美國起訴解放軍駭客：透過個人，國家不應再豁免

【Comment】

A grand jury in the Western District of Pennsylvania (WDPA) indicted five PLA officers and the US government charged them with cyber espionage against U.S. corporations and a labor organization for unfair commercial benefits.

Though the charges are strictly limited to commercial field, it is more than that.  Politically, the charge could be seen as a response to Chang Wan-quan, Chinese Minister of Defense, who was reluctant to discuss the ever serious cyber espionage with his counterpart during his stay in the US in April.

Beijing will certainly be angry; considering the Sino-Russian joint naval maneuver scheduled to start on May 20^th in East China Sea.

The five PLA officers who committed espionage can never travel to the US, or the countries that have concluded extradition treaties with the US.

Though sovereignty is universally considered to be immune from law, yet all the moves of the state are in fact decided, planned and executed by natural persons, which was well discussed in the notable novel “All Quiet on the Western Front” in 1928. 

Wilhelm II von Deutschland, with the belief of “the King can do no wrong,” fled to Netherlands and received asylum from the latter after he was deemed to be responsible for the Great War.  However, there is a trend after WWII to punish natural persons to prevent future war.  International Military Tribunals at Nuremburg, Tokyo, Nanking, etc., are famous examples.

Today, the UN and its main body the International Court of Justice, together with the International Criminal Court, form a regime to punish key individuals who directly or indirectly caused armed conflicts and mass casualties by mal-governance, corruptions, the development and application of weapons of mass destruction, etc.

The Cyber espionage is as real as robbers breaking into banks.  “State actors engaged in cyber espionage for economic advantage are not immune from the law just because they hack under the shadow of their country’s flag,” John Carlin, Assistant Attorney General for National Security said.    revised at 2025

美國起訴5位解放軍軍官，理由是竊取美國企業與工會的資訊，造成不公平競爭。這是商業範圍的指控。

通說此事僅具有象徵性，其實不然。

除了美國政府展現其鎖定網路個人的能力之外，政治上，是4月間中國國防部長常萬全訪美時，美國對其不願與駭客犯罪的後續反應。特別是5月20日起中俄在東海舉行聯合海軍演習，當然讓起訴具有針對性。

這5人等同被軟禁在中國。頂多可以旅行（外派）到與美國無引渡條約的國家或領土（如台灣）。

雖言主權無罪，但國家行為實際上是由個人決定、策劃與執行，沒有個人豈有國家。這種思考首先在文學作品如《西線無戰事》中出現。一次大戰後，雖定了德皇威廉二世的戰爭罪行，但或在「王無誤」的傳統下容忍其逃往荷蘭群求庇護，終究不了了之。

二次大戰之後，逐漸創立一種懲罰個人以阻止罪行的。戰犯法庭與懲罰戰犯就是。

現在，聯合國與其專門機構逐漸形成懲罰直接間接導致武裝衝突與重大傷亡（包括國內的惡政、使用化武、貪污等）的個人的趨勢。朝鮮、利比亞、塞爾維亞等領導人被孤立、凍結財產的制裁即是。

洗錢、境外逃稅都可視為前述趨勢的變形。

現在，懲罰國家型網路犯罪者，則是此趨勢的最新發展。

美起訴陸駭客 能否嚇阻很難說○中央社（2014.05.20）http://www.cna.com.tw/news/aopl/201405190449-1.aspx

