GWEN IFILL: The Obama administration went on the offensive today against Chinese cyber-hacking of U.S. businesses.
Attorney General Eric Holder announced the unprecedented indictments this morning.
ERIC HOLDER, Attorney General: When a foreign nation uses military or intelligence resources and tools against an American executive or corporation to obtain trade secrets or sensitive business information for the benefit of its state-owned companies, we must say, enough is enough.
GWEN IFILL: Enough, in this case, means publicly accusing five Chinese military officials of stealing trade secrets. The five reportedly work in the People’s Liberation Army Unit 61398 based in this building in Shanghai. According to the U.S. private security firm Mandiant, that’s where the all-out hacking occurred.
The new indictments say the five hackers targeted six American firms in the nuclear, metals and solar products industries, specifically Alcoa, Allegheny Technologies Incorporated, United States Steel, the United Steelworkers Union, Mandiant, and Westinghouse Electric.
ERIC HOLDER: All nations are engaged in intelligence-gathering. What I think distinguishes this case is that we have a state-sponsored entity, state-sponsored individuals using intelligence tools to gain commercial advantage.
GWEN IFILL: The indictments mark the latest stage in a growing U.S.- China struggle over cyber-espionage. In October 2012, the House Intelligence Committee took aim at two major Chinese telecom companies, Huawei corporation and ZTE technologies, for their ties to the Chinese government. It warned U.S. companies against doing business with them.
Then, in his 2013 State of the Union address, President Obama called for strengthening cyber-defenses.
PRESIDENT BARACK OBAMA: We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.
GWEN IFILL: But China has complained the U.S. government is doing the same thing to other countries, as revealed by the NSA leaker Edward Snowden, now in asylum in Russia.
The suspects accused today are believed to be in China, and it’s not clear they would ever be handed over. Still, Holder argued, it’s in Beijing’s interest to cooperate.
ERIC HOLDER: To the extent that we do not have that cooperation, we will use all the means that are available to use to ultimately have these people appear in a federal court here in the United States.
GWEN IFILL: China gave no sign it plans to extradite any of the suspects. And it’s Foreign Ministry released a statement rejecting the charges as — quote — “fabricated facts.”
The move comes at a particularly tense time between Washington and Beijing, as U.S. allies seek American support in their confrontations with China in the South China Sea.
Joining me now to discuss the indictments, Chinese cyber-hacking, and how today’s action affects the U.S. China relationship are Laura Galante, manager of threat intelligence at FireEye, which acquired the security firm Mandiant earlier this year, and Susan Shirk, former deputy assistant secretary of state for China policy in the Clinton administration. She’s now a professor of China and Pacific relations at the University of California, San Diego.
Laura Galante, get us to the root of these charges. What are they about? LAURA GALANTE, FireEye: Yes.
In reading the indictment this morning, what really stood out were the data theft aspects that were profiled there. So what we saw based on this indictment were that steel companies and the other companies mentioned were the targets of data theft that focused on their corporate proprietary information.
It also included information regarding contracts and acquisitions they were involved in.
GWEN IFILL: Susan Shirk, what is the significance in this case of naming names, actually seeing faces with these allegations — with these accusations?
SUSAN SHIRK, University of California, San Diego: Well, I think it’s an expression of resolve on the part of the U.S. government and U.S. companies that this pervasive commercial espionage is against U.S. law and that we won’t stand for it.
GWEN IFILL: Well, let me stick with you for a moment. What’s the point of tightening screws now when, as we just reported, we have been talking about this for a while?
SUSAN SHIRK: Well, the indictment was handed down, I believe, May 1. It appears that maybe we waited until the chief of the People’s Liberation Army general staff had left town — he paid a recent visit to Washington — in order to launch this shot across the bow.
So I don’t — I think the timing is not really linked to anything, other than the procedures that the Justice Department and the grand jury had followed.
GWEN IFILL: Is that your understanding as well, Laura Galante?
LAURA GALANTE: I think that what we’re seeing here is an escalation on the part of the administration to really call out the specifics around what they’re seeing as a large-scale data theft operation towards U.S. businesses.
And like we profiled earlier in the series, the different steps that were taken in 2013, with Mandiant releasing the report — report discussing hacking, and then later the bilateral relations between China and U.S. taking cyber-security at their center, we’re now seeing this third iteration of data theft being at the center of what’s coming out about what the Chinese are actively pursuing.
