draws a U.S. line in the sand to foreign entities trying to steal commercial secrets, said Shawn Henry, former executive assistant director of the FBI’s Criminal, Cyber, Response and Services Branch, where he oversaw all of the bureau’s criminal and cyber programs and investigations worldwide.
“It’s a good first step,” said Mr. Henry, who is now the president of CrowdStrike Services, a cybersecurity detection and prevention firm.
He has long advocated that because the U.S. government’s primary responsibility is the protection, safety and security of its citizens, it should actively be defending cyberspace with the same red lines, diplomatic gestures, military moves and legal ramifications as it does when lines or borders are crossed in the physical world.
“The U.S. government can have some pretty candid conversations with heads of state and other governments about what’s acceptable and what’s not acceptable and what the red lines are,” said Mr. Henry. “If you launch a cyberattack into our space, this is what the results are going to be.”
The Chinese attempted to steal secrets from six entities in the steel and energy segments: U.S. Steel Corp., Alcoa Inc., Allegheny Technologies Inc., Westinghouse Electric Corp., the United Steelworkers union, and SolarWorld AG.
The scheme is thought to have begun in 2006.
The indictment accuses five people, named Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui, with conspiracy to commit computer fraud and abuse. The indictment was handed up by a grand jury in Pittsburgh, close to many of the firms targeted.
U.S. government officials have long said that China is aggressive in pursuing cyberespionage — trying to gather trade secrets and intellectual property from U.S. companies. China has denied this charge.
Despite the tense rhetoric on both sides, there appeared to be potential for positive dialogue on cybersecurity issues after the high-level Strategic and Economic Dialogue in which U.S. and Chinese officials engaged last year.
After the July talks, the State Department circulated a fact sheet outlining how both sides agreed to “promote an open, cooperative, secure, and reliable cyber space.”
Heading into the talks, the State Department document said, U.S. and Chinese officials “held the first meeting of the civilian-military Cyber Working Group, where the two sides committed to work together on cooperative activities and further discussions on international norms of state behavior in cyberspace.”
“Both sides commented positively on the candid, in-depth dialogue,” the department said.
Such optimism appeared to dissolve with Monday’s indictments. The Chinese Foreign Ministry asserted that it is China, not the U.S., that is “a victim of severe U.S. cyber theft, wiretapping and surveillance activities.”
“Given the lack of sincerity on the part of the U.S. to solve issues related to cyber security through dialogue and cooperation, China has decided to suspend activities of the China-U.S. Cyber Working Group,” Chinese Foreign Ministry spokeswoman Qin Gang said in a statement posted on the ministry’s website. “China will react further to the US ‘indictment’ as the situation evolves.”
In Washington, State Department spokeswoman Jennifer Psaki said U.S. officials regretted the Chinese announcement and “continue to believe that dialogue is an essential part of resolving these and other cybersecurity concerns.”
Pressed to respond to the Chinese accusation that the Washington is engaged in its own spying on China, Ms. Psaki responded: “Well, our intelligence activities are focused on the national security interests of the United States.”