Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:01,835 --> 00:00:04,203
BEN: Two powers compete to dominate the global market.
2
00:00:04,238 --> 00:00:06,705
We know foreign
countries and companies
3
00:00:06,740 --> 00:00:08,574
swipe our corporate secrets!
4
00:00:08,609 --> 00:00:10,642
China breaks the rules in its quest to become
5
00:00:10,678 --> 00:00:12,878
the world's economic superpower.
6
00:00:12,913 --> 00:00:15,781
There's two types of companies
left in the United States:
7
00:00:15,816 --> 00:00:17,883
companies that have been
hacked by China, and companies
8
00:00:17,918 --> 00:00:20,252
that don't know they've
been hacked by China yet.
9
00:00:20,287 --> 00:00:22,788
Chinese hackers breach American corporations
10
00:00:22,823 --> 00:00:24,990
under direct orders from Beijing.
11
00:00:25,025 --> 00:00:27,626
This is oftentimes
a military operation,
12
00:00:27,661 --> 00:00:29,428
and you don't disobey
orders in the military.
13
00:00:29,463 --> 00:00:31,396
Billions of dollars worth of US trade secrets
14
00:00:31,432 --> 00:00:33,398
are stolen every year.
15
00:00:33,434 --> 00:00:36,168
The people behind the keyboard
think they're anonymous,
16
00:00:36,203 --> 00:00:38,170
and these charges
show you are not.
17
00:00:38,205 --> 00:00:39,972
What will it take to stop the theft?
18
00:00:42,109 --> 00:00:52,117
♪
19
00:01:00,961 --> 00:01:02,427
In July 2015,
20
00:01:02,463 --> 00:01:04,763
the Washington-based US Office of Personnel Management
21
00:01:04,798 --> 00:01:06,965
announced that the private records it kept
22
00:01:07,001 --> 00:01:10,002
on more than 22 million Americancivil servants had been stolen.
23
00:01:11,805 --> 00:01:14,806
The US government never formally blamed China, but plenty of
24
00:01:14,842 --> 00:01:17,776
unnamed officials made the accusation in the press.
25
00:01:17,811 --> 00:01:19,378
Bill Evanina is in charge of
26
00:01:19,413 --> 00:01:21,780
combatting foreign intelligence threats for the US government.
27
00:01:22,883 --> 00:01:24,883
I think the intelligence
community feels pretty confident
28
00:01:24,918 --> 00:01:27,786
- we feel - with who's involved,
but I'm not quite sure
29
00:01:27,821 --> 00:01:29,554
the administration has
yet come out and identified
30
00:01:29,590 --> 00:01:32,958
or attributed that data,
but we're pretty confident
31
00:01:32,993 --> 00:01:35,060
we know who is responsible.
32
00:01:35,095 --> 00:01:36,628
What did they take?
33
00:01:36,664 --> 00:01:39,197
What they stole,
the perpetrators,
34
00:01:39,233 --> 00:01:42,701
were the SF86s and SF85s,
which are the standard forms
35
00:01:42,736 --> 00:01:45,804
in which employees fill out
to obtain security clearances.
36
00:01:45,839 --> 00:01:48,206
On those forms had a lot of
proprietary information
37
00:01:48,242 --> 00:01:51,476
about you, who you live with,
your social security number,
38
00:01:51,512 --> 00:01:53,879
your date of birth,
what schools you went to,
39
00:01:53,914 --> 00:01:55,314
your employment history.
40
00:01:55,349 --> 00:01:59,318
So a lot of significant personal
identifiable information
41
00:01:59,353 --> 00:02:02,487
that we consider very sensitive.
42
00:02:02,523 --> 00:02:04,823
And how long will the
intelligence community
43
00:02:04,858 --> 00:02:07,659
in the United States be feeling
the ramifications of this?
44
00:02:07,695 --> 00:02:10,429
Ooh, I'm not sure we could
put it in terms of years,
45
00:02:10,464 --> 00:02:12,064
but I would say maybe decades.
46
00:02:12,099 --> 00:02:13,999
I don't think this is anything
that's going to be over
47
00:02:14,034 --> 00:02:15,267
in a year or two.
48
00:02:15,302 --> 00:02:16,668
I think the data
that's on these forms
49
00:02:16,704 --> 00:02:19,004
can be used to target
US government employees
50
00:02:19,039 --> 00:02:21,373
and contractors
for many, many years.
51
00:02:21,408 --> 00:02:23,408
- Were you personally...
- Absolutely.
52
00:02:23,444 --> 00:02:24,576
You were personally
impacted by it?
53
00:02:24,611 --> 00:02:25,677
Absolutely.
54
00:02:25,713 --> 00:02:27,846
So I am one of the
22 million victims
55
00:02:27,881 --> 00:02:31,383
that have been identified
in the OPM intrusion.
56
00:02:31,418 --> 00:02:33,852
So all my personal data,
from when I filled out
57
00:02:33,887 --> 00:02:37,289
my original form and subsequent
background of investigations
58
00:02:37,324 --> 00:02:40,692
that I've gone through,
has been compromised.
59
00:02:40,728 --> 00:02:42,361
How does that make you feel?
60
00:02:42,396 --> 00:02:43,862
Like a victim.
