What do you think? Leave a respectful comment.

DOJ says Chinese hackers compromised sensitive data

The Department of Justice has indicted two Chinese hackers for infiltrating U.S. companies and government agencies and stealing vast amounts of sensitive data to help Chinese companies compete with their American counterparts. John Demers, assistant attorney general for national security, explains to Judy Woodruff how the cyber intrusion occurred and why it violates a 2015 U.S.-China agreement.

Read the Full Transcript

  • Judy Woodruff:

    We return now to the indictment of two Chinese hackers.

    The charges are part of a broader effort by the Department of Justice to crack down on Chinese cyber-espionage. Today's case centers on two men who allegedly worked with Chinese intelligence to steal vast amounts of sensitive data from companies, militaries and governments around the globe.

    Joining me now, assistant attorney general for national security, John Demers.

    Mr. Assistant Attorney General, thank you very much for joining us.

    This was a pretty high-profile announcement today. The deputy attorney general, the FBI director, you were there. Why are these two men worthy of such attention?

  • John Demers:

    Two significant things, I think, about today's indictment in particular.

    The first is the way, the hacking worked here was that these individuals are alleged to have hacked through managed service providers and then getting into the systems of managed service providers, and those are companies that provide I.T. services to other companies.

    So, once you get access to those companies, you can go through their systems to get access to a variety of other companies. So, first is the way that they did the hacks. The second is, this is the first time that we at the department have charged conduct that violates the 2015 agreement between President Xi and President Obama, the commitment, that is, by China that it wouldn't conduct cyber-espionage for commercial purposes.

  • Judy Woodruff:

    Do you feel you have solid evidence that these men, that the company, the organization they work for did do this? Do you have the evidence?

  • John Demers:

    Oh, absolutely.

    We would never bring this indictment if we weren't confident that we couldn't prove this beyond a reasonable doubt. That's the standard we operate under all the time here at the department. So, if we didn't think we could do that, we would have never brought these charges.

  • Judy Woodruff:

    Do you, though, also have evidence that the companies they were stealing information from, or the information that it went to, rather, benefited from this and, if so, why not go after them as well?

  • John Demers:

    Well, I can't go beyond what's in the indictment, so — and we don't describe what happens to the information in the indictment.

    In other cases, we have also pursued actions, not necessarily our authorities, but the authorities of other partners in the government, against the companies that have benefited from the charged activity. In this case, we haven't described in the indictment, and so I can't go beyond that to describe who benefited from it and where this might go in the future.

  • Judy Woodruff:

    Well, let me ask you this.

    These men, you describe them as hackers. What about the people at the top of this enterprise, the people at the top of the government in China who authorized, who made sure this happened?

  • John Demers:

    Well, yes, you know, we do charge here that these hackers and the company they worked for were acting in association with the Ministry of State Security in China. And that's the premier Chinese intelligence services that does both counterintelligence and foreign intelligence.

    So, we do allege that they are acting on behalf or in association with the Chinese government. We are charging individuals who we know individually are actually the people who were with their hands on the keyboard. And that, I have to say, is a significant aspect of the attribution here.

    We're not just saying this company did it or this country did it, but that these two individuals individually did it.

  • Judy Woodruff:

    Can you describe, just briefly, in layperson's terms, what kind of information was stolen?

  • John Demers:

    Well, so, a wide variety of information, from both government systems — so we described in there a hack of personal identifiable information of people in the United States Navy — but also looking out at the — a variety of commercial sectors, including the banking sector, the aviation sector, pharma, a whole host of industries.

    Again, because of the way they did this hack, where they went through the managed service provider, they were able to get to a wide variety of companies.

  • Judy Woodruff:

    Since the chances of prosecution are very low, we assume, Mr. Demers, what's the message or what's the point of going ahead with this indictment?

  • John Demers:

    Sure.

    And this is a question we get often in these cyber-indictments. We have done indictments this year against Russia, against Iran, against North Korea, and against China.

    And, sometimes, we can get the defendant right away. We had one Chinese one where we managed to extradite a Chinese intelligence officer from Belgium this year. So, sometimes, we get the person right away. Sometimes, we get the person in the future.

    But even if we never get the person, the idea behind the indictment is first to educate the public as to what's going on, educate the private sector and encourage the private sector to come forward and work with us, if they have been the target of a computer intrusion, and also lay the groundwork for actions by other agencies across the government, including, you know, diplomatic actions and other tools that we have across the government to try to change — all with the goal really in this case of changing the behavior of the Chinese government when it comes to commercial espionage.

  • Judy Woodruff:

    Assistant Attorney General John Demers, thank you very much.

  • John Demers:

    Well, thank you very much. Good evening.

Listen to this Segment

The Latest