News Insights: U.S. charges 5 Chinese hackers, 2 accomplices with broad campaign of cyberattacks

Federal prosecutors unsealed charges today against five Chinese citizens that officials say appear linked to Chinese intelligence, accusing them of hacking more than 100 companies in the U.S. and overseas, including social-media firms, universities and telecommunications providers.

News Insights:

According to Robert Cattanach, a partner at the international law firm Dorsey & Whitney, “The Department of Justice’s disclosure of previously sealed indictments offers a telling peak into the ongoing cyber battle between the quasi-state hackers from China and the US intelligence agencies tasked with preventing or at least minimizing the loss of American intellectual property. The disclosure of the indictments is hardly a news flash, as the tension between the two countries in this space has been ever-present. But it does offer some interesting insights.” From his perspective, the issues raised by the indictments include:

– The public disclosure of the indictments essentially concedes that there is no realistic chance of prosecuting the target defendants, since they’re not in custody and likely will never be, since the two countries have no extradition treaty.

– Importantly, unsealing the indictments risks disclosing to the Chinese intel agencies otherwise well-guarded insights into US sources and methods – the fact that we could trace the hacks to specific individuals tips our hand on how deep into the Chinese state-sponsored intelligence gathering the US can actually get, which normally the US intelligence agencies are loath to do, and it tips them off on what parts of their systems likely have been compromised.

– Unlike the arrest of the two Malaysians, which may actually have some deterrent effect on potential co-conspirators, these indictments are very unlikely to change the behavior of state-connected hackers intent on illegally accessing valuable intellectual property. Those hackers know that they are safely beyond the reach of US law enforcement, and generally assume that they are immune from meaningful prosecution.

– We know that they know the limitations of the reach of US law enforcement – that’s just the reality of our current world – but the Department of Justice neverthless wants to send a message: you’re not fooling anyone,” Cattanach says.

He added, “For companies concerned about whether they might be targets, the indictment graphically reinforces the importance of the defensive aspects of cybersecurity – keeping the bad guys out – and it also underscores how critical it is to have detection systems designed to alert companies when the bad guys get in, which inevitably they will if they want to badly enough. This is a never-ending process, and today’s ever-evolving budget and business priorities make it all the more challenging.”