61
00:02:43,897 --> 00:02:47,299
Even though OPM was bad, it was classic espionage.
62
00:02:47,334 --> 00:02:49,534
Most countries would do it given the chance.
63
00:02:49,570 --> 00:02:51,370
But hacking US corporations
64
00:02:51,405 --> 00:02:53,872
to make money off of their property is another story.
65
00:02:55,242 --> 00:02:58,210
We've agreed that neither the
US or the Chinese government
66
00:02:58,245 --> 00:03:02,814
will conduct or knowingly
support cyber-enabled theft
67
00:03:02,850 --> 00:03:04,883
of intellectual property,
including trade secrets
68
00:03:04,918 --> 00:03:06,718
or other confidential
business information,
69
00:03:06,754 --> 00:03:08,553
for commercial advantage.
70
00:03:08,589 --> 00:03:11,590
In addition, we'll work together
and with other nations.
71
00:03:13,093 --> 00:03:15,260
President Obama has reason to be concerned.
72
00:03:15,295 --> 00:03:17,329
For years, Chinese hackers have been a problem for
73
00:03:17,364 --> 00:03:21,266
American business, but most companies kept quiet about it.
74
00:03:21,301 --> 00:03:22,768
And then Google broke the silence on their blog
75
00:03:22,803 --> 00:03:24,803
in January 2010.
76
00:03:24,838 --> 00:03:27,172
The American technology giant had been hacked,
77
00:03:27,207 --> 00:03:29,341
and China was to blame.
78
00:03:29,376 --> 00:03:31,810
But Google wasn't the only company targeted.
79
00:03:31,845 --> 00:03:34,112
It was just the first one to go public.
80
00:03:34,148 --> 00:03:36,882
A slew of other Fortune 500 corporations were also hacked
81
00:03:36,917 --> 00:03:39,918
in an attack now known as Operation Aurora.
82
00:03:43,457 --> 00:03:46,291
What was interesting
about Operation Aurora
83
00:03:46,326 --> 00:03:49,161
wasn't that it was
some kind of new attack.
84
00:03:49,196 --> 00:03:52,297
It was that it was the first
time an American company
85
00:03:52,332 --> 00:03:55,767
had had the courage to stand up
and point the finger at China
86
00:03:55,803 --> 00:03:57,969
and say, "We know you did this."
87
00:03:58,005 --> 00:04:00,338
Nicole Perlroth is a cyber security reporter
88
00:04:00,374 --> 00:04:02,774
for The New York Times, and she's written extensively
89
00:04:02,810 --> 00:04:04,476
on Chinese hackers.
90
00:04:04,511 --> 00:04:09,147
And Google, as open as they
were about who had done it,
91
00:04:09,183 --> 00:04:11,783
they've been relatively
close-lipped about
92
00:04:11,819 --> 00:04:13,952
what exactly was stolen.
93
00:04:13,987 --> 00:04:18,623
But the word on the street is
that the Chinese were actually
94
00:04:18,659 --> 00:04:21,827
able to get a fair amount
of Google's source code.
95
00:04:21,862 --> 00:04:24,229
That source code could help Chinese hackers break into
96
00:04:24,264 --> 00:04:26,631
Google's products, or to replicate them in the future.
97
00:04:28,502 --> 00:04:30,969
What do we know
about Chinese espionage?
98
00:04:31,004 --> 00:04:35,207
We know that China
has basically made it
99
00:04:35,242 --> 00:04:39,411
a core part of its economic
mission to stop being
100
00:04:39,446 --> 00:04:42,981
the world's manufacturer
and start innovating.
101
00:04:43,016 --> 00:04:44,983
Every five years,
you see a new industry
102
00:04:45,018 --> 00:04:48,520
that China wants to excel at,
and suddenly you just see
103
00:04:48,555 --> 00:04:51,823
a rush of cyber attacks
towards whatever industry
104
00:04:51,859 --> 00:04:54,993
China has said that
it wants to dominate in.
105
00:04:55,028 --> 00:04:57,329
It's paint formulas.
106
00:04:57,364 --> 00:05:00,165
It's Coca-Cola's
negotiation strategies.
107
00:05:00,200 --> 00:05:02,100
It's think tanks.
108
00:05:02,135 --> 00:05:03,869
It's diplomats.
109
00:05:03,904 --> 00:05:06,605
It's university professors.
110
00:05:06,640 --> 00:05:08,440
It's law firms.
111
00:05:08,475 --> 00:05:09,908
People have started to realize
112
00:05:09,943 --> 00:05:12,577
that this actually has become
a serious issue, or...?
113
00:05:12,613 --> 00:05:15,347
I think it made people realize
114
00:05:15,382 --> 00:05:18,517
that some of the
most vibrant companies
115
00:05:18,552 --> 00:05:21,486
in the United States were
major targets, but I think
116
00:05:21,522 --> 00:05:26,191
it took another 5 years
for companies that thought,
117
00:05:26,226 --> 00:05:28,360
"Why would we ever be the target
118
00:05:28,395 --> 00:05:30,929
of a state-sponsored
Chinese cyber attack?"
119
00:05:30,964 --> 00:05:35,033
to wake up and say, "Oh shit,
we've been a victim too!"
