in China Army Face U.S. Charges of Cyberattacks

May 19, 2014


WASHINGTON — In the Obama administration’s most direct confrontation with China over its theft of corporate secrets, the Justice Department on Monday unsealed an indictment of five members of the Chinese People’s Liberation Army and charged them with hacking into the networks of Westinghouse Electric, the United States Steel Corporation and other companies.

The indictment named members of Unit 61398, which was publicly identified last year as the Shanghai-based cyberunit of the People’s Liberation Army, including its best-known hackers known online by the noms de guerre “UglyGorilla” and “KandyGoo.”

The F.B.I. and American intelligence agencies electronically tracked the activities of the hackers, one official said, and “put them inside the Datong Road headquarters” of the cyberunit, a heavily guarded 12-floor military tower near the Shanghai airport.

The move by the Justice Department was almost certainly symbolic since there is virtually no chance that the Chinese would turn over the five People’s Liberation Army members named in the indictment.

Since 2006, and as recently as last month, the indictment alleged, the hacking unit invaded the networks of American corporate targets, systematically copying their emails and, in some cases, infecting their computers with malware.

The indictment said that “Chinese firms hired the same P.L.A. unit” to “build a secret database to hold corporate intelligence.” In one instance, the hackers broke into Westinghouse’s network to learn the company’s strategy for negotiating with one of China’s state-owned enterprises. The hackers stole roughly 700,000 pages of emails, including some from its chief executive.