3. U.S. response to Chinese hacking dulled by trade concerns
As harsh as Thursday's hacking indictments seem, the U.S. government is signaling to Beijing that it does not want this move to upset the trade negotiations. As I and multiple news organizations reported Thursday, the U.S. backed down from expected sanctions in addition to the indictments because Treasury Secretary Mnuchin was worried about the impact on the trade discussions.
Axios' Joe Uchill has the details on the indictments:
The Department of Justice unsealed indictments against 2 Chinese hackers affiliated with the Ministry of State Security Friday.
Why it matters: The group known as APT 10, running a campaign nicknamed Operation Cloud Hopper, recently attacked managed IT services, providing a gateway to intellectual property and trade secrets worldwide. The group has attacked biotech, healthcare, NASA, oil and gas exploration, and other industries.
Details: The two hackers, Zhu Hua and Zhang Shilon, are said in the indictment to have attacked more than 45 technology companies in at least a dozen U.S. states as well as U.S. government agencies — including obtaining the personal information of more than 100,000 naval service members.
- The DOJ alleges the pair worked for Huaying Haitai Science and Technology Development Company and were contracted by China as cyber mercenaries.
- Per the indictment, APT 10 has been active since at least 2006 and has been attacking managed service providers since 2014.
- Other nations with APT 10 targets included Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, the United Arab Emirates, and the United Kingdom.
Background: "Cloud Hopper is one of the most aggressive of Chinese groups," said Ben Read, senior manager for cyber intelligence at FireEye.
- FireEye has seen the group involved in a great deal of economic espionage, ranging from hacking internet service providers to targeting a pharmaceutical firm.
- "An indictment might pause operations, but probably won't stop them," said Read, noting an array of other Chinese groups involved in seemingly state-sanctioned commercial espionage.
The Department of Justice has been on a recent tear of filing charges against Chinese officials.
- Then-Attorney General Jeff Sessions announced a new DOJ China initiative on Nov. 1 while discussing the indictment of a Taiwanese, state-owned company for theft of trade secrets from U.S.-based Micron.
- But even before the initiative, Chinese intellectual property theft was on the DOJ's radar for quite a while. Prosecutions can take years to develop, and former officials believe the current flurry of indictments is the fruit of a strategy that began back in the Obama administration.
- At a Senate Judiciary Committee hearing last week, John Demers, assistant attorney general for the National Security Division, said 90% of intellectual property theft that involved a foreign country came out of China, which Rosenstein echoed Thursday.
The trade war with China is notionally a separate issue than intellectual property theft, as is the arrest of a Huawei executive for trade sanctions violations, the penalizing of ZTE for similar trade sanctions violations and the U.S. accusations of election interference. But all these issues combine to form a slurry of discord between the Trump administration and China.
Go deeper: China hacked HPE, IBM and then attacked clients and China hacker accusations: US teams with allies to counter cyber-threat