Chinese picked the wrong town to hack corporate computers, U.S attorney says
May 20, 2014 12:37 PM
Pam Panchak / Post-Gazette
U.S. Attorney David Hickton answers questions from the media on the recent cyberespionage case at FBI Headquarters on the South Side.
Charles Dharapak/Associated Press
Attorney General Eric Holder speaks at a news conference Monday announcing that a U.S. grand jury has charged five Chinese hackers with economic espionage and trade secret theft. Unlike the other companies targeted, Westinghouse had signed an agreement to voluntarily share all of the technology behind its new generation AP1000 reactor with its Chinese partners.
“Pittsburgh has been ground zero for cyberthreats," said U.S. Attorney David Hickton. Partly as a result, he reorganized his office, which handles federal prosecutions within Western Pennsylvania, to include a national security and cybercrime unit.
“The team here, they’re some of the best in the U.S.," added J. Keith Mularski, supervisory special agent for the FBI Pittsburgh's cybersquad. He would not detail the number of cyberexperts in the Pittsburgh field office and its satellites -- which include a total of 145 FBI agents and 150 other professionals -- but said the ranks include “very good technical agents and very mature agents with a lot of experience.”
The indictment unsealed in Pittsburgh on Monday detailed 31 counts of computer crimes, aggravated identity theft, economic espionage and theft of trade secrets. It named Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui, who prosecutors said worked in a single building in Shanghai, China, as part of Unit 61398 of the People's Liberation Army.
The five masked their computer escapades by remotely capturing computers -- referred to in the indictment as "hotpoints" -- in places like Kansas. That got them around corporate computer security systems that filter out international messages.
"They have to use U.S. hotpoints in order to blend into the normal traffic," said Mr. Mularski.
The five are accused of targeting entities that competed with and pursued fair trade cases against Chinese competitors, including U.S. Steel, Alcoa, Allegheny Technologies, the United Steelworkers International Union and SolarWorld, which produces solar panels. Also targeted was Westinghouse Electric, even though that company was already sharing nuclear reactor technology with Chinese-owned firms.
Neither prosecutors nor the FBI would say today how the investigation started, nor would they detail their interactions with the companies. Scott Smith, special agent in charge of the FBI in Pittsburgh, commended the "courage" of the companies victimized by the hackers.
While the alleged hackers no doubt targeted the Pittsburgh companies because they compete with China, in doing so they stumbled on what Mr. Mularski described as the center of the cybersecurity universe.
The National Cyber-Forensics & Training Alliance, a nonprofit organization that fights cybercrime threats, is right across the Monongahela River from the FBI's offices, Mr. Mularski noted. Carnegie Mellon University's Software Engineering Institute and its cybersecurity-focused CERT Division are right up the hill in Oakland.
"We have in Pittsburgh perhaps the best team of cyberexperts in the FBI, anywhere in the country," said Mr. Hickton. “They are smart. They are hard working. They are creative, and they are indefatigable.”
They are also out in the community making presentations throughout corporate Pittsburgh, he said.
“It’s hard to overstate how much outreach we’re doing on this," he said. “Government can’t solve this problem alone and it certainly is a huge burden to the private victims.”
To report inappropriate comments, abuse and/or repeat offenders, please send an email to
email@example.com and include a link to the article and a copy of the comment. Your report will be reviewed in a timely manner.