A U.S. grand jury has indicted five Chinese military officers on charges of hacking American companies and stealing trade secrets, the toughest action taken by Washington so far to address cyber spying by China.
China denied the charges, saying they were "made up" and would damage trust between the two nations. The Chinese foreign ministry said it would suspend the activities of a Sino-U.S. Internet working group.
Officials in Washington have argued for years that cyber espionage is one of the nation's top national security concerns because foreign hackers have stolen secrets from defence contractors and technology secrets that could pose a threat to U.S. prosperity.
Yet the indictments mark the first time the United States has filed charges against specific officials of foreign governments, accusing them of corporate cyber spying.
'Enough is enough'
"When a foreign nation uses military or intelligence resources and tools against an American executive or corporation to obtain trade secrets or sensitive business information for the benefit of its state-owned companies, we must say, 'enough is enough,'" U.S. Attorney General Eric Holder said at a press conference.
Washington announced the charges as new claims emerged last week about the scope of overseas spying by the United States. Cisco Systems Inc responded by asking President Barack Obama to curtail government surveillance programs.
Federal prosecutors said the suspects targeted companies in Pittsburgh, Pennsylvania, in the nuclear power, metal and solar energy industries.
Targets included Alcoa Inc, Allegheny Technologies Inc, United States Steel Corp, Westinghouse Electric Co, U.S. subsidiaries of SolarWorld AG and a steel workers' union, Department of Justice officials said.
Officials declined to estimate the size of the losses to the U.S. companies at issue, but said they were "significant."
Some of the companies gave their response to the indictments.
"We are happy that the American government is taking the initiative now and we support the U.S. authorities' investigations to investigate this under criminal law," SolarWorld CEO Frank Asbeck said in a statement.
Alcoa spokeswoman Monica Orbe said: "To our knowledge, no material information was compromised."
U.S. Steel declined to comment.
The move "indicates that DOJ has 'smoking keyboards' and (is) willing to bring the evidence to a court of law and be more transparent," said Frank Cilluffo, head of the Homeland Security Policy Institute at the George Washington University.
American businesses have long urged the government to act against cyber espionage from abroad, particularly by China.
Secret U.S. State Department cables obtained by WikiLeaks traced major systems breaches to China, Reuters reported in 2011. One 2009 cable pinpointed attacks to a specific unit of China's People's Liberation Army.
Skeptics said U.S. authorities wouldn't be able to arrest those indicted as Beijing would not hand them over. Still, the move would prevent the individuals from traveling to the United States or other countries that have an extradition agreement with the United States.
"It won't slow China down," said Eric Johnson, dean of the business school at Vanderbilt University and an expert on cyber security issues.
Charges could have some impact
Experts said the indictments would have some impact on those accused of hacking U.S. companies.
Stewart Baker, a former NSA attorney, said the hackers named in the indictments might have trouble getting jobs in China's private sector when they move on from employment with the People's Liberation Army.
"In the long run, it could even hurt your employability in China, because U.S. government is going to look askance at Chinese firms that hire former cyber spies," said Baker, a partner with Steptoe & Johnson LLP.
In an indictment filed in the Western District of Pennsylvania, prosecutors said the officers hacked into computers starting in 2006, often by infecting machines with tainted "spear phishing" emails to employees that purport to be from colleagues.
Prosecutors alleged that one hacker, for example, stole cost and pricing information in 2012 from an Oregon-based solar panel production unit of SolarWorld. The company was losing market share at the time to Chinese competitors who were systematically pricing exports below production costs, according to the indictment.
Another officer is accused of stealing technical and design specifications about pipes for nuclear plants from Westinghouse Electric Co as the company was negotiating with a Chinese company to build four power plants in China, prosecutors said.
China vows retaliation
China has reportedly warned the U.S. that it would retaliate if Washington presses on with the charges, an unnamed State Internet Information Office spokesman told media on Tuesday.
"If the United States continues to insist on going its own way, China will take measures to resolutely fight back," the spokesman told state news agency Xinhua and the People's Daily, the official newspaper of the ruling Chinese Communist Party.
He did not elaborate on the measures that China will take. It is unclear if China could use its financial clout to retaliate against the United States. China is the United States' biggest foreign creditor. As of February, China held $1.27 trillion in U.S. Treasury bonds, according to Treasury Department data.
The spokesman was quoted by Xinhua as saying that the U.S. "attacks, infiltrates and taps Chinese networks belonging to governments, institutions, enterprises, universities and major communication backbone networks."
"Those activities target Chinese leaders, ordinary citizens and anyone with a mobile phone," Xinhua quoted the spokesman as saying.
"China has repeatedly asked the U.S. to stop, but it never makes any statement on its wiretaps, nor does it desist, not to mention apologize to the Chinese people."
Xinhua cited data from China's top Internet security agency, the National Computer network Emergency Response technical Team Coordination Center (CNCERT), which said a total of 2,077 Trojan horse networks or botnet servers in the U.S. directly controlled 1.18 million host computers in China during the period from March 19 to May 18.
The CNCERT found 135 host computers in the United States carrying 563 phishing pages targeting Chinese websites that led to 14,000 phishing operations. The centre also found 2,016 IP addresses in the U.S. had implanted backdoors in 1,754 Chinese websites, involving 57,000 backdoor attacks, during the same period.