The flawed US indictment of Chinese hackers

ChinaHacking by Shutterstock

In a week when the US and China engaged in a verbal slugfest over Beijing’s outsized hegemonic claims in the East and South China Seas and its attempts to bully Asian neighbors into tacit submission, it’s not easy to pen an essay warning US leaders that the May 19th indictment of five Chinese military hackers is factually weak and conceptually flawed. But in standing up to—and even taking action against—Beijing’s military and economic cyber sabotage, the United States needs to present the world with a more precise and clearly delineated defense of its action.

Let me freely acknowledge at the outset that my own analysis and conclusion in this posting will build upon prior judgments by two other scholars, Ariel Rabkin and Jack Goldsmith. A week ago, in this space (0), Rabkin pointed to the “dangerous” precedent the US was espousing by holding that “uniformed military personnel can be indicted by foreign powers for activity conducted lawfully in their home country.” Given the sweeping activities of the NSA, “any hostile government, or impish prosecutor” will be able to indict US security officials under this doctrine. Further, given that there is now “no clear theory or doctrine of just how far national jurisdiction can be pushed,” he queried: “Has anybody in the Obama administration thought this through?”

More closely related to the economic themes laid out here, Jack Goldsmith, a former Bush administration official now at the Harvard Law School, back in March 2013 (months before the first of many Snowden NSA revelations), wrote a trenchant rebuttal (1) to another respected cybersecurity expert’s, James Lewis of CSIS, claim that the US “does not engage in economic espionage” and that, further, there are “unwritten rules that govern espionage and China’s behavior is out of bounds.” Goldsmith argued that there are no unwritten rules for economic espionage and that though it prohibited by US law, it is not banned by “international laws, written or unwritten, and it is widely practiced.” He went on to cite a number of US security officials and reports that defended and lauded the benefits of economic espionage, including a statement by then-CIA Director Stansfield Turner that “as we increase emphasis on economic intelligence…we will have to spy on the more developed economies—our allies and friends—with whom we compete economically,” and a 1996 National Research Council report that stated: “According to the NSA, the economic benefits of SIGINT contributions to U.S. industry taken as a whole have totaled tens of billions of dollars over the last several years.”

This bring us to the specific charges against the five Chinese military officials. The 31-count indictment alleges that, among other offenses, members of Unit 61398 of the PLA conspired to commit computer fraud; accessed computers without authorization; damaged computers through transmission of malware code and commands; committed economic espionage and stole trade secrets. The indictment identifies as victims five US-based companies: Westinghouse, Alcoa, Alleghany Technologies, US Steel, Solar World; and one labor union, the United Steel Workers (Westinghouse and and Solar World are subsidiaries of Japanese and German companies, respectively).

What is striking about the indictment is that though conservative estimates of China cybertheft of US intellectual property run to $100 billion and beyond, the technologies named in the indictment, while not insignificant, are not at the cutting edge of US technology advantage: to wit, Westinghouse, through a joint venture with the State Nuclear Power Technology Corporation (SNPTC) had already agreed to transfer the essential technology related to its advanced nuclear reactors in 2010.   While the indictment cites theft of certain pipe designs and specs, most of the stolen documents relate to negotiations for future business deals and Westinghouse future strategy for dealing with the SNPTC—certainly important documents but largely unrelated to IP. Much of the same paucity of evidence of IP or technology theft characterizes the indictments related to the other four companies. This has led Jeffrey Carr, a security analyst not noted for pro-PRC views, to conclude (2): “The problem of IP theft by nation states is ongoing and relentless. If this is the best that the Dept. of Justice can do, things will get much, much worse for U.S. companies.”

But the real gravamen of the administration’s case was the attempt to draw a clear line between two forms of economic espionage: stealing IP or trade/business secrets by government or even private hackers and passing that information on to individual domestic corporations; and stealing economic information for either non-economic reasons or for to advance economic goals not specific to a particular corporation. In defending the administration’s actions, its lead spokesman, Assistant Attorney General John Carlin, adopted an indignant, highly moral tone, stating that the indictment alleges (3) that Unit 61398 “stole information particularly beneficial to Chinese companies and took communications that would provide competitors with key insight into the strategies and vulnerabilities of the victims…This is not conduct that responsible nations within the global community should tolerate.”

