In an unfolding investigation at the intersection of global metals competition and industrial espionage, Chinese hackers allegedly have stolen sensitive economic data from U.S. companies.
The U.S. Justice Department in May charged five Chinese military hackers with cyber spying for allegedly breaking into the computers of companies with business in China or involved in trade petitions against Chinese competitors.
Some of Chinas biggest metal companies, as well as a Chinese nuclear power company, may have gained access to confidential information allegedly stolen from competitors and joint-venture partners in the United States. Victims of the alleged hacking include Alcoa Inc., Allegheny Technologies Inc. (ATI), U.S. Steel Corp. and Westinghouse Electric Corp., all based in Pittsburgh, the Justice Department said.
The hacking was part of an effort beginning in 2006, led by a Peoples Liberation Army signals-intelligence group known as Unit 61398, to create a secret database of corporate intelligence on the iron and steel industries for a state-owned company in China, according to a federal indictment unsealed May 19 that details the alleged plot to break into the computer systems of several U.S. companies.
The indictment represents only a first step, given that there are many more victims, FBI director James B. Comey said in a statement. For too long, the Chinese government has blatantly sought to use cyber espionage to obtain economic advantage for its state-owned industries, he said.
The charges were the first ever to be brought against a foreign country for hacking related to the theft of sensitive business information, U.S. Attorney General Eric Holder said in a statement. Success in the global marketplace should be based solely on a companys ability to innovate and compete, not on a sponsor governments ability to spy and steal business secrets.
Five people alleged to be officers in Chinas Peoples Liberation ArmyWang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu Yu and Gu Chunhuiwere indicted by a grand jury in Pennsylvania, the Justice Department said. The charges against themincluding identity theft and trade-secret theftcarry combined maximum penalties totaling decades in prison.
Chinas Foreign Ministry said the U.S. indictment was based on fabricated evidence. The U.S. accusation against Chinese personnel is purely ungrounded and absurd, a spokesman said in a statement posted on the ministrys website, which also accused the United States of long being involved in large-scale and organized cyber theft.
Aluminum Corp. of China Ltd. (Chinalco), Baosteel Group Corp. and State Nuclear Power Technology Corp. Ltd. (SNPTC) are not named in the U.S. indictment, but comparing company press releases, government records and AMM archives to the 56-page indictment appears to reveal the names of three state-owned entities (SOEs) referenced in the Justice Department document.
None of the companies has been charged, but the indictment suggests that at least one retained the service of a hacker while others appear to at least have gained a competitive advantage from the alleged hackers activities.
State-owned Baosteel appears to be SOE-2 referred to in the indictment. The indictment mentions an ATI joint venture in China with a large, Shanghai-based, state-owned steel company, and ATI has only one joint venture in ChinaShanghai Stal Precision Stainless Steel Co. Ltd., a joint venture with Shanghai Baoshan Iron & Steel Co. Ltd., a member of Baosteel Group. The indictment also says SOE-2 filed a trade petition against ATI exports of grain-oriented electrical steel to China, and AMM archives show that Baosteel was one of the companies that filed the complaint.
One alleged hackerWen Xinyu, also known as WinXYHappyis accused of stealing user names and passwords for virtually every employee at ATI, a move that would have allowed wide-ranging and persistent access to its computers, in April 2012, when ATI was engaged in a trade petition against Chinese exporters of grain-oriented electrical steel, the indictment says.
Assuming Baosteel is SOE-2, then it also is the company that assigned one of the alleged hackers to create a secret database of corporate intelligence on the iron and steel industries, the indictment indicates.
Pittsburgh-based Alcoa was targeted in February 2008 while it was partnering with Chinalco to acquire 12 percent of the U.K. common stock of London-based metals and mining giant Rio Tinto Plc, according to the indictment. Chinalco therefore appears to be SOE-3 referred to in the indictment. Alcoas computers were hacked just three weeks after the deal was announced and nearly 3,000 e-mails were stolen.
Cranberry Township, Pa.-based Westinghouse on July 24, 2007, agreed to build four nuclear power plants in China with SOE-1, a state-owned power company in China, the indictment says. That description appears to match SNPTC, with which Westinghouse announced a deal on the same date.