120
00:05:37,137 --> 00:05:38,436
But how was everyone so sure
121
00:05:38,472 --> 00:05:40,939
China was behind Operation Aurora?
122
00:05:40,974 --> 00:05:43,875
I went to Washington to talk to Dmitri Alperovitch,
123
00:05:43,911 --> 00:05:46,711
one of the first people to analyze the attack.
124
00:05:46,747 --> 00:05:49,114
He worked with many of the companies who were affected.
125
00:05:50,751 --> 00:05:51,883
So how was it done?
126
00:05:51,919 --> 00:05:53,418
It was actually
pretty ingenious.
127
00:05:53,453 --> 00:05:55,420
So they actually identified
people inside the organization
128
00:05:55,455 --> 00:05:57,255
that they were able to approach,
129
00:05:57,291 --> 00:05:59,724
and social engineer them
to click on a link.
130
00:05:59,760 --> 00:06:03,461
So you're talking about phishing
emails with malware payloads.
131
00:06:03,497 --> 00:06:04,829
That's right.
132
00:06:04,865 --> 00:06:07,132
In some cases, it was
actually an instant message,
133
00:06:07,167 --> 00:06:10,068
not even an email, that
once you click on that link,
134
00:06:10,103 --> 00:06:12,971
your machine is compromised
and the attackers take over.
135
00:06:13,006 --> 00:06:14,739
And how did you
figure out it was China?
136
00:06:14,775 --> 00:06:17,442
Once we started tracking all
the machines that were involved
137
00:06:17,477 --> 00:06:19,911
in the compromise, and there
were these multiple of machines
138
00:06:19,947 --> 00:06:22,013
that were set up for
command and control,
139
00:06:22,049 --> 00:06:24,916
and where the connections into
those machines were coming from,
140
00:06:24,952 --> 00:06:27,352
we started to see signs
that were pointing
141
00:06:27,387 --> 00:06:28,920
to Chinese activity.
142
00:06:28,956 --> 00:06:30,755
And later on, as we
expanded the investigation,
143
00:06:30,791 --> 00:06:32,624
we started to
uncover other activity
144
00:06:32,659 --> 00:06:34,593
that we were able to tie
together to this group
145
00:06:34,628 --> 00:06:37,596
that we now call Aurora Panda,
a Chinese nation state group
146
00:06:37,631 --> 00:06:41,366
that is really conducting,
to this day, espionage activity
147
00:06:41,401 --> 00:06:44,636
into numerous organizations,
government agencies,
148
00:06:44,671 --> 00:06:47,439
as well as private-sector
organizations across the globe.
149
00:06:48,742 --> 00:06:51,109
Operation Aurora offers aglimpse into how Chinese hackers
150
00:06:51,144 --> 00:06:52,777
work within the country's government.
151
00:06:52,813 --> 00:06:54,446
(Soldiers chanting)
152
00:06:54,481 --> 00:06:56,648
And more specifically, its military branch:
153
00:06:56,683 --> 00:07:00,118
the People's Liberation Army, otherwise known as the PLA.
154
00:07:01,722 --> 00:07:03,888
With these type of actors,
they get in and they wanna stay
155
00:07:03,924 --> 00:07:06,291
as long as possible, because
they have a collection priority.
156
00:07:06,326 --> 00:07:08,627
And even if they get
discovered and kicked out,
157
00:07:08,662 --> 00:07:11,863
oftentimes they're back in
or trying to get back in
158
00:07:11,898 --> 00:07:14,466
the next day because they still
have a mission to do, right?
159
00:07:14,501 --> 00:07:16,635
This is oftentimes
a military operation.
160
00:07:16,670 --> 00:07:19,471
You have a PLA general that's
coming to you as a soldier
161
00:07:19,506 --> 00:07:22,207
in the PLA saying, "I need you
to get this information for me
162
00:07:22,242 --> 00:07:23,642
from this company."
163
00:07:23,677 --> 00:07:24,976
And you don't stop
because it's hard,
164
00:07:25,012 --> 00:07:26,511
you don't stop because
you've been discovered.
165
00:07:26,546 --> 00:07:28,913
You keep on going because you
were given a mission by your
166
00:07:28,949 --> 00:07:32,083
boss to do so, and you don't
disobey orders in the military.
167
00:07:32,119 --> 00:07:33,585
And you need to
achieve that objective.
168
00:07:33,620 --> 00:07:34,819
Absolutely.
169
00:07:36,289 --> 00:07:37,822
The hackers deployed malware
170
00:07:37,858 --> 00:07:40,592
using an unfixed flaw in Internet Explorer.
171
00:07:40,627 --> 00:07:41,760
This is a real spear phish
172
00:07:41,795 --> 00:07:43,695
we detected in
one of our customers.
173
00:07:43,730 --> 00:07:46,498
So let's go to our
victim machine down here.
174
00:07:46,533 --> 00:07:48,700
I have an email that's arrived
from a good friend of mine,
175
00:07:48,735 --> 00:07:50,368
and there's a Word
document attachment
176
00:07:50,404 --> 00:07:51,670
that I want to take a look at.
177
00:07:51,705 --> 00:07:53,104
So who wouldn't click on this?