（中央社華盛頓19日綜合外電報導） 美國今天宣布起訴中國大陸軍方5名人員，罪名是透過駭客入侵電腦，竊取美國機密以幫助大陸國營企業。這項行動具象徵意義，顯示美國來真的，但專家對是否能收效看法不一。
大陪審團起訴的是中國人民解放軍神秘61398部隊的5名成員，他們涉嫌竊取美國鋼鐵業的機密，圖利大陸國營企業。這是美國首度公開指控大陸進行網路間諜活動。
司法部長霍德（Eric Holder）宣布賓州大陪審團提出的指控時表示，「此案指控中國軍方人員犯下經濟間諜罪」，這是美國首度對外國國家工作人員提出這類控訴，應可發揮「警鐘」作用。
霍德表示：「行政部門不會容許任何國家採取行動，圖謀以非法方式破壞美國企業，危害自由市場運作時的正派公平競爭。」
他又說：「這次起訴明確顯示，國家工作人員若從事經濟間諜行為，即使是由遠在上海的辦公室透過網路為之，他們的犯罪行為也將被揭露，並將面對逮捕和在美國的法庭遭到起訴。」
司法部說，這些軍方駭客鎖定美國核能、金屬與太陽能產品事業的公司，竊取對這些公司的中國大陸競爭對手有用的資訊。
美國官員說，因中國大陸這些駭客攻擊受害的有六家美國企業，包括美國鋼鐵公司 (United StatesSteelCorp)、美國鋁業公司 (Alcoa Inc)、西屋電器公司 (Westinghouse Electric Co )、阿利根尼科技公司 (Allegheny Technologies Inc) 和德國太陽能世界集團 (SolarWorld AG) 的美國分公司，另外還有一個工會組織。
這樣的起訴行動可能只有象徵意義，因為美國難以逮捕這些駭客到美國的法庭受審，但會避免這些駭客前往美國，或是與美國簽有引渡協定的國家。
部分網路安全專家表示，今天的行動顯示美國是來真的，想要處理駭客入侵引起的憂慮。
華盛頓戰略暨國際中心 (Center for Strategic and International Studies) 的資深研究員路易斯 (James Lewis) 告訴路透社：「這對中國方面傳達了強烈的訊息。」
但也有些專家懷疑這種作法能夠嚇阻網路入侵行動。美國范德比大學 (Vanderbilt University) 的資訊科技專家也是管理學院院長強生 (Eric Johnson) 說：「這不會讓中國放慢動作。」1030519

拘捕大陸軍官 FBI發通緝令○中央社（2014.05.20）http://www.cna.com.tw/news/aopl/201405200003-1.aspx

（中央社記者廖漢原華盛頓19日專電） 美國司法部宣布起訴5名大陸解放軍官後，聯邦調查局發布通緝令，拘捕王東、孫凱良等涉及31項罪行的人士，中方被告可能將無法於國際間出入。
美國司法部宣布，大陸解放軍61398部隊第3支隊5名成員（以下皆為音譯） 王東 (Wang Dong)、孫凱良 (Sun Kailiang)、文新宇 (Wen Xinyu)、黃振宇 (Huang Zhenyu) 與顧春暉 (Gu Chunhui)，共涉及31項罪名。
賓夕法尼亞州聯邦西區法院即日通緝5名嫌犯，5人相貌在聯邦調查局 (FBI) 的拘捕令中清楚可見。
負責國家安全的司法部助理部長卡林 (John Carlin) 表示，中國駭客侵入太陽能世界工業美國公司 (SolarWorld) 電腦，竊取成本、報價與策略等資訊，太陽能世界因大陸公司持續以低於成本的價格傾銷，導製市場萎縮。
此外，美國西屋公司 (Westinghouse) 與大陸國企協商興建核能電廠之際，中方駭進西屋網路竊取電廠組件的機密商業設計。
5人共涉及電腦詐欺、侵入電腦系統獲取資料圖利、利用訊號及數位指令破壞電腦、竊取個人資訊、經濟間諜與竊取貿易機密等罪行。
美中兩國未有引渡條例等司法互助協定，5名涉案解放軍人士將難依美國法律前往賓州出庭受審。美方發出通緝令後，這些人士將面臨難在與美簽訂引渡條例的國家入出境。1030519。

米長官、激しく非難「非合法活動見過ごさず」　中国将校起訴○產經（2014.05.20）http://sankei.jp.msn.com/world/news/140520/amr14052008100003-n1.htm

