In a surprising move, a US District Court has charged five members of the Chinese military with hacking six US companies to obtain commercial secrets over the last eight years. The move has been denounced by the Chinese government and the US Ambassador has been called to Beijing as a result.
A trial that will never happen
Given there is no extradition treaty in place between the US and China, and in any case the Chinese would never give up members of their military to the US, the trial is extremely unlikely to ever go ahead. The indictment does not provide much detail on how these Chinese military hackers were identified, nor how the hacks were traced back to their unit, codenamed 61398.
In fact, much of the information about the role of Unit 61398, their methods and indeed some of the code names of the individuals involved were released in a report by private cyber-security firm Mandiant in February of 2013.
The hacker methods detailed in the charges are not particularly sophisticated and one piece of evidence points to Chinese involvement because the times that the compromised machines were communicating with the hackers coincided with a 9 to 5 work day in Shanghai, with an hour for lunch. Building a case on the idea that the Chinese military would work on a strict seven-hour day seems implausible.
The public relations of spying
Given the political and economic ramifications of revealing the identities of the Chinese hackers, it’s clear the US government was behind this move, at a time when US-Chinese relations continue to test new depths. Equally clear is that through this move, the White House is orchestrating a public relations campaign aimed directly at the US public, especially the US business community to highlight the clear economic necessity of having an ever growing spying machine.
Looked at in this light, the timing is not surprising. The Snowden revelations over the past year about the pervasiveness of the US spying effort have been a PR disaster for the US government. What was worse was the impact these revelations were having on US companies that had been embroiled in the scandal, mostly against their wishes. It was becoming increasingly difficult to convince a sceptical world public that the spying was simply about national security and terrorist threats when allied leaders were having their phones tapped by the NSA.
Sales of tech companies products and services have been impacted by the revelations the NSA had been subverting products before they reached customers. This recently led the CEO of Cisco to call for the US government to effectively back off from its use of the companies’ products as a carrier of surveillance software and equipment.
The grand jury indictment will serve to draw a clear line between the necessity of US cyber-warfare capabilities and the continued economic protection of American companies, especially those doing direct business in China. It is in the US government’s interests to show how leaving the Chinese spying unchecked will have economic consequences for the US and more direct impacts on businesses trading in the Chinese market or competing against Chinese firms.
Will company leaders believe the PR?
It is not clear if this approach will work for the US government. Other than the posturing by US Attorney-General Eric Holder about the outrageous behaviour of the Chinese, there is little in fact that it can do. The vagaries and risks of doing business in China have been known and accepted, albeit begrudgingly, for some time. The US is dependent on the Chinese market for both manufacturing and exports.
What the NSA could do however, is to concentrate on improving the ability of companies and citizens to protect themselves against cyber attacks and threats. This in itself would be an ever-moving target, but at least the more obvious forms of attack by the Chinese could be shut down.
The global problem of corporate hacking by governments
For the rest of the world watching events unfold, including Australia, it should be clear that anyone dealing with countries like China, and in fact even the US, is likely to face attempts to obtain their trade secrets through hacking.
Australia saw such spying after revelations in 2009 of Chinese spies targeting Rio Tinto during its dealings with Chinese aluminium company Chinalco.
It’s likely that ASIO has continued to work actively with Australian companies to investigate hacking incidents from foreign governments and, attempting to protect them against this pervasive threat.