178
00:07:53,140 --> 00:07:54,706
I certainly would.
179
00:07:54,741 --> 00:07:57,075
So we just had the connection
from the victim show up here.
180
00:07:57,110 --> 00:07:59,344
So this is our machine,
our victim machine,
181
00:07:59,379 --> 00:08:02,347
that we are able to take over.
182
00:08:02,382 --> 00:08:05,016
I can go to this
wonderful file manager,
183
00:08:05,052 --> 00:08:08,520
which looks like just any file
manager you would normally have.
184
00:08:08,555 --> 00:08:11,723
So I literally can just
highlight this and click
185
00:08:11,758 --> 00:08:14,559
"Receive", and it sends
it over to my machine.
186
00:08:14,594 --> 00:08:16,428
That's as easy as it gets.
187
00:08:16,463 --> 00:08:18,930
Operation Aurora showed that China was hacking some of
188
00:08:18,965 --> 00:08:21,866
America's biggest companies, and many of the attacks
189
00:08:21,902 --> 00:08:24,002
were attributed to hackers linked with
190
00:08:24,037 --> 00:08:25,470
the People's Liberation Army.
191
00:08:29,810 --> 00:08:31,476
If the Google hack and others like it
192
00:08:31,511 --> 00:08:34,012
are state-sponsored, that means the Chinese government
193
00:08:34,047 --> 00:08:36,314
is brashly stealing American intellectual property
194
00:08:36,349 --> 00:08:40,151
with one hand while making new trade deals with the other.
195
00:08:40,187 --> 00:08:42,420
The New York Times and Nicole Perlroth
196
00:08:42,456 --> 00:08:45,757
paired with a cyber security firm, Mandiant, to track down
197
00:08:45,792 --> 00:08:48,526
the physical location of some of the hackers.
198
00:08:48,562 --> 00:08:51,129
And they found them in Shanghai
199
00:08:51,164 --> 00:08:54,299
at a PLA unit known only as 61398.
200
00:08:56,002 --> 00:09:00,171
We were able to trace thousands
of attacks on US companies
201
00:09:00,207 --> 00:09:02,707
and companies in Europe
and universities
202
00:09:02,743 --> 00:09:04,876
and research companies
and think tanks
203
00:09:04,911 --> 00:09:08,980
back to this one
building in Shanghai.
204
00:09:09,015 --> 00:09:11,883
And it was the first time
a security firm had
205
00:09:11,918 --> 00:09:15,320
publicly pointed to...
not just to China,
206
00:09:15,355 --> 00:09:19,390
but to a very specific
unit of the PLA.
207
00:09:19,426 --> 00:09:22,293
There weren't a lot of windows,
but it was clear they had some
208
00:09:22,329 --> 00:09:26,064
great satellite technology,
and it was very well guarded.
209
00:09:26,099 --> 00:09:29,167
But other than that, it
was completely nondescript.
210
00:09:29,202 --> 00:09:31,836
It was not as
high-tech as Fort Mead,
211
00:09:31,872 --> 00:09:35,340
but it was very clear this was
actually a military compound.
212
00:09:37,744 --> 00:09:40,478
To understand 61398, first you have to understand
213
00:09:40,514 --> 00:09:43,014
the relationship between business, government,
214
00:09:43,049 --> 00:09:44,582
and the military in China.
215
00:09:47,354 --> 00:09:48,653
Melissa Chan worked in Beijing
216
00:09:48,688 --> 00:09:51,890
as a correspondent for Al Jazeera for 5 years.
217
00:09:51,925 --> 00:09:54,526
Her reporting on politically sensitive issues
218
00:09:54,561 --> 00:09:56,594
got her kicked out of the country.
219
00:09:56,630 --> 00:09:58,429
Did they give you a rough
time when you were there?
220
00:09:58,465 --> 00:10:00,698
They gave me and every
foreign reporter a rough time.
221
00:10:00,734 --> 00:10:03,935
We all thought the reporting
environment in 2012
222
00:10:03,970 --> 00:10:05,770
was pretty bad.
223
00:10:05,806 --> 00:10:07,705
That was around the
time when I left,
224
00:10:07,741 --> 00:10:10,542
and it's just gotten worse
according to foreign reporters
225
00:10:10,577 --> 00:10:12,110
still based there.
226
00:10:12,145 --> 00:10:15,914
What do you make of Obama making
cybersecurity top of the list
227
00:10:15,949 --> 00:10:17,615
when it comes to
dealing with China?
228
00:10:17,651 --> 00:10:19,617
I think it indicates
how bad that situation is
229
00:10:19,653 --> 00:10:21,719
with cyber espionage.
230
00:10:21,755 --> 00:10:23,888
Every government has
cyber espionage, right?
231
00:10:23,924 --> 00:10:25,590
Including the United States.
232
00:10:25,625 --> 00:10:30,795
You won't have an American
intelligence officer meet with
233
00:10:30,831 --> 00:10:34,199
a Fortune 500 company CEO
and just hand over data,
234
00:10:34,234 --> 00:10:36,367
and say, "Here, this is
what we got from the Chinese."
235
00:10:36,403 --> 00:10:40,305
But we do know that the Chinese
do not see that differentiation.
