You are here:  Home  >  Cybersecurity  >  Current Article

The Department of Justice’s Role as a Deterrent Against Foreign Hackers

By   /  October 27, 2015  /  No Comments

    Print       Email

On September 10, 2015, James Clapper, the Director of National Intelligence, briefed the House Intelligence Committee on the array of cyber threats facing the United States. Clapper stated that he was less concerned about the possibility of a large scale cyber event than the increasing number of low-level attacks that compromise U.S. national security and the economy over time. While discussing the recent hack at the Office of Personnel Management (OPM), he said, “We will continue to see this until we create both the substance and the psychology of deterrence.”[1] Despite the significant difficulties the Federal government faces while attempting to prosecute foreign actors in U.S. jurisdictions, legal remedies will only become more important as a component of deterrence against nation states perpetrating cyber crime.

While it is widely known China is an aggressive actor in cyberspace, a 2013 report from cybersecurity firm Mandiant, brought this issue to the forefront of U.S. national security discussions. The report identified PLA Unit 61398 as a state sanctioned cyber unit that was tasked with stealing proprietary information from U.S. companies.[2] In May 2014, the Department of Justice (DOJ) brought charges against five members of the Chinese People’s Liberation Army (PLA), accusing them of cyber espionage against six different U.S. entities with the intent to gain commercial advantage. The defendants were members of PLA Unit 61398.[3] Former U.S. Attorney General Eric Holder said this case “represents the first ever charges against a state actor for this type of hacking… The range of trade secrets and other sensitive business information stolen in this case is significant and demands an aggressive response.”[4]

On October 15 of this year, the DOJ unsealed a criminal complaint against Ardit Ferizi, a Kosovo citizen accused of stealing personally identifiable information (PII) from over 1,300 U.S. military and government personnel and providing it to the Islamic State of Iraq and the Levant (ISIL). Ferizi is believed to be the leader of a hacking group, Kosova Hacker’s Security. Between June and August of 2015, he allegedly provided ISIL member, Junaid Hussain, with stolen PII belonging to U.S. service members and government employees. Hussain posted that information online via Twitter on August 11 with the announcement, “NEW: U.S. Military AND Government Hacked by the Islamic State Hacking Division!”[5] Ferizi was detained in Malaysia on a U.S. arrest warrant. Authorities expect he will be extradited to the U.S. where he will face federal charges in the Eastern District of Virginia.[6] Assistant Attorney General for National Security John Carlin said, “This case is a first of its kind and, with these charges, we seek to hold Ferizi accountable for his theft of this information and his role in ISIL’s targeting of U.S. government employees.”[7] The capabilities of determined hackers combined with the objectives of terrorist groups seeking to harm the U.S. present an unprecedented attack vector.

The 2014 indictment of five PLA members included 30 counts of economic espionage under 18 U.S.C. §1831.[8] In one example, the hackers allegedly stole technical and design specifications for pipes, pipe supports, and pipe routing from a Pennsylvania nuclear power plant manufacturer. At the time, the manufacturer was negotiating with a Chinese company on the construction of four power plants to be located in China. This case of cyber espionage allowed the Chinese company to save on research and development costs in the development of such specifications.[9]

The indictment used 18 U.S.C. §1030 to establish the defendants’ means of obtaining the stolen information by charging them with conspiracy to commit computer fraud and abuse; accessing (or attempting to access) a protected computer without authorization to obtain information for the purpose of commercial advantage and private financial gain; and transmitting a program, information, code, or command with the intent to cause damage to protected computers.[10] The criminal complaint filed against Ferizi similarly alleges he gained unauthorized access to a computer, but he will also face charges under 18 U.S.C. §2339B for providing material support to a designated foreign terrorist group.[11]

Just in the last 18 months, these two cases show an evolution in the role the DOJ will play as a component of the United States’ broader cybersecurity strategy. Legal remedies to cyber crimes present unique challenges that demonstrate the need for the federal government to bring to bear all of its resources on the task of prosecuting foreign cyber criminals under U.S. law. Some question whether the DOJ has the wherewithal to follow through in bringing foreign hackers to trial. Foreign Policy writer Elias Groll recently claimed that the indictment of the five PLA members has done little to deter other Chinese hackers and suggested the charges were simply intended as a diplomatic signal to Beijing. U.S. Attorney David Hickton, the prosecuting attorney behind the indictment, vigorously objected to that characterization and noted that law enforcement’s role in combating cyber crime is a long term effort.[12]

[1] David Welna, Top Intelligence Officials Warn Against Growing Threat Of Cyberattacks, NPR (Sep. 10, 2015, 5:28 PM), http://www.npr.org/2015/09/10/439246971/top-intelligence-officials-warn-against-growing-threat-of-cyberattacks.

[2] Mandiant, APT1 Exposing One of China’s Cyber Espionage Units, 4 (2013), http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf.

[3] Indictment at 3-4, United States v. Dong, W.D. Pa. (filed May 1, 2014).

[4] Office of Public Affairs, U.S. Charges Five Chinese Military Hackers for Cyber Espionage Against U.S. Corporations and a Labor Organization for Commercial Advantage, Department of Justice (May 19, 2014), http://www.justice.gov/opa/pr/us-charges-five-chinese-military-hackers-cyber-espionage-against-us-corporations-and-labor.

[5] Office of Public Affairs, ISIL-Linked Hacker Arrested in Malaysia on U.S. Charges, Department of Justice (Oct. 15, 2014). http://www.justice.gov/opa/pr/isil-linked-hacker-arrested-malaysia-us-charges.

[6] Id.

[7] Id.

[8] Office of Public Affairs, U.S. Charges Five Chinese Military Hackers for Cyber Espionage Against U.S. Corporations and a Labor Organization for Commercial Advantage, Department of Justice (May 19, 2014).

[9] Indictment at 2, United States v. Dong, W.D. Pa. (filed May 1, 2014).

[10] Office of Public Affairs, U.S. Charges Five Chinese Military Hackers for Cyber Espionage Against U.S. Corporations and a Labor Organization for Commercial Advantage, Department of Justice (May 19, 2014).

[11] Complaint at 1, United States v. Ferizi, E.D. Va. (filed Oct. 10, 2015) (No. 1:15-MJ-515).

[12] Elias Groll, The U.S. Hoped Indicting 5 Chinese Hackers Would Deter Beijing’s Cyberwarriors. It Hasn’t Worked., Foreign Policy, Sept. 2, 2015, http://foreignpolicy.com/2015/09/02/the-u-s-hoped-indicting-5-chinese-hackers-would-deter-beijings-cyberwarriors-it-hasnt-worked/.

    Print       Email

Leave a Reply

Your email address will not be published.

You might also like...

Critical Questions for the Critical Infrastructure Designation for Financial Services

Read More →
%d bloggers like this: