The United States and four of its closest allies blamed China on Thursday for a 12-year campaign of cyber-attacks that vacuumed up technology and trade secrets from corporate computers in 12 countries, affecting almost every major global industry.
The coordinated announcements in five capitals marked the Trump administration’s broadest anti-China initiative to date, yet fell short of even stronger measures that officials had planned.
During the final debates, Treasury Secretary Steven Mnuchin blocked a proposal to impose financial sanctions on those implicated in the hacking, according to five sources familiar with the matter. Two administration officials said Mnuchin acted out of fear that sanctions would interfere with US-China trade talks
The centrepiece of Thursday’s synchronised accusations came in Washington, where the Justice Department unveiled indictments against two Chinese hackers, who it said acted “in association with” the Chinese Ministry of State Security (MSS).
Zhu Hua and Zhang Shilong, members of a hacking squad known as “Advanced Persistent Threat 1o” or “Stone Panda,” were accused of conspiracy to commit computer intrusions, wire fraud and aggravated identity theft while pilfering “hundreds of gigabytes” of confidential business data, the indictment said.
“China’s goal, simply put, is to replace the US as the world’s leading superpower, and they’re using illegal methods to get there,” said FBI Director Christopher Wray.
US allies echoed the Justice Department action, signalling a growing consensus that Beijing is flouting international norms in its bid to become the world’s predominant economic and technological power.
In London; Canberra, Australia; Ottawa, Ontario; and Wellington, New Zealand, ministers knocked China for violating a 2015 pledge, first offered by Chinese President Xi Jinping in the Rose Garden and later repeated at international gatherings such as the G-20, to refrain from hacking for commercial gain.
“This campaign is one of the most significant and widespread cyber intrusions against the U.K. and allies uncovered to date, targeting trade secrets and economies around the world,” British Foreign Secretary Jeremy Hunt said in a statement.
Still, some administration allies were sceptical that Thursday’s announcement would alter China’s behaviour.
“Just as when the Obama administration did it, indicting a handful of Chinese agents out of the tens of thousands involved in economic espionage is necessary but not important,” Derek Scissors, a China analyst at the American Enterprise Institute, said. “International denouncements may irritate Xi, but they place no real pressure on him.”
Scissors said it would be more effective for the United States to hit high-profile Chinese companies with financial sanctions, including potential bans on their ability to do business with American companies.
The five governments that joined in the statements about China are partners in the “Five Eyes” intelligence alliance, sharing some of their most closely guarded technical and human reporting.
The foreign ministries of Denmark, Sweden and Finland later tweeted statements saying that they shared the concerns over rampant cyber-commercial espionage.
The united front against Chinese hacking and economic espionage stands in contrast to the “America First” president’s preference for taking a unilateral course to many of his trade goals.
“This demonstrates there’s a strong well of international support the United States can tap. . . . Countries are fed up,” said Ely Ratner, executive vice president of the Center for a New American Security.
The hackers named in the indictment presided over a state-backed campaign of cybertheft that targeted advanced technologies with commercial and military applications. They also hacked into companies called “managed service providers,” which act as gatekeepers to computer networks serving scores of corporate clients.
The Chinese targeted companies in the finance, telecommunications, consumer electronics and medical industries, along with US government laboratories operated by NASA and the military, the indictment alleges.
Along with the United States and United Kingdom, countries targeted by China include Canada, France, Germany, Japan, Sweden and Switzerland.
“The list of victim companies reads like a who’s who of the global economy,” said Wray.
The Stone Panda team made off with personal information, including Social Security numbers belonging to more than 100,000 US Navy personnel, prosecutors said.
The hackers employed a technique known as “spearphishing,” tricking computer users at the business and government offices into opening malware-infected emails giving them access to login and password details.
They worked out of an office in Tianjin, China, and engaged in hacking operations during working hours in China, the indictment said.
Geoffrey Berman, the US attorney for the Southern District of New York, called the Chinese cybercampaign “shocking and outrageous.”
Over the past seven years, more than 90 percent of cases alleging economic espionage involved China, as did more than two-thirds of trade-secret theft prosecutions, according to Deputy Attorney General Rod Rosenstein.
Many of the industries targeted in the Stone Panda hacks feature in the Chinese government’s Made in China 2025 program, which aims to supplant the US as the global leader in 10 advanced technologies, including artificial intelligence, robotics and quantum computing, Rosenstein added.
The Chinese Embassy had no immediate comment.
In November, in one of his last official actions, then-Attorney General Jeff Sessions announced a major initiative to combat Chinese commercial spying, building on four years of prosecutorial effort. The department vowed to aggressively pursue trade-secret theft cases and identify researchers and defence industry employees who’ve been “co-opted” by Chinese agents seeking to transfer technology to China.
While Thursday’s show of anti-China unity was notable, the administration pulled back from plans for tougher action amid warnings from the treasury secretary.
Mnuchin’s 11th-hour intervention left administration hard-liners fearing that Beijing would view Thursday’s limited actions as a sign that the president lacks the stomach for an all-out confrontation.
“We don’t comment on sanctions actions or deliberations, but it’s important to note that these issues are completely separate from trade,” said a Treasury Department spokesperson asked to comment on the reports.
The administration action entailed statements from four cabinet agencies – Justice, State, Energy and Homeland Security – while Treasury remained on the sidelines.
The condemnations also pose a complicating factor as Trump and Xi seek to negotiate a trade deal. Over dinner in Buenos Aires earlier this month, the two leaders agreed to a truce in their monthslong tariff war.
Talks between US and Chinese diplomats are expected to begin early next month.
The Trump administration is seeking a deal that would involve structural changes to China’s state-led economic model, greater Chinese purchases of American farm and industrial products and a halt to what the United States says are coercive joint-venture licensing terms.
The indictments were followed by a joint statement from Secretary of State Mike Pompeo and Homeland Security Secretary Kirstjen Nielsen assailing China for violating Xi’s landmark 2015 pledge to refrain from hacking US trade secrets and intellectual property to benefit Chinese companies.
“These actions by Chinese actors to target intellectual property and sensitive business information present a very real threat to the economic competitiveness of companies in the United States and around the globe,” they said.
Thursday’s push to confront China over its alleged cyberaggression comes at a fraught time, as Canada has arrested a Chinese telecommunications executive at the United States’ request on a charge related to violating sanctions against Iran.