236
00:10:40,340 --> 00:10:41,806
I mean, the thing you have
to understand about Chinese
237
00:10:41,842 --> 00:10:44,809
companies, even publically
traded companies that are owned
238
00:10:44,845 --> 00:10:48,613
by private Chinese... you know,
that were started by private
239
00:10:48,648 --> 00:10:51,649
Chinese citizens, is that
there's a corner office
240
00:10:51,685 --> 00:10:54,152
somewhere where there's a
Communist Party representative.
241
00:10:54,187 --> 00:10:55,320
So the Communist Party's
242
00:10:55,355 --> 00:10:57,722
never far away from
any Chinese company.
243
00:10:57,757 --> 00:11:00,291
There's always a
connection to the government.
244
00:11:00,327 --> 00:11:03,294
I spent months trying to speak with Chinese hackers.
245
00:11:03,330 --> 00:11:06,464
When I finally came close, I was shut down at the last minute.
246
00:11:12,205 --> 00:11:15,807
But I did get a glimpse through cybersecurity expert Ian Amit.
247
00:11:15,842 --> 00:11:19,010
Amit met with Chinese hackers at a tech conference in China.
248
00:11:21,448 --> 00:11:25,149
IAN: We went to what
was called Excalibur Con.
249
00:11:25,185 --> 00:11:29,153
A bunch of us - "us" is
Western security professionals,
250
00:11:29,189 --> 00:11:34,359
speakers, hackers, whatever
it is - were invited to speak.
251
00:11:35,562 --> 00:11:37,762
Were you ever offered to work
for the Chinese government?
252
00:11:37,797 --> 00:11:39,030
Yeah, yeah.
253
00:11:39,065 --> 00:11:40,365
They just came out
and asked you?
254
00:11:40,400 --> 00:11:42,333
Pretty much, yeah.
255
00:11:42,369 --> 00:11:43,968
What was your response?
256
00:11:44,004 --> 00:11:45,370
No.
(Laughing)
257
00:11:45,405 --> 00:11:47,772
A very nice "no", but...
258
00:11:47,807 --> 00:11:50,808
Yeah, they had us, you know...
they even took us to a tour
259
00:11:50,844 --> 00:11:56,281
in a business office
building that was empty.
260
00:11:56,316 --> 00:12:00,485
And you know, walked us
around, showed us, you know,
261
00:12:00,520 --> 00:12:02,020
"This can be your office.
262
00:12:02,055 --> 00:12:03,321
Do you want the corner office?
263
00:12:03,356 --> 00:12:05,657
How many people do you
need working for you?"
264
00:12:05,692 --> 00:12:07,659
And they're not talking
about like five or six,
265
00:12:07,694 --> 00:12:09,794
like, "Do you need 50, 60, 100?"
266
00:12:09,829 --> 00:12:11,329
BEN: So this is the
office you'd be given.
267
00:12:11,364 --> 00:12:14,299
IAN: Yeah, and again,
they built this in a year.
268
00:12:14,334 --> 00:12:16,701
One year, everything.
269
00:12:16,736 --> 00:12:19,003
Roads, residential...
270
00:12:19,039 --> 00:12:21,572
Again, resources
is not a problem.
271
00:12:21,608 --> 00:12:24,809
You just have a lot
of people build shit.
272
00:12:24,844 --> 00:12:28,579
How do you gauge
Chinese hackers compared to,
273
00:12:28,615 --> 00:12:29,981
you know, let's say the NSA?
274
00:12:30,016 --> 00:12:32,250
I would say the same
rate, the same level.
275
00:12:32,285 --> 00:12:33,584
Really?
276
00:12:33,620 --> 00:12:37,722
If you assume any less
of that, you're a fool.
277
00:12:37,757 --> 00:12:40,358
Then why are they trying to
poach American and Israeli...
278
00:12:40,393 --> 00:12:41,659
More, more.
279
00:12:41,695 --> 00:12:45,897
Having a diversity is
key in cybersecurity.
280
00:12:45,932 --> 00:12:48,833
A lot of times when you bring in
people that are not necessarily
281
00:12:48,868 --> 00:12:52,203
from your field of
expertise, can...
282
00:12:52,238 --> 00:12:54,906
can be a huge leverage in
terms of your capabilities.
283
00:12:54,941 --> 00:12:56,774
I would do the same.
284
00:12:56,810 --> 00:13:00,445
I would try to recruit,
I would try to tap into
285
00:13:00,480 --> 00:13:04,682
whatever resources there
are that I'm not aware of
286
00:13:04,718 --> 00:13:07,719
that can enhance and
enrich my capabilities.
287
00:13:07,754 --> 00:13:13,024
If they're grooming their
local cyber expertise in-house,
288
00:13:13,059 --> 00:13:16,527
if I were on their end,
I would try to do the same.
289
00:13:16,563 --> 00:13:19,964
I would try to bring in a lot
of outside perspective,
290
00:13:20,000 --> 00:13:22,934
a lot of different thinking,
different approach,
291
00:13:22,969 --> 00:13:24,369
because that's the key,
292
00:13:24,404 --> 00:13:25,970
especially in a game
like cybersecurity.
293
00:13:26,006 --> 00:13:28,039
You have to be adaptive,
you have to be creative.
