In a First, Chinese Hackers Are Arrested at the Behest of the US Government

The Chinese government has quietly arrested a handful of hackers at the urging of the US government-an unprecedented step to defuse tensions with Washington at a time when the Obama administration has threatened economic sanctions.

The action came a week or two before President Xi Jinping’s state visit to Washington late last month. The hackers had been identified by US officials as having stolen commercial secrets from US firms to be sold or passed along to Chinese state-run companies.

The arrests come amid signs of a potential change in the power balance between the US and Chinese governments on commercial cyberespionage, one of the most fraught issues between the two countries. For years, US firms and officials have said Beijing hasn’t done enough to crack down on digital larceny. Experts estimate that Chinese industrial hacking costs US firms tens of billions of dollars annually.

In recent weeks, US intelligence and law enforcement agencies drew up a list of the hackers the United States wanted arrested.

“We need to know that you’re serious,” was the way one individual familiar with the matter described the message. “So we gave them a list, and we said, ‘Look, here’s these guys. Round them up.'”

Now, administration officials are watching to see if China will follow through with prosecutions. A public trial is important not only because that would be consistent with established principles of criminal justice, but because it could discourage other would-be hackers and show that the arrests were not an empty gesture.

Administration officials say they are not sure whether the arrests mark a deeper shift in China’s stance or whether they were a short-term move to avoid getting hit by sanctions.

“You’d want to see it sustained over time,” said one US official, who, like several others, spoke on the condition of anonymity because of the matter’s sensitivity. “And in a situation when there wasn’t a major state visit coming up. That will be the proof that the cooperation really is improving.”

When Xi arrived in Washington, he pledged his country would not engage in commercial cyberespionage as part of a new broader agreement between the two countries aimed at lessening tensions in cyberspace.

The deal includes a Chinese commitment to provide “timely responses” to requests for assistance from the United States regarding cyberintrusions and cyber-attacks. “As we move forward,” the official said, “we will be watching to ensure China’s words are matched by actions.”

China’s Public Security Bureau, which would be the agency with jurisdiction over the arrests, did not respond to a request for comment.

White House and intelligence officials declined to comment on or confirm the arrests, but a senior administration official provided a statement: “As the president has said, we have repeatedly raised our concerns regarding cyber-security with the Chinese, and we will continue to use all of our engagements to address our concerns directly with the Chinese.”

Catherine Lotrionte, who teaches international law and cyberpolicy at Georgetown University and is a former CIA lawyer, said she had been skeptical that the pact was more than words. But China’s arrests, she said, “makes the US government look much smarter coming into this agreement” with Xi. “You want to see the Chinese do something,” she said. “This would be one of those things that I want to see. It is a good-faith move by the Chinese.”

She too, however, cautioned that there must be follow-through. “You want to watch over the next couple of months for action, for the cessation of attacks,” she said.

It is not clear if the hackers arrested were with the Chinese military, but they were accused of carrying out state-sponsored economic espionage, individuals familiar with the matter said. Commercial espionage is defined as hacking systems to steal intellectual property for the benefit of a country’s own industries. The hacks of US government personnel information, which officials say were carried out by Chinese individuals, fall in a separate category since they do not deal with companies or industry.

The Chinese government arrested several individuals but did not publicize it.

One complication, said a second individual familiar with the case, is that Chinese prosecution would entail the United States sharing evidence linking the cyberintrusions to the individuals. And to do so could compromise sensitive information on how the US government tracked the suspects.

But some US officials said that enough evidence can be shared while still protecting sources and classified techniques. Moreover, they say, federal prosecutors have obtained convictions of criminal hackers in US courts with evidence that ends up in the public domain.

“Cybercases are more sensitive than the average prosecution,” said Lotrionte, who also worked at the Justice Department. “But it’s doable. You just have to be careful about the information that you negotiate to hand over.”

The US-China cyber-agreement announced on Sept. 25 provided that both countries would cooperate “with requests to investigate cybercrimes” and “collect electronic evidence” and to mitigate malicious cyber-activities coming from their territory.

“Particularly now that we have reached this agreement with the Chinese, we should hold them at their word and see what they’re willing to do,” the US official said. “We have maintained all along that what we want to see is actions.”

At a Senate Armed Services Committee hearing last week, Director of National Intelligence James Clapper said that if China does not stick to its pledge and continues to filch US commercial secrets for its own industries’ benefit, economic sanctions remain on the table.

The administration was very close to imposing sanctions before the state visit, officials said.

“We are preparing a number of measures that will indicate to the Chinese that this is not just a matter of us being mildly upset but is something that will put significant strains on the bilateral relationship if not resolved,” President Barack Obama said in remarks to the Business Roundtable shortly before Xi’s visit.


. . . . . . . .

Leave a Reply