Intelligent Machines

How the U.S. Could Escalate Its Name-and-Shame Campaign Against China’s Espionage

Chinese companies believed to be benefiting from stolen secrets could be the next target of U.S. action to curb industrial espionage.

The computer networks of many U.S. companies have been infiltrated by attacks originating in China.

Earlier this week the U.S. Department of Justice indicted five Chinese military officers for industrial espionage, accusing them of leading attacks on the computers of U.S. companies including U.S. Steel and Westinghouse to gather material to be passed on to Chinese companies.

The move puts U.S. policy in line with experts who have argued that only naming and shaming the perpetrators, and pursuing them through legal action, will rein in such attacks. Digital IP theft is now normal for U.S companies, although few victims disclose the fact.

Dmitri Alperovitch, cofounder and chief technology officer (see “TR35: Dmitri Alperovitch”) of the security company Crowdstrike, a company that offers new ways to trace and fight back against cyberattacks, told MIT Technology Review’s Tom Simonite how the U.S. could use its new strategy to increase the pressure on China even further.

Why has this indictment happened now? Has new evidence come to light?

This case has not popped out of the blue. The deputy attorney general has been pushing to use prosecutions for some time. We have had the evidence needed for a long time from investigations of breaches at U.S. companies.

There are a lot of things out there in the open source intelligence that you can use to identify these guys specifically. The guy known as UglyGorilla [according to the indictment, this is Wang Dong, an officer in China’s Third Department of the General Staff Department of the People’s Liberation Army] we’ve known for years.

I’m under no illusion that this will solve the problems we face, but it’s a big step in that direction. It sends a signal that we very much care about this issue.

Since 2011 the U.S. government has warned China several times about industrial espionage. President Obama raised the issue in his 2013 summit with President Xi Jinping. Have you seen any decrease in the theft of information from U.S. companies?

It’s continued pretty unabated over the last number of years. The tradecraft has changed a little bit in response to public information put out—new tools and exploits—but at the end of the day they’re continuing operations. There are still plenty of people doing this and more and more victims.

I would expect the U.S. government to step back and let this play out for a few more months at least. Don’t expect any action until next year unless the Chinese start to take other actions.

What further action could the U.S. take?

There’s still room for escalation. In the indictment they talk about the SOEs [state-owned enterprises] getting this stolen data but didn’t name them. But it’s pretty easy to figure out. These are massive, multibillion dollar companies in China. The next step could be to charge those SOEs. If you want to make an impact you go after the recipient of the information.

That would have a big impact because it would restrict people from doing business with these companies. Going after them would be a major escalation. This is not a step that the U.S. government would take lightly because it would probably lead to trade retaliations, but that’s an option we have in our back pocket.

Tech Obsessive?
Become an Insider to get the story behind the story — and before anyone else.
Subscribe today

Uh oh–you've read all five of your free articles for this month.

Insider Premium

$179.95/yr US PRICE

More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe and become an Insider.

  • Insider Premium {! insider.prices.premium !}*

    {! insider.display.menuOptionsLabel !}

    Our award winning magazine, unlimited access to our story archive, special discounts to MIT Technology Review Events, and exclusive content.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

    Access to the Magazine archive. Over 24,000 articles going back to 1899 at your fingertips.

    Special Discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

    First Look. Exclusive early access to stories.

    Insider Conversations. Join in and ask questions as our editors talk to innovators from around the world.

  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus ad-free web experience, select discounts to partner offerings and MIT Technology Review events

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

    Access to the Magazine archive. Over 24,000 articles going back to 1899 at your fingertips.

    Special Discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning magazine and daily delivery of The Download, our newsletter of what’s important in technology and innovation.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

You've read of free articles this month.