294
00:13:28,074 --> 00:13:29,974
- For innovation.
- Exactly, yeah.
295
00:13:30,010 --> 00:13:32,143
Where the loss of American intellectual property
296
00:13:32,178 --> 00:13:34,779
was once kept secret, by 2014
297
00:13:34,814 --> 00:13:37,482
the Obama Administration was no longer silent.
298
00:13:37,517 --> 00:13:40,151
For the first time, the Department of Justice charged
299
00:13:40,186 --> 00:13:43,087
Chinese military hackers for breaking into US corporations.
300
00:13:44,324 --> 00:13:47,125
Today, we are announcing an
indictment against five officers
301
00:13:47,160 --> 00:13:50,428
of the Chinese People's
Liberation Army for serious
302
00:13:50,463 --> 00:13:55,600
cybersecurity breaches against
six American victim companies.
303
00:13:55,635 --> 00:13:58,069
These represent
the first ever charges
304
00:13:58,104 --> 00:14:00,238
against known state
actors for infiltrating
305
00:14:00,273 --> 00:14:02,340
United States
commercial targets.
306
00:14:02,375 --> 00:14:06,310
The DOJ put five Chinese hackers on the FBI's Most Wanted list,
307
00:14:06,346 --> 00:14:09,614
all of them officers in the PLA's 61398.
308
00:14:10,617 --> 00:14:14,318
John Carlin tracks nation states infiltrating US corporations.
309
00:14:14,354 --> 00:14:17,955
You'll see the activity from
the location of this unit
310
00:14:17,991 --> 00:14:21,025
of the PLA, 61398.
311
00:14:21,061 --> 00:14:24,362
It starts around 9:00am, and
you see the spike in activity.
312
00:14:24,397 --> 00:14:26,664
You go to around lunch.
313
00:14:26,699 --> 00:14:29,000
They get a little lunch break,
and the activity goes down.
314
00:14:29,035 --> 00:14:32,203
Then it resumes again
until the end of the day.
315
00:14:32,238 --> 00:14:35,173
And there seems to be
roughly a 9-to-5...
316
00:14:35,208 --> 00:14:37,041
- Government job.
- A government job.
317
00:14:37,077 --> 00:14:39,010
So we just can't...
318
00:14:39,045 --> 00:14:42,613
it's not fair to
American companies.
319
00:14:42,649 --> 00:14:45,049
And what evidence did
you have against them?
320
00:14:45,085 --> 00:14:48,419
We showed specific actions
on specific times on specific
321
00:14:48,455 --> 00:14:53,624
dates, and photographs of the
individuals as they went into
322
00:14:53,660 --> 00:14:58,663
company systems from these
dedicated hacker thieves
323
00:14:58,698 --> 00:15:01,165
who are going in day in and
day out to steal information.
324
00:15:01,201 --> 00:15:05,136
But they are wearing
PLA member uniforms.
325
00:15:05,171 --> 00:15:06,971
If this is a
nation state attack,
326
00:15:07,006 --> 00:15:09,006
why single out individuals?
327
00:15:09,042 --> 00:15:14,846
We're not charging a country for
generically doing something bad.
328
00:15:14,881 --> 00:15:19,183
We're proving up specific facts
against particular people
329
00:15:19,219 --> 00:15:22,687
by name, by date,
here is what they did.
330
00:15:22,722 --> 00:15:27,091
So in this case, we were able to
figure out the name and the face
331
00:15:27,127 --> 00:15:28,826
behind the keyboard.
332
00:15:28,862 --> 00:15:31,562
And the reason why our companies
are getting hammered day in
333
00:15:31,598 --> 00:15:34,365
and day out by this type
of theft is because
334
00:15:34,400 --> 00:15:36,734
the people behind the keyboard
think they're anonymous,
335
00:15:36,769 --> 00:15:39,237
and these charges
show you are not.
336
00:15:39,272 --> 00:15:43,107
And the fact is just because
you're wearing a uniform
337
00:15:43,143 --> 00:15:45,209
shouldn't give you a free pass
338
00:15:45,245 --> 00:15:47,078
when you commit that
same type of theft.
339
00:15:47,113 --> 00:15:50,114
China was stealing some of America's most precious intel,
340
00:15:50,150 --> 00:15:53,084
the kind of trade secrets that keep economies growing.
341
00:15:53,119 --> 00:15:55,586
For some companies, the results were devastating.
342
00:15:59,692 --> 00:16:01,359
BEN: China has been targetingall sorts of American companies
343
00:16:01,394 --> 00:16:03,528
for trade secrets.
344
00:16:03,563 --> 00:16:06,831
Daniel McGahn is president of American Superconductor,
345
00:16:06,866 --> 00:16:08,799
or AMSC.
346
00:16:10,637 --> 00:16:12,937
The company specializes in power technologies
347
00:16:12,972 --> 00:16:15,940
such as wind turbines and superconducting wire.
348
00:16:15,975 --> 00:16:17,842
In an effort to protect against hacking,
349
00:16:17,877 --> 00:16:20,845
they kept their valuable source code on an offline server.
350
00:16:23,082 --> 00:16:25,216
But in 2011, one of McGahn's employees
351
00:16:25,251 --> 00:16:28,286
took a $2 million bribe to hand over AMSC software code
352
00:16:28,321 --> 00:16:30,955
to a state-owned company in China.