Much of the cyber theft detail set forth in the Pittsburgh Indictment relates to trade disputes and cases that three of the companies (US Steel, Solar World, and Alleghany Technology) and the steelworkers union were involved with against Chinese companies—particularly in the case of US Steel and the union. Though labeled “trade secrets,” the material basically related to strategies and pricing data to be utilized in furtherance of the actions against Chinese companies. And the problem here is that such espionage activities are clearly within the orbit of actions taken (and vigorously defended) by the US government.   The Snowden leaks provide an abundance of evidence in this area. For instance, one fact revealed is that in the US intelligence agencies “black budget,” (4) there is a special section related to trade which states that the intelligence agencies will “directly support and strengthen” trade enforcement actions and the goals of US trade negotiations. As to individual instances, the Europeans have been much vexed at revelations that US officials exploited hacking in trade negotiations over the past decade—and gained access to European Commission information relating to antitrust actions against Apple, Motorola, Microsoft and Intel.. Similarly, the NSA penetrated private e-mails in the Brazilian state-run oil giant Petrobras, well as other state-run oil companies in Saudi Arabia, Mexico, and throughout Africa (the rationale here being that state-owned enterprises are indistinguishable from governments). And finally, Snowden documents show that the US secured important information from Australian security officials relating to a WTO case involving Indonesian clove cigarettes.

While there is no evidence that the US government gave information directly to individual corporations, the material gleaned from the spying operations certainly benefitted US businesses and workers. Thus, as Goldsmith states (5), the clear line laid down by the Obama administration “is not a line widely accepted by other nations.” The large point is, as New York Times reporters David Sanger has written (6): “The government does not deny that it routinely spies to advance American economic advantage, which is part of its broad definition of how it protects American national security.”

The sweeping, emphatic promise to go after all perpetrators of economic sabotage also presents future challenges. The problem, as former Defense Secretary (and former CIA Director) Robert Gates has pointed out (7), is that: “There are probably a dozen or 15 countries that steal our technology in this way. In terms of the most capable next to the Chinese are the French—and they’ve been doing it a long time.” Gates and others have pointed also to the Russians, several Eastern European countries, and the supremely competent Israelis. Does the administration really intend to follow through on Carlin’s sweeping commitment?

The point of this post is not to call for a halt to US actions to counter Chinese (or other nations’) economic sabotage. Rather it is to argue that the Obama administration needs to tighten and strengthen its case as it goes forward. For instance, among the voluminous, rich cyber files in NSA/CIA vaults, there must be striking examples of purloined technologies, the possession of which has allowed Chinese companies and sectors to leap to the forefront of world competition (the equivalent of China’s purported theft of the F-35 stealth fighter designs). Future indictments should target and widely publicize these technological thefts, in contrast to the trivial technologies that form the basis of the current indictments.

Second, it would be wise for the US to separate corporate secrets related to trade disputes and litigation from trade secrets related to future competitive strategies against Chinese (and other national) companies. This essay is not the place to discuss the bad reputation most trade remedy (particularly anti-dumping) cases have with serious economists. But suffice it to agree with the Wall Street Journal’s Holman Jenkins, Jr., who lamented in regard to the current indictments (8) that: “sadly the picture is mudded by Washington’s focus partly on data related to trade litigation and green subsidies, areas where an odor of cronyism wafts from our side, too.” In the currenct indictments, there were strategic business strategies unrelated to trade litigation that were hacked from Westinghouse and Alcoa; but their significance got lost in the heavy emphasis on the trade disputes data.

Third, while it plays well politically and in the media, the administration would be well advised to tone down its moral indignation against the Chinese incursions. Though it may seems utopian at this point, at some time in the future we will have to reach an international accommodation with China and other nations on the broad challenges of cybersecurity—naming and shaming individual Chinese military units and individuals should be viewed as a necessary interim tactic not a final solution.

This leads me to a final point: Secretary Gates, in the interview cited above, ended by admitting: “I don’t know where it goes from here.” I doubt if the administration does either. Are we, for instance, willing to take more definitive action against Chinese companies—denying them access to US financial resources; are we willing to deny access to the US market if they have been shown to benefit by IP theft (a hugely difficult case to prove, admittedly); are we willing to bear the brunt of retaliation from China against many of America’s world-leading high-tech companies; and are we willing to achieve credibility by taking action against other nations whose companies also benefit from economic spying? All of this is not to place singular blame on the Obama administration: this is new territory and balancing economic and security national interests will be difficult and, potentially, treacherous.

Getting the priorities and terms right in future Chinese indictments would be a good start toward a more carefully thought out set of policies.

For those interested in learning more about the future of US cybersecurity policy, AEI’s Center for Internet, Communications, and Technology Policy is hosting a conference, on June 12, entitled “After Snowden: The road ahead from cybersecurity.” The conference will feature remarks from General Keith Alexander (ret.), General Michael Hayden (ret.), Rep. Mike Rogers (R-MI), and the Honorable Tom Wheeler, Chairman of the FCC, as well as other business, government, and academic leaders. More details are available here (9).



One Response to "The flawed US indictment of Chinese hackers"

Leave a reply