【ワシントン＝加納宏幸、北京＝矢板明夫】米連邦大陪審が中国人民解放軍将校の５人をサイバー攻撃によるスパイ行為の容疑で起訴したことで、安全保障上の利益が損われているとの米国の危機感があらわになった。米政府の動きに中国政府は早くも反発、今後も激しい駆け引きが展開されそうだ。

　ホルダー米司法長官は１９日、司法省での記者会見で「もううんざりだ。オバマ政権は、非合法的に米国企業に損害を与えようとするどの国の活動も見過ごさない」と述べ、強く中国を批判した。

　米国がサイバー攻撃で被る損害は年間２４０億～１２００億ドル（約２兆４０００億～１２兆円）に上るともいわれる。長官はサイバー空間での脅威が深刻であると「警鐘」を鳴らす意図があるとも強調した。

　米コンピューターセキュリティー企業「マンディアント」は昨年２月、米企業や政府機関へのハッカー攻撃に中国人民解放軍の「６１３９８部隊」が関与している可能性を指摘する報告書を発表した。今回の起訴はこれを裏付けた形だ。

　ヘーゲル米国防長官は４月、中国の常万全国防相との会談で、双方がサイバー能力を開示すべきだと伝えたが、中国側が対応しないことに業を煮やしていた。

　中国はサイバー攻撃を仕掛けているとの指摘を一貫して否定。ロシアに亡命した米国の中央情報局（ＣＩＡ）元職員の証言などを引用し、中国こそが米国のサイバーテロの被害者だと強調、歩み寄る気配はない。

　　　　　　　　　　　　　　　　　　　◇　

【用語解説】６１３９８部隊

　中国人民解放軍に所属し、上海市内に拠点があるサイバー攻撃の専門部隊とされる。米マンディアント社の報告では２００６年以降、１００以上の米企業からデータを盗み、コンピューターの専門知識や英語に精通した数百～数千人の要員がいるともいわれる。

米国、中国軍関係者を起訴　サイバー攻撃で企業情報盗む○朝日（2014.05.20）http://www.asahi.com/articles/ASG5N006NG5MUHBI02Y.html

米司法省は１９日、中国人民解放軍に所属する中国人５人を、企業のコンピューターに侵入して原子力発電所の設計情報などを盗んだ罪で起訴したと発表した。米政府がサイバー攻撃の問題で中国軍関係者を起訴するのは初めてで、米中関係にも影響しそうだ。

　米司法省によると、起訴したのは、中国・上海に拠点を置く人民解放軍の「６１３９８部隊」に所属する５人。東芝傘下の原子力大手ウェスチングハウス、鉄鋼大手ＵＳスチール、アルミ大手アルコアなど５社や鉄鋼業の労働組合が被害にあった。ウェスチングハウスの場合は、中国の国営企業と原子力発電所建設について交渉をしている際に、原発の設計に関する情報が盗まれたという。中国メーカーと競争するソーラーパネル製造会社が価格やコストに関する情報を盗まれたケースもあった。司法省は会見で、これらの企業から盗まれた情報が中国側に伝わることで、公平な競争が阻害されたと指摘した。

　この６１３９８部隊については、米情報セキュリティー会社が昨年報告書を発表し、組織的なサイバー攻撃を仕掛けて企業の情報を盗み出していると指摘していた。米政府も中国による米企業からの情報盗み出しを特に問題視し、昨年６月の米中首脳会談でもオバマ大統領が提起していた。

　一方で中国政府は、この部隊を含めて、政府のサイバー攻撃への関与を一貫して否定している。ホルダー司法長官は「中国が司法手続きに協力することを希望する」と話したが、中国側が身柄引き渡しに応じる可能性は低いとみられる。（ワシントン＝大島隆）

U.S. Charges Five Chinese Military Hackers with Cyber Espionage Against U.S. Corporations and a Labor Organization for Commercial Advantage○FBI (2014.05.19)

http://www.fbi.gov/pittsburgh/press-releases/2014/u.s.-charges-five-chinese-military-hackers-with-cyber-espionage-against-u.s.-corporations-and-a-labor-organization-for-commercial-advantage

First Time Criminal Charges are Filed Against Known State Actors for Hacking

U.S. Department of JusticeMay 19, 2014

Office of Public Affairs(202) 514-2007/TDD (202) 514-1888

WASHINGTON—A grand jury in the Western District of Pennsylvania (WDPA) indicted five Chinese military hackers for computer hacking, economic espionage, and other offenses directed at six American victims in the U.S. nuclear power, metals, and solar products industries.

