BEIJING, May 20 (Reuters) - China has warned the United States that it would retaliate if Washington presses on with charges against five Chinese military officers accused of hacking into American companies to steal trade secrets, state media said on Tuesday.
The warning from an unnamed State Internet Information Office spokesman came hours after the United States charged the five Chinese, accusing them of hacking into American nuclear, metal and solar companies to steal trade secrets.
It was the first criminal hacking charge that the United States has filed against specific foreign officials, and follows a steady increase in public criticism and private confrontation, including at a summit last year between U.S. President Barack Obama and Chinese President Xi Jinping.
The indictment is likely to further roil relations between China and the United States. Besides cyber hacking, Washington and Beijing have grappled over a range of issues, including human rights, trade disputes and China’s growing military assertiveness over seas contested with its neighbors.
“If the United States continues to insist on going its own way, China will take measures to resolutely fight back,” the spokesman told state news agency Xinhua and the People’s Daily, the official newspaper of the ruling Chinese Communist Party.
He did not elaborate on the measures that China will take. It is unclear if China could use its financial clout to retaliate against the United States. China is the United States’ biggest foreign creditor. As of February, China held $1.27 trillion in U.S. Treasury bonds, according to Treasury Department data.
China’s Foreign Ministry immediately denied the charges on Monday, saying in a strongly worded statement the U.S. indictment was “made up” and would damage trust between the two nations.
The ministry said it would suspend the activities of a Sino-U.S. working group on cyber issues, which American officials believe refers to a joint effort established in April 2013 involving State Department expert Chris Painter and China Foreign Ministry official Dai Bing.
The spokesman from the State Internet Information Office was quoted by Xinhua as saying that the United States “attacks, infiltrates and taps Chinese networks belonging to governments, institutions, enterprises, universities and major communication backbone networks”.
“Those activities target Chinese leaders, ordinary citizens and anyone with a mobile phone,” Xinhua quoted the spokesman as saying.
“China has repeatedly asked the U.S. to stop, but it never makes any statement on its wiretaps, nor does it desist, not to mention apologise to the Chinese people.”
Xinhua cited data from China’s top Internet security agency, the National Computer network Emergency Response technical Team Coordination Center (CNCERT), which said a total of 2,077 Trojan horse networks or botnet servers in the United States directly controlled 1.18 million host computers in China during the period from March 19 to May 18.
The CNCERT found 135 host computers in the United States carrying 563 phishing pages targeting Chinese websites that led to 14,000 phishing operations. The centre also found 2,016 IP addresses in the United States had implanted backdoors in 1,754 Chinese websites, involving 57,000 backdoor attacks, during the same period.
China has long singled out the United States as the top source of intrusion on its computers and says it is a victim of cyber attacks.
U.S. Federal prosecutors said on Monday that the suspects targeted companies including Alcoa Inc, Allegheny Technologies Inc, United States Steel Corp, Toshiba Corp unit Westinghouse Electric Co, the U.S. subsidiaries of SolarWorld AG, and a steel workers’ union.
In an indictment filed in the Western District of Pennsylvania, prosecutors said the suspects hacked into computers starting in 2006, often by infecting machines with tainted “spear phishing” emails to employees that purport to be from colleagues.
Prosecutors alleged that one hacker, for example, stole cost and pricing information in 2012 from an Oregon-based solar panel production unit of SolarWorld. The company was losing market share at the time to Chinese competitors who were systematically pricing exports below production costs, according to the indictment.
Another suspect is accused of stealing technical and design specifications about pipes for nuclear plants from Westinghouse Electric as the company was negotiating with a Chinese company to build four power plants in China, prosecutors said.
Officials declined to estimate the size of the losses to the companies, but said they were “significant.” The victims had all filed unfair trade claims against their Chinese rivals, helping Washington draw a link between the alleged hacking activity and its impact on international business.
According to the indictment, Chinese state-owned companies “hired” Unit 61398 of the People’s Liberation Army “to provide information technology services” including assembling a database of corporate intelligence. The Chinese companies were not named.
The Shanghai-based Unit 61398 was identified last year by cybersecurity firm Mandiant as the source of a large number of espionage operations. All five defendants worked with 61398, according to the indictment.
Unit 61398 has hundreds of active spies and is just one of dozens of such bodies in China, said Jen Weedon, an analyst at Mandiant, now owned by global network security company FireEye Inc.
Reporting by Sui-Lee Wee; Editing by Simon Cameron-Moore