Article Lead Image

DOJ charges Chinese military unit with cyber-espionage

This is first time the U.S. has formally charged another country's military for cybersecurity crimes.


Jack Flanagan


Posted on May 19, 2014   Updated on May 31, 2021, 7:10 am CDT

The U.S. Department of Justice announced Monday that it has charged a group of alleged Chinese military hackers for conducting “cyber-espionage” against American companies. This is first time the U.S. has formally charged another country’s military for cybersecurity crimes.

The charges, brought against five personnel in the China’s People’s Liberation Army (PLA), include economic espionage and theft of trade secrets of five American companies and a workers’ union. The alleged attacks are believed to be attempts by the Chinese government to steal trade secrets from the U.S. DOJ officials name information regarding nuclear power plants and solar panels as having been accessed by the hackers.

During a press conference Monday morning, Attorney General Eric Holder said the attacks, uncovered during a years-long investigation by the FBI into cyber activities in China, “demand an aggressive response.”

The range of trade secrets and other sensitive business information stolen in this case is significant and demands an aggressive response. Success in the global marketplace should be based solely on a company’s ability to innovate and compete, not on a sponsor government’s ability to spy and steal business secrets.

The U.S. entities allegedly attacked by PLA members include Westinghouse Electric, United States Steel, the United Steel Workers Union, Alcoa, Allegheny Technologies, and Solar World.

In years past, the DOJ’s National Security Division (NSD) brought these complaints to the Chinese government, but were rebuffed due to a “lack of evidence.” A representative for the NSD Monday announced that they had such evidence, saying “we now have information’ regarding’ specific actions, on specific days and by specific actors.”

According to DOJ officials, those actors include Wang Dong (a.k.a. UglyGorilla), Sun Kailiang (Jack Sun), Wen Xinyu, Huang Zhenyu and Gu Chunhui (KandyGoo), all of whom allegedly served in a Shanghai-based PLA faction known as “Unit 61398.” Cybersecurity firm Mandiant first uncovered Unit 61398 in February of last year, as Congress was considering the Cyber Intelligence Security Protection Act (CISPA), a controversial piece of legislation.

The accusations relate to reports over previous years of the cyber hacking of hundreds of companies in both government organisations and high-profile American-based businesses, like Facebook and Microsoft. The PLA is believed to have been behind an overwhelming majority of cyberattacks against the U.S., with Unit 61398 at the center of these operations.

China has not yet responded to the charges, though it has denied similar actions in the past.

Once these charges have been made, the men will become “wanted,” though it remains to be seen whether the Chinese government will defend or apprehend the hackers. Authorities speaking on the accusations skirted around the issue of extradition, or the Chinese state acting upon these accusations.

President Barack Obama has described cyberattacks as “a real threat to our security and our economy,” with estimates in economic loss from cyber-espionage ranging from $24 billion to $120 billion, according to the Washington Post.

During Monday’s press conference, Holder called the cyberattacks as a “wake-up call” to the “new normal” of cyber-espionage.

Photo via Lennart Tange/Flickr (CC BY 2.0)

Share this article
*First Published: May 19, 2014, 12:38 pm CDT