353
00:16:30,990 --> 00:16:33,357
Welcome to the future!
354
00:16:33,393 --> 00:16:36,694
The story really kind
of falls out of a...
355
00:16:36,729 --> 00:16:42,166
you know, a 1960s, 1970s
vintage spy movie.
356
00:16:42,202 --> 00:16:45,336
The individual was approached,
the individual was turned,
357
00:16:45,371 --> 00:16:48,339
there was offered
money, home, women.
358
00:16:48,374 --> 00:16:54,011
The way he was motivated was
in the techniques of spy craft.
359
00:16:54,047 --> 00:16:56,147
He had a penchant for
writing everything down.
360
00:16:56,182 --> 00:16:58,749
If you know Skype, he tended
to use Skype to be able to
361
00:16:58,785 --> 00:17:00,484
communicate and transfer files.
362
00:17:00,520 --> 00:17:03,154
So we were able to
basically obtain everything,
363
00:17:03,189 --> 00:17:05,723
from motive to when
the transfers happened,
364
00:17:05,758 --> 00:17:08,593
who received them, and
kind of the end part.
365
00:17:08,628 --> 00:17:09,827
You know, ha ha ha,
they won't need
366
00:17:09,862 --> 00:17:11,762
American Superconductor anymore.
367
00:17:11,798 --> 00:17:13,898
And what was the fallout?
368
00:17:13,933 --> 00:17:17,368
The fallout was we had a
stock that was at about $25,
369
00:17:17,403 --> 00:17:19,437
and it went to $12.5 in a day.
370
00:17:19,472 --> 00:17:23,441
So we went from about
$1.5, $1.6 billion
371
00:17:23,476 --> 00:17:26,777
to $800 million in
evaluation in a day.
372
00:17:26,813 --> 00:17:29,046
So the stock
completely collapsed.
373
00:17:29,082 --> 00:17:32,049
We know we're on a targeted
list of a lot of companies
374
00:17:32,085 --> 00:17:35,620
in North America, that the
Chinese are looking to
375
00:17:35,655 --> 00:17:39,123
obtain any valuable
technology that they can.
376
00:17:39,158 --> 00:17:42,760
So we've had to try
to develop a capability
377
00:17:42,795 --> 00:17:45,529
to protect such attacks.
378
00:17:45,565 --> 00:17:47,798
So you're saying the
People's Liberation Army
379
00:17:47,834 --> 00:17:50,468
has targeted your company
in hacking operations
380
00:17:50,503 --> 00:17:52,970
to steal corporate secrets?
381
00:17:53,006 --> 00:17:55,473
They've been happening since
this event, and they've been
382
00:17:55,508 --> 00:17:58,809
happening subsequently
on a very regular basis.
383
00:17:58,845 --> 00:18:02,079
What we've seen is when we've
gone back and we've used
384
00:18:02,115 --> 00:18:04,615
third parties to try
to validate, you know,
385
00:18:04,651 --> 00:18:06,884
where did these
attacks come from,
386
00:18:06,919 --> 00:18:09,587
and the entities that... at
least that they're telling us
387
00:18:09,622 --> 00:18:12,156
are directly linked
to the PLA and China,
388
00:18:12,191 --> 00:18:15,826
the People's Liberation Army,
there is a move within China
389
00:18:15,862 --> 00:18:19,163
to do this as part of kind of
normal operation of business.
390
00:18:19,198 --> 00:18:21,232
And do you think this is
sort of a precursor to China
391
00:18:21,267 --> 00:18:24,302
trying to overtake
America economically?
392
00:18:24,337 --> 00:18:26,570
I don't see it as a
precursor; it's happening.
393
00:18:26,606 --> 00:18:29,473
The desire is for
China to be #1.
394
00:18:29,509 --> 00:18:31,175
They have the largest
population in the world.
395
00:18:31,210 --> 00:18:33,077
Why shouldn't their
economy be the largest?
396
00:18:33,112 --> 00:18:36,947
Even after all this, would
you still do business in China?
397
00:18:36,983 --> 00:18:38,316
We still do.
398
00:18:38,351 --> 00:18:41,018
We still see China
as an opportunity,
399
00:18:41,054 --> 00:18:43,521
but those products
have to be paid for.
400
00:18:43,556 --> 00:18:45,523
Customers pay.
401
00:18:46,793 --> 00:18:49,860
To add insult to injury, a windturbine that was built by China
402
00:18:49,896 --> 00:18:51,696
and sold back to the US
403
00:18:51,731 --> 00:18:54,098
was running on the stolen source code.
404
00:18:54,133 --> 00:18:56,801
AMSC eventually replaced the turbine's controller
405
00:18:56,836 --> 00:18:59,136
and software with their own tech.
406
00:18:59,172 --> 00:19:00,805
Hoo!
407
00:19:00,840 --> 00:19:04,375
So this is actually one of the
controllers that was stolen?
408
00:19:04,410 --> 00:19:05,843
Yes, yes.
409
00:19:05,878 --> 00:19:07,878
So the software stolen,
410
00:19:07,914 --> 00:19:10,614
and the actual programming
of the turbine.