The indictment alleges that the defendants conspired to hack into American entities to maintain unauthorized access to their computers and to steal information from those entities that would be useful to their competitors in China, including state-owned enterprises (SOEs).  In some cases, it alleges, the conspirators stole trade secrets that would have been particularly beneficial to Chinese companies at the time they were stolen.  In other cases, it alleges, the conspirators also stole sensitive, internal communications that would provide a competitor, or an adversary in litigation, with insight into the strategy and vulnerabilities of the American entity.

“This is a case alleging economic espionage by members of the Chinese military and represents the first-ever charges against a state actor for this type of hacking,” U.S. Attorney General Eric Holder said.  “The range of trade secrets and other sensitive business information stolen in this case is significant and demands an aggressive response. Success in the global market place should be based solely on a company’s ability to innovate and compete, not on a sponsor government’s ability to spy and steal business secrets.  This administration will not tolerate actions by any nation that seeks to illegally sabotage American companies and undermine the integrity of fair competition in the operation of the free market.”

“For too long, the Chinese government has blatantly sought to use cyber espionage to obtain economic advantage for its state-owned industries,” said FBI Director James B. Comey.  “The indictment announced today is an important step.  But there are many more victims, and there is much more to be done.  With our unique criminal and national security authorities, we will continue to use all legal tools at our disposal to counter cyber espionage from all sources.”

“State actors engaged in cyber espionage for economic advantage are not immune from the law just because they hack under the shadow of their country’s flag,” said John Carlin, Assistant Attorney General for National Security. “Cyber theft is real theft, and we will hold state-sponsored cyber thieves accountable as we would any other transnational criminal organization that steals our goods and breaks our laws.”

“This 21st century burglary has to stop,” said David Hickton, U.S. Attorney for the Western District of Pennsylvania.  “This prosecution vindicates hard working men and women in Western Pennsylvania and around the world who play by the rules and deserve a fair shot and a level playing field.”

Summary of the Indictment

Defendants: Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui, who were officers in Unit 61398 of the Third Department of the Chinese People’s Liberation Army (PLA). The indictment alleges that Wang, Sun, and Wen, among others known and unknown to the grand jury, hacked or attempted to hack into U.S. entities named in the indictment, while Huang and Gu supported their conspiracy by, among other things, managing infrastructure (e.g., domain accounts) used for hacking.

Victims: Westinghouse Electric Co. (Westinghouse); U.S. subsidiaries of SolarWorld AG (SolarWorld); United States Steel Corp. (U.S. Steel); Allegheny Technologies Inc. (ATI); the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (USW); and Alcoa Inc.

Time period: 2006-2014

Crimes: 31 counts as follow (all defendants are charged in all counts):

Count(s)	Charge	Statute	Maximum Penalty
One	Conspiring to commit computer fraud and abuse	18 U.S.C. § 1030(b)	10 years
Two through nine	Accessing (or attempting to access) a protected computer without authorization to obtain information for the purpose of commercial advantage and private financial gain	18 U.S.C. §§ 1030(a)(2)(C), 1030(c)(2)(B)(i)-(iii), and 2	Five years (each count)
10-23	Transmitting a program, information, code, or command with the intent to cause damage to protected computers	18 U.S.C. §§ 1030(a)(5)(A), 1030(c)(4)(B), and 2	10 years (each count)
24-29	Aggravated identity theft	18 U.S.C. §§ 1028A(a)(1), (b), (c)(4), and 2	Two years (mandatory consecutive)
30	Economic espionage	18 U.S.C. §§ 1831(a)(2), (a)(4), and 2	15 years
31	Trade secret theft	18 U.S.C. §§ 1832(a)(2), (a)(4), and 2	10 years

