indictment.
The group hacked the U.S. Navy, making off with the personal data of more than 100,000 personnel, and successfully infiltrated computers linked to NASA’s Jet Propulsion Laboratory, the indictment said. Zhu and Zhang were indicted in abstentia.
Industrial espionage has been a major part of China’s technological evolution policy for the last decade and longer. In fact the data collection underway has been on a scale that dwarfs that of any other country with the possible exception of the USA itself. Here is a link to an article from the New York Times highlighting how China has been listening to European diplomatic communications for years. Here is a section:
Unlike WikiLeaks in 2010 or the Russian hack of the Democratic National Committee and other Democratic Party leaders in 2016, the cyberattack on the European Union made no effort to publish the stolen material. Instead, it was a matter of pure espionage, said one former senior intelligence official familiar with the issue who spoke on the condition of anonymity.
It also displayed the remarkably poor protection of routine exchanges among European Union officials after years of embarrassing government leaks around the world.
In this case, the cables were exposed after a run-of-the-mill phishing campaign aimed at diplomats in Cyprus pierced the island nation’s systems, said Oren Falkowitz, the chief executive of Area 1.
“People talk about sophisticated hackers, but there was nothing really sophisticated about this,” Mr. Falkowitz said. After getting into the Cyprus system, the hackers had access to passwords that were needed to connect to the European Union’s entire database of exchanges.
Area 1’s investigators said they believed the hackers worked for the Strategic Support Force of the People’s Liberation Army, part of an organization that emerged from the Chinese signals intelligence agency that was once called 3PLA.
This section continues in the Subscriber's Area.
Back to top