411
00:19:10,650 --> 00:19:14,051
This turbine's close, but
it's definitely different.
412
00:19:19,559 --> 00:19:21,225
Oh my god!
413
00:19:24,030 --> 00:19:25,062
Ho!
414
00:19:27,967 --> 00:19:30,534
We are definitely
72 meters in the sky.
415
00:19:35,742 --> 00:19:37,341
BEN: But it's not as if the US isn't spying
416
00:19:37,377 --> 00:19:39,477
on Chinese corporations.
417
00:19:39,512 --> 00:19:41,645
In 2014, Edward Snowden leaked a trove of
418
00:19:41,681 --> 00:19:45,015
National Security Agencydocuments that revealed Huawei,
419
00:19:45,051 --> 00:19:47,651
a Chinese telecom giant, was a US target.
420
00:19:49,389 --> 00:19:51,622
And according to the German magazine Der Spiegel,
421
00:19:51,657 --> 00:19:54,725
the NSA managed to access the source code of Huawei products
422
00:19:54,761 --> 00:19:57,695
in order to tap communications of targets who use them.
423
00:19:59,332 --> 00:20:00,898
But the US government says there's a difference
424
00:20:00,933 --> 00:20:02,700
between traditional espionage
425
00:20:02,735 --> 00:20:05,169
and stealing trade secrets for profit.
426
00:20:05,204 --> 00:20:07,204
So the administration is still holding out
427
00:20:07,240 --> 00:20:08,906
the threat of sanctions.
428
00:20:08,941 --> 00:20:11,175
Do you think sanctions
and diplomatic ploys,
429
00:20:11,210 --> 00:20:12,676
do you think
that'll really work?
430
00:20:12,712 --> 00:20:15,713
It will work because look at
what they're stealing here.
431
00:20:15,748 --> 00:20:20,084
In one case that we charged,
they were stealing the formula
432
00:20:20,119 --> 00:20:22,386
for the colour white.
433
00:20:22,422 --> 00:20:24,722
That is not a
national security secret.
434
00:20:24,757 --> 00:20:27,892
They are stealing that so that
they can compete and make paint,
435
00:20:27,927 --> 00:20:30,394
white paint that
people think is popular.
436
00:20:30,430 --> 00:20:32,730
That's all driven by profit.
437
00:20:32,765 --> 00:20:34,498
This is a cost-benefit game.
438
00:20:34,534 --> 00:20:37,334
As long as they think
it's cost-free to steal
439
00:20:37,370 --> 00:20:39,770
this information, they're
going to continue to do it.
440
00:20:39,806 --> 00:20:42,173
And we need to keep
raising the costs
441
00:20:42,208 --> 00:20:44,074
until the behaviour changes.
442
00:20:44,110 --> 00:20:46,577
With the help of stolen American-made IP,
443
00:20:46,612 --> 00:20:48,779
China has set it's sights on overtaking the US
444
00:20:48,815 --> 00:20:51,449
as the #1 economic superpower in the world.
445
00:20:53,052 --> 00:20:55,119
If we could put a dollar
value on all this hacking
446
00:20:55,154 --> 00:20:57,521
against corporate America,
what would it be?
447
00:20:57,557 --> 00:20:59,023
It's impossible at this point.
448
00:20:59,058 --> 00:21:00,591
People have tried.
449
00:21:00,626 --> 00:21:04,094
The former commander
of Cyber Command
450
00:21:04,130 --> 00:21:06,330
has put it in the trillions.
451
00:21:06,365 --> 00:21:11,101
There's just... How do you put a
price on intellectual property?
452
00:21:11,137 --> 00:21:13,070
And is this just the beginning?
453
00:21:13,105 --> 00:21:17,441
Or what's the future
hold for corporate America?
454
00:21:17,477 --> 00:21:21,479
I think it's a question
of is it too late?
455
00:21:21,514 --> 00:21:24,014
Has the IP already
left the building?
456
00:21:24,050 --> 00:21:29,386
And if it has, are we going to
suddenly see carbon copies
457
00:21:29,422 --> 00:21:33,958
of Benjamin Moore and Coca-Cola
and Lockheed Martin
458
00:21:33,993 --> 00:21:37,061
pop up in China over
the next 10 years?
459
00:21:37,096 --> 00:21:41,265
And the next chapter is:
when are we going to see China
460
00:21:41,300 --> 00:21:43,734
really using our own
intellectual property
461
00:21:43,769 --> 00:21:45,736
to their economic advantage?
462
00:21:45,771 --> 00:21:48,339
And I don't even think we've
seen the beginning of that yet.
463
00:21:50,676 --> 00:21:52,443
It's tough to know what's next
464
00:21:52,478 --> 00:21:55,079
when China keeps such tight control on their hackers,
465
00:21:55,114 --> 00:21:57,147
and almost no information leaks out of the country.
466
00:21:58,851 --> 00:22:00,451
But it's also hard to believe
467
00:22:00,486 --> 00:22:03,487
that the sophisticated cyber force of a rising superpower
468
00:22:03,523 --> 00:22:07,157
will suddenly just changeits MO because America said so.
469
00:22:07,193 --> 00:22:17,201
♪
43958
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.