Charges Against Chinese Hackers Are Now Common. Why Don't They Deter Cyberattacks? Skeptics wonder whether the Justice Department's strategy of indicting foreign cyberattackers is a failure given the continued problem of cybertheft. Boosters say it's still the right move.
NPR logo

Charges Against Chinese Hackers Are Now Common. Why Don't They Deter Cyberattacks?

  • Download
  • <iframe src="https://www.npr.org/player/embed/691403968/691539078" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript
Charges Against Chinese Hackers Are Now Common. Why Don't They Deter Cyberattacks?

Charges Against Chinese Hackers Are Now Common. Why Don't They Deter Cyberattacks?

Charges Against Chinese Hackers Are Now Common. Why Don't They Deter Cyberattacks?

  • Download
  • <iframe src="https://www.npr.org/player/embed/691403968/691539078" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript

Deputy Attorney General Rod Rosenstein announced charges against alleged Chinese hackers at the Justice Department. But an increase in indictments hasn't led to a decrease in cyberattacks. Manuel Balce Ceneta/AP hide caption

toggle caption
Manuel Balce Ceneta/AP

Deputy Attorney General Rod Rosenstein announced charges against alleged Chinese hackers at the Justice Department. But an increase in indictments hasn't led to a decrease in cyberattacks.

Manuel Balce Ceneta/AP

In May 2014, then-Attorney General Eric Holder announced charges against five members of the Chinese military.

They'd allegedly hacked the computer networks of American companies and stolen everything from intellectual property and trade secrets to the firms' litigation strategies.

The indictment was the first brought by the United States publicly against state-sponsored hackers for cybercrimes targeting U.S. firms. In the nearly five years since then, the Justice Department has unveiled one China-related hacking indictment after another, including cases against at least a dozen individuals and companies last year alone.

But China's rampant cybertheft has not stopped, officials say.

Most of the defendants, meanwhile, remain in China and are unlikely to ever see the inside of a U.S. courtroom. That's fueling questions about whether the strategy of indicting suspected Chinese hackers is a failure.

"It does not seem to have stopped the Chinese and it certainly doesn't seem to have imposed any cost on them to get them to the point where they think it's not worth the attacks," said Adam Segal, the director of the digital and cyberspace policy program at the Council on Foreign Relations.

American officials say China's relentless effort to steal American business secrets is part of what they describe as Beijing's drive to leapfrog the United States as the world's preeminent economic and military power.

U.S. officials say China's targets include the fields of aerospace, biotechnology, telecommunications, medical equipment and oil and gas exploration. Those match the business sectors tabbed for strategic development in China's official government policy called "Made in China 2025."

Why hasn't America dissuaded more cybertheft? One reason, experts say, is that the value of the intellectual property China has been accused of stealing dwarfs the costs that indictments impose on Beijing.

"They embarrass the people that they name and they show that the United States has the ability to find people who are hacking into our country," said Jack Goldsmith, a Harvard law professor and former DOJ official in the George W. Bush administration.

"But by themselves, that's a very, very small cost compared to the billions of dollars in secrets that our government says the Chinese are stealing."

Goldsmith says the indictments not only have failed to deter China from further hacking, they may even send a signal of weakness because so few of those who have been charged actually are prosecuted.

Charges make a difference, supporters say

China's President Xi Jinping may have dialed down cyberattacks because of a deal with the U.S., or as part of his own moves inside China, or both. Later, though, they crept back up again. Fred Dufour/AP hide caption

toggle caption
Fred Dufour/AP

China's President Xi Jinping may have dialed down cyberattacks because of a deal with the U.S., or as part of his own moves inside China, or both. Later, though, they crept back up again.

Fred Dufour/AP

Supporters of the public charging strategy acknowledge that China has not stopped hacking, but they say the indictments yield a positive effect for the United States.

They point to the 2015 deal that China reached with the Obama administration under which Beijing agreed not to conduct cyber economic espionage. China's president, Xi Jinping, signed that deal a year after the Justice Department charged the five Chinese military hackers.

"The Chinese hate the indictments," said James Lewis of the Center for Strategic and International Studies. "So it's a pain point for the Chinese."

Officials and cybersecurity experts say the pace and scale of Chinese hacking for commercial gain dropped off after the agreement.

It is unclear whether that alone was the cause, or because of moves Xi took at home to crack down on corruption and reorganize China's state-backed hacking efforts by bringing them under the control of the Ministry of State Security.

If Chinese cyber-specialists were launching cyberattacks on behalf of the government and also freelancing for private clients during their time off, for example, Xi's reforms may have brought that to a close.

The reduction in cyber-activity also may have been a combination of the 2015 deal with the United States and Xi's new policies.

Cyberattacks have ramped back up since the post-deal dip, according to U.S. officials, although some of the current hacking may fall into a gray zone that the Chinese government may not consider to be covered by the 2015 agreement.

Naming and shaming

Even though the Justice Department's indictments haven't brought an end to China's alleged cyberattacks, they have made public information that previously had been kept under lock and key by the U.S. government.

That, in turn, has helped raise public awareness — particularly among American companies — about China's pervasive hacking, backers say.

"What the indictments do is they put all of this information about this in the hands of the people who are now being targeted," said John Hultquist, the director of intelligence analysis at the cybersecurity firm FireEye.

"It's really important to get this into their hands and, in some cases, even prove to them that it's happening."

That information has prompted some American and other Western companies to reconsider doing business in China or partnering with Chinese firms on joint ventures.

And if that hesitation leads to economic consequences for China over the coming years, it could prompt the Chinese government to reconsider how it does business, argue supporters of overt actions like the Justice Department charges.

"When you lay out in meticulous detail the type of actions they're taking to steal from the partners who are supposed to be doing joint ventures with their company and investing inside the United States, it has a reputational cost and it allows businesses to make more rational cost benefit calculations," said John Carlin, who led the Justice Department's National Security Division.

Carlin helped bring the first case against Chinese hackers and he said that simply breaking the silence about the cyberattacks has been positive.

"It's quite useful, I think, for getting facts out there in a way that's credible to foreign partners and to our businesses."

But indictments are not on their own a solution, says Carlin, who wrote a book, "Dawn Of The Code War," that details efforts to combat China's hacking.

Instead, Carlin says, the indictments send a public signal while at the same time laying the groundwork for the United States to use other tools to pressure China to stop.

"If we're going to change this behavior, it has to be part of a larger strategy of raising the cost and includes all of the instruments of U.S. power, including the power to sanction under the Treasury Department," he said.

To date, however, the Treasury has not used that power against China over its industrial cyber-espionage.