GWEN IFILL: Now, the obvious question, and it’s one that’s been raised by the Edward Snowden revelation and it’s one which came up repeatedly today with the attorney general, is, aren’t we doing the same thing?
LAURA GALANTE: The distinction here is that this is economic espionage that is supported by a state.
In the other cases, we’re seeing state-on-state espionage. And that is really what the attorney general seems to be drawing out here as the key differentiator.
GWEN IFILL: You mean that, because China is investigating private U.S. industry, not the government, that is when the problem begins?
LAURA GALANTE: Yes.
GWEN IFILL: OK, that’s good.
Susan — I just needed to be clear about that.
LAURA GALANTE: Sure.
GWEN IFILL: But, Susan Shirk, there are other outstanding issues, including these tensions in the South China Sea. How much does taking this action now have any effect on that relationship?
SUSAN SHIRK: Well, although there is no direct linkage, I think it is a sign that the United States isn’t just going to whine about things it doesn’t like, but when we have steps that we can take, legal actions or, in some cases, exercises or military basing in the area, we’re going to take those actions.
In other words, there’s some suggestion that the folks in Beijing are testing the resolve of the United States through a number of assertive actions, both on the maritime territorial disputes, things like cyber-security, as well as a lot of economic disputes that we have with China right now, and that they somehow have gotten the idea that the U.S. is on the decline, that it’s not going to stand up for its own interests.
And so I think actions like today demonstrate that that is not really the case. Now, of course, what are we going to do to enforce these indictments? That — you know, you could argue that it’s a bit of an empty action, because there won’t be any real penalties unless these individuals travel outside of China.
GWEN IFILL: You are taking the questions right out of my mouth. Do you have any idea what that is, or is it just enough to send that signal?
SUSAN SHIRK: Well, I think it’s important to take the actions. And there may be some things that can follow.
Of course, on the Chinese side, what — we have to wait and see what the Chinese response is and whether or not they try to retaliate in some form or another.
Right now today, they, of course, said it’s all a bunch of lies. Chinese government spokesmen said that. And they did cancel our cyber-dialogue that is supposed to enable us to come up with a shared understanding of the rules of the game. But the problem is we don’t have a shared understanding of the rules of the game.
GWEN IFILL: Laura Galante, I was very interested the kinds of companies which are targeted, which are allegedly targeted in this, steel companies, Steelworkers Union, Alcoa, Westinghouse. What is the significance of those companies?
LAURA GALANTE: It wasn’t surprising to us to see that these manufacturing companies, particularly in advanced manufacturing, were those that were targeted and discussed in the indictment.
What we have seen is data theft very closely aligned to the types of emerging industries that we see China discuss as the core pieces driving their economy. So what we will see is, where China discusses biotechnology as a core initiative, we will see many companies come from that sector, whether it be pharmaceuticals as a subsector there, or also aerospace and defense, of course, a common target.
GWEN IFILL: When you hear — as Susan Shirk was just saying, when you hear the United States say, we’re going threaten you, they have been saying this for a while. Has there been any evidence over time that these threats have begun that there has been a pullback on the part of China?
LAURA GALANTE: Here’s what we saw behind the scenes on the network side. After we released the report last year detailing this type of activity, we saw a long pause in operations from these different groups based in China.
When those groups did come back to their activity level last fall, we saw them change the infrastructure that they were using to stage these different intrusions. So while the public version was a denial of the acquisitions that were being discussed, behind the scenes, it was a very different story.
GWEN IFILL: Final word, Susan Shirk, briefly. Is this a necessary fight for the U.S. to pick?
SUSAN SHIRK: Well, I am afraid that it is, because our companies have really suffered very intense cyber-attacks from China in recent years. They are afraid, frankly, of raising these issues directly with the Chinese government, and they look to the U.S. government to defend their interests and to defend this norm that cyber-attacks shouldn’t be used for commercial advantage.
But the problem is, the Chinese system is very different. For them, the advantages of their own state-owned enterprises are all part of national security.
GWEN IFILL: OK. We will be waiting to see if more shoes drop.
Susan Shirk now at U.C. San Diego, Laura Galante of Mandiant and FireEye, thank you very much.
LAURA GALANTE: Thanks a lot.