Summary of Defendants’ Conduct Alleged in the Indictment

Defendant	Victim	Criminal Conduct
Sun	Westinghouse	In 2010, while Westinghouse was building four AP1000 power plants in China and negotiating other terms of the construction with a Chinese SOE (SOE-1), including technology transfers, Sun stole confidential and proprietary technical and design specifications for pipes, pipe supports, and pipe routing within the AP1000 plant buildings. Additionally, in 2010 and 2011, while Westinghouse was exploring other business ventures with SOE-1, Sun stole sensitive, non-public, and deliberative e-mails belonging to senior decision-makers responsible for Westinghouse’s business relationship with SOE-1.
Wen	SolarWorld	In 2012, at about the same time the Commerce Department found that Chinese solar product manufacturers had “dumped” products into U.S. markets at prices below fair value, Wen and at least one other, unidentified co-conspirator stole thousands of files including information about SolarWorld’s cash flow, manufacturing metrics, production line information, costs, and privileged attorney-client communications relating to ongoing trade litigation, among other things. Such information would have enabled a Chinese competitor to target SolarWorld’s business operations aggressively from a variety of angles.
Wang and Sun	U.S. Steel	In 2010, U.S. Steel was participating in trade cases with Chinese steel companies, including one particular state-owned enterprise (SOE-2). Shortly before the scheduled release of a preliminary determination in one such litigation, Sun sent spearphishing e-mails to U.S. Steel employees, some of whom were in a division associated with the litigation. Some of these e-mails resulted in the installation of malware on U.S. Steel computers. Three days later, Wang stole hostnames and descriptions of U.S. Steel computers (including those that controlled physical access to company facilities and mobile device access to company networks). Wang thereafter took steps to identify and exploit vulnerable servers on that list.
Wen	ATI	In 2012, ATI was engaged in a joint venture with SOE-2, competed with SOE-2, and was involved in a trade dispute with SOE-2. In April of that year, Wen gained access to ATI’s network and stole network credentials for virtually every ATI employee.
Wen	USW	In 2012, USW was involved in public disputes over Chinese trade practices in at least two industries. At or about the time USW issued public statements regarding those trade disputes and related legislative proposals, Wen stole e-mails from senior USW employees containing sensitive, non-public, and deliberative information about USW strategies, including strategies related to pending trade disputes. USW’s computers continued to beacon to the conspiracy’s infrastructure until at least early 2013.
Sun	Alcoa	About three weeks after Alcoa announced a partnership with a Chinese state-owned enterprise (SOE-3) in February 2008, Sun sent a spearphishing e-mail to Alcoa. Thereafter, in or about June 2008, unidentified individuals stole thousands of e-mail messages and attachments from Alcoa’s computers, including internal discussions concerning that transaction.
Huang		Huang facilitated hacking activities by registering and managing domain accounts that his co-conspirators used to hack into U.S. entities. Additionally, between 2006 and at least 2009, Unit 61398 assigned Huang to perform programming work for SOE-2, including the creation of a “secret” database designed to hold corporate “intelligence” about the iron and steel industries, including information about American companies.
Gu		Gu managed domain accounts used to facilitate hacking activities against American entities and also tested spear phishing e-mails in furtherance of the conspiracy.

An indictment is merely an accusation, and a defendant is presumed innocent unless proven guilty in a court of law.

The FBI conducted the investigation that led to the charges in the indictment. This case is being prosecuted by the U.S. Department of Justice’s National Security Division Counterespionage Section and the U.S. Attorney’s Office for the Western District of Pennsylvania.

- Related news blog: Five Chinese Military Hackers Charged with Cyber Espionage Against U.S.