Pittsburgh Deemed Ground Zero for Cyberthreats from China

While the alleged hackers no doubt targeted Pittsburgh companies because they compete with China, in doing so they stumbled on the center of the cyber security universe, according to an FBI official.

by Rich Lord, McClatchy News Service / May 21, 2014

Federal prosecutors and FBI investigators made the case today that Chinese computer pros messed with the wrong town, leading to the indictment of five Peoples Liberation Army officials.

“Pittsburgh has been ground zero for cyberthreats," said U.S. Attorney David Hickton. Partly as a result, he reorganized his office, which handles federal prosecutions within Western Pennsylvania, to include a national security and cybercrime unit.

“The team here, they’re some of the best in the U.S.," added J. Keith Mularski, supervisory special agent for the FBI Pittsburgh's cybersquad. He would not detail the number of cyberexperts in the Pittsburgh field office and its satellites -- which include a total of 145 FBI agents and 150 other professionals -- but said the ranks include “very good technical agents and very mature agents with a lot of experience.”

The indictment unsealed in Pittsburgh on Monday detailed 31 counts of computer crimes, aggravated identity theft, economic espionage and theft of trade secrets. It named Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui, who prosecutors said worked in a single building in Shanghai, China, as part of Unit 61398 of the People's Liberation Army.

The five masked their computer escapades by remotely capturing computers -- referred to in the indictment as "hotpoints" -- in places like Kansas. That got them around corporate computer security systems that filter out international messages.

"They have to use U.S. hotpoints in order to blend into the normal traffic," said Mr. Mularski.

The five are accused of targeting entities that competed with and pursued fair trade cases against Chinese competitors, including U.S. Steel, Alcoa, Allegheny Technologies, the United Steelworkers International Union and SolarWorld, which produces solar panels. Also targeted was Westinghouse Electric, even though that company was already sharing nuclear reactor technology with Chinese-owned firms.

Neither prosecutors nor the FBI would say today how the investigation started, nor would they detail their interactions with the companies. Scott Smith, special agent in charge of the FBI in Pittsburgh, commended the "courage" of the companies victimized by the hackers.

While the alleged hackers no doubt targeted the Pittsburgh companies because they compete with China, in doing so they stumbled on what Mr. Mularski described as the center of the cybersecurity universe.

The National Cyber-Forensics & Training Alliance, a nonprofit organization that fights cybercrime threats, is right across the Monongahela River from the FBI's offices, Mr. Mularski noted. Carnegie Mellon University's Software Engineering Institute and its cybersecurity-focused CERT Division are right up the hill in Oakland.

"We have in Pittsburgh perhaps the best team of cyberexperts in the FBI, anywhere in the country," said Mr. Hickton. “They are smart. They are hard working. They are creative, and they are indefatigable.”

They are also out in the community making presentations throughout corporate Pittsburgh, he said.

“It’s hard to overstate how much outreach we’re doing on this," he said. “Government can’t solve this problem alone and it certainly is a huge burden to the private victims.”

©2014 the Pittsburgh Post-Gazette