Hacking Charges Came Even As U.S. Wooed Chinese Investment
By Stuart Leavenworth, McClatchy Foreign Staff
BEIJING — Max Baucus, the U.S. ambassador to China, started his workweek Monday by urging China’s state-owned enterprises to invest in American infrastructure projects. “There is a huge opportunity,” he told a forum at the U.S. Embassy in Beijing that scores of Chinese and U.S. executives attended.
While Baucus was looking for Chinese investment, U.S. Attorney General Eric Holder was preparing to announce an indictment against five Chinese military officers. Holder would accuse them of hacking into U.S. companies’ computer systems on behalf of unnamed Chinese state-owned enterprises — including possibly some that the United States is courting for investment.
To many analysts, the juxtaposition of the two events Monday reveals how bifurcated U.S. policy toward China has become. On any given day, it can swing between indictments and ceremonial toasts.
Here in Beijing, Baucus’ efforts to court Chinese investment were quickly overshadowed by what China called “fabricated” accusations against its military officers. By Tuesday, China’s official news agency, Xinhua, was reporting that Baucus had been summoned to the Foreign Ministry to explain the U.S. position and make amends.
Adam Segal, a cyber-security expert at the Council on Foreign Relations, said he was surprised that the Obama administration decided to issue the indictments, the first U.S. prosecution against a foreign country’s military for economic espionage. “The public ‘naming and shaming’ has been a big part of the picture since a year ago,” he said, but it’s unclear how effective it’s been.
Unlike in the United States, China’s economy is dominated by more than 100 major state-owned enterprises. These include companies involved in steel manufacturing, nuclear power and solar power — the sectors named in the indictment as targets for China’s U.S. hacking.
It’s long been known that China’s military has close ties to the enterprises. It’s been suspected for almost as long that the military uses its cyber-warfare capabilities to give those industries a competitive advantage. That was backed up last year by a detailed investigation by Mandiant, a private American cyber-security company. Mandiant revealed that a Shanghai-based espionage unit of the People’s Liberation Army had engaged in years of cyber-attacks on U.S. companies and defense installations.
“This issue poses a serious threat to the stability of U.S.-Chinese codependency,” Stephen Roach, a senior fellow at Yale University’s Jackson Institute for Global Affairs, wrote in his new book, “Unbalanced.” Unlike issues such as unfair trade practices, he wrote, hacking doesn’t lend itself to a process of negotiation and adjudication.
Indeed, it now appears that the only avenue for negotiation has been suspended, if not permanently shut down. In response to Monday’s indictments, China said it would no longer attend a working group made up of senior officials from both countries to resolve complaints about cross-border hacking.
Baucus met with Zheng Zeguang, China’s assistant foreign minister, on Monday shortly after the indictments were announced, according to a statement posted on the ministry’s website Tuesday.
Zheng reportedly told Baucus that depending on the development of the situation, China “will take further action on the so-called charges by the United States.”
“The Chinese government and military and its associated personnel have never conducted or participated in the theft of trade secrets over the Internet,” the Foreign Ministry quoted Zheng as telling Baucus.
In its indictment, the Justice Department detailed how the army officers allegedly used malicious software, called malware, as well as techniques such as “spear phishing” to steal corporate secrets from Alcoa, U.S. Steel, Westinghouse Electric and other companies.
The indictment says the five named officers allegedly used online aliases — “KandyGoo,” “Jack Sun” and “UglyGorilla” — to do their spying. It’s silent on any higher-level officials who may have directed them in the hacking, but it makes clear — on page 3 — that certain unnamed state-owned enterprises were involved.
For example, one state-owned enterprise “involved in trade litigation against some of the American victims mentioned herein hired the unit, and one of the co-conspirators charged herein, to build a ‘secret’ database to hold ‘corporate’ intelligence,” the indictment alleges.
It also notes that one officer charged, Huang Zhenyu, is alleged to have done programming work for what is identified as “state-owned enterprise 2” from 2006 to 2009.
U.S. business interests have long complained in private about Chinese state-owned enterprises being involved in various forms of espionage, including deploying police to steal laptops from visiting corporate executives. But American groups rarely speak out in public, worried about hurting their economic prospects. When they do complain, they do so only in the most careful of terms.
On Tuesday, the American Chamber of Commerce in China — known as Amcham China — issued a statement on the indictments.
“While we cannot comment on the specifics of any particular case, AmCham China believes there is a fundamental difference between intelligence gathering for legitimate national security purposes and intelligence gathering for stealing trade secrets, and that the definition of national security ought not include economic interests,” said the group’s chairman in Beijing, Gregory Gilligan. “We urge both governments to reach agreement on the rules of the road regarding cyber security incorporating this distinction.”
It’s still unclear what steps China might take in response to the indictments, beyond statements from the Foreign Ministry labeling the charges “ungrounded and absurd” and boycotting the talks on cyber-security.
Segal doubts that Beijing would indict U.S. National Security Agency officials, but it might take actions detrimental to U.S. relations with China, such as curtailing talks among top military leaders on avoiding accidental conflicts at sea.
It also remains to be seen whether the U.S. will attempt to crack down on other hacking operations in China, some affiliated with the military, that the NSA is known to be monitoring. Even if it did, there’s no way the United States could arrest and prosecute the military officials involved, unless they were to visit a country that has a extradition treaty with the U.S.
Some observers doubt the indictments will do anything but send a symbolic message to China, and even that isn’t likely to budge Beijing. As reflected in China’s state media, Chinese officials view the United States as a hypocrite on cyber-spying in the wake of Edward Snowden’s NSA-spying revelations.
Writing on the Asia Society’s ChinaFile blog Monday, Robert Daly said “naming and shaming” military officers was a tactic of last resort, and that it might backfire if China’s leaders thought they needed to “save face.”
“China cares more about face than we do and will fight harder to save it,” wrote Daly, the director of the Kissinger Institute on China and the United States. “Bilateral and multilateral consultation will yield better results over an arduous, imperfect long run.”
Photo: akasped via Flickr