There's a lot of noise about the Department of Justice's announcement that it has indicted a group of allegedly Chinese state-sponsored hackers -- so we decided to make it easy for you.
Here's what you need to know:
So who exactly was charged?
Five individuals employed by the Chinese People's Liberation Army have been charged with conspiracy to commit computer fraud and abuse by the U.S.: Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui. The U.S. is accusing the five of bring part of a commercial cyberespionage campaign against U.S. companies and organizations, including U.S. Steel, Solar World, Allegheny Technologies Inc, Westinghouse Electric Co, and the United Steel Workers Union.
During a press conference today, Assistant Attorney General for National Security John Carlin tied the suspects to a specific army unit: "The threat is from members of unit 61398 of the Chinese military, who have targeted the U.S. private sector for commercial advantage," he said.
What exactly is PLA Unit 61398?
The short story: They're the alleged Chinese state-sponsored hacking crew. Cybersecurity firm Mandiant (which has since been acquired by FireEye) released a widely read report on their activities last year, tying a lot of forensic evidence from attacks on U.S. companies to the group.
The crew works out of a 12-story office tower in the Shanghai outskirts, according to a New York Times report from last year -- "surrounded by restaurants, massage parlors and a wine importer."
Okay, but what do they do?
You can sort of think of them as the equivalent of the U.S.'s Tactical Access Operations group. But while the National Security Agency insists that it doesn't engage in economic espionage, the U.S. claims PLA unit 61398 tends to go after stuff that is in the economic benefit of Chinese companies -- including state-sponsored companies.
For instance, the indictments today allege that a few specific instances of the group allegedly stealing trade secrets or strategic intelligence about U.S. companies at particularly (in)opportune times. In one case, they say an Oregon solar panel producer was rapidly losing market share to a Chinese competitors that were "were systematically pricing exports well below production costs" around the same time that the Chinese hacking unit stole cost and pricing information from the company.
In another incident, the U.S. alleges that the group stole technical plans related to nuclear power plants from a Pennsylvania company at the same time it was competing with Chinese companies to build four nuclear power plants in China.
So how big of a deal is this?
Pretty big. The investigations lasted years and involved 46 different field offices, according to Bob Anderson, the executive assistant director of the Criminal, Cyber, Response and Services Branch at FBI headquarters.
This is the first time that the U.S. government has criminally charged the employees of a foreign government with commercial cyberespionage. But Anderson said this is the beginning of a "new normal" for pursuing the instigators of commercial cyberspying -- even if they're working for foreign governments.
But is commercial cyberespionage really that important?
While the government couldn't put a price tag on the amount of damage done by these specific suspects during a press conference earlier today, experts estimate it costs the U.S. tens of billions of dollars annually. The government argues that by undercutting U.S. companies using illicitly gained corporate intelligence or bypassing research and development by stealing it from U.S. companies, the Chinese state-sponsored hackers are criminally undermining U.S. companies.
President Obama has long suggested that this was a pressing issue, even commenting on it during his 2013 State of the Union address -- although not specifically calling out China. "We know foreign countries and companies swipe our corporate secrets," he said, adding, "We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy."
But an intelligence assessment from last year identified China as the biggest perpetrator of economic espionage against the U.S.
How are Chinese officials reacting?
They're super outraged. Chinese Foreign Ministry spokesman Qin Gang said the indictments were based on "fabricated facts" and called on the U.S. to "correct the error immediately." China also suspended its participation in the Sino-U.S. Cyber Working Group citing "lack of sincerity." The group was started in April 2013 as a venue to discuss the allegations about Chinese spying on U.S. companies.
Oh, and they also accused the U.S. of being the real bad guys: "For a long time, it has been obvious that the relevant U.S. departments have been carrying out large-scale, organized cybertheft and cyber-surveillance on foreign dignitaries, corporations and individuals. China is the victim of U.S. cybertheft and cyber-surveillance"
Well, haven't we been... doing that? What with the NSA stuff?
Arguably, but in a press conference earlier today Attorney General Holder dismissed that particular comparison. All countries engage in intelligence gathering, he said, but that the activities of these Chinese military members were particularly pernicious because they created an unfair economic situation.
So will any of these people actually end up on trial?
Honestly, probably not. As Holder noted during the question-and-answer part of today's press conference, the people who are charged in this case have never been inside the United States -- and now that they're literally on wanted posters, they're probably not going to visit here anytime soon.