Adding Insult To Injury: Companies DOJ Says That China Hacked Now Facing Probes Over Failure To Disclose

from the really-winning-fans-here dept

Earlier this week, we wrote about the DOJ filing an indictment against some Chinese hackers who are a part of the People's Liberation Army. We found the situation rather ironic, given all that the NSA has been accused of on the cyberespionage front these days. We also found the whole thing to be incredibly counterproductive as it wouldn't do a damn thing to stop Chinese hacking, but would likely lead to other countries filing criminal charges against NSA hackers.

What was particularly crazy was the DOJ's smug announcement about how it finally had "proof" of Chinese hacks, naming some specific companies which had been hacked. In theory, the DOJ thinks it's helping to protect those businesses, but the reality may be the opposite. It appears that the DOJ may have just created a massive headache for those companies, as they may be facing probes and possible shareholder lawsuits about failures to disclose the hacks to investors. It's not entirely clear they needed to do so -- and the companies insist they revealed all material information -- but from the article, it's clear that class action lawyers will eat this one up and file expensive and wasteful lawsuits.
“The question is would an investor have cared if Chinese hackers broke into a company and were messing around the place?” Jacob Olcott, a principal focusing on cybersecurity at Good Harbor Security Risk Management LLC in Washington, said in a phone interview. “As an investor, show me the evidence that you reviewed this thoroughly.”
So, not only did these companies -- Alcoa and Allegheny Technologies Inc. -- get hacked in a way where it's unlikely that any criminal charges will catch the folks who did the hacking, those same companies may face another legal headache over the failure to reveal they got hacked by the Chinese. So exactly whom is the DOJ helping here?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: breaches, china, disclosure, doj, hackers, indictment, privacy, sec
Companies: alcoa, allegheny technologies inc.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Mason Wheeler (profile), 23 May 2014 @ 4:12pm

    So exactly whom is the DOJ helping here?

    Their clients and investors, if no on else. If I was doing business with a company that failed to report to me that they had been hacked, I would certainly count whoever did report that to me as helpful!

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 May 2014 @ 4:37pm

    The DOJ is simply following orders handed down to them by the Execute Branch. The Executive Branch is trying to help itself, and gain some sort of foreign policy leverage.

    I admit, this strategy makes absolutely no sense. Yet it's the only plausible explanation for the DOJ's and White House's bizarre behavior.

    I'm personally happy the White House is provoking the Chinese leadership. Hopefully it will lead to less economic trade between the two countries, and boost American jobs.

    Though I doubt China is stupid enough to let a little political posturing ruin the very profitable trade agreement that mainly benefits the Chinese economy. After all, the Chinese economy is on course to become the largest economy in the world, by 2015.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 May 2014 @ 4:43pm

    I like it

    They should let shareholders know when they find that the US government hacks them too.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 May 2014 @ 4:54pm

      Re: I like it

      "They should let shareholders know when they find that the US government hacks them too."

      Yes, that would be nice. But let's assume for a moment that they catch the feds hacking them. Can they disclose it?

      Or will they be stopped from doing so by an NSL?

      Or will they be punished after-the-fact by a quiet referral to the IRS, the DHS, the FBI and any regulatory agency that might want to take an interest? (We all know that the feds can and do engage in punitive prosecution: see "Qwest".)

      I'm willing to bet that Amazon, eBay, Facebook, Twitter, Verizon, AT&T, Sprint, T-Mobile, Instagram, and others have all been quite thoroughly hacked by the feds -- and more than once. Why not? They can deny it. They can cover it up. They can threaten. They can intimidate. So what's the downside, for the feds, if they hack anybody and everybody any time they feel like it...because "national security".

      link to this | view in chronology ]

  • identicon
    avideogameplayer, 23 May 2014 @ 4:50pm

    I wouldn't be surprised if:

    There are lawsuits (would be ironic if they used some of those investor state clauses in those trade agreements) filed against the NSA and DOJ for this nonsense...

    Campaign contributions start to wane off for officials who support this program...

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 May 2014 @ 5:11pm

    Did the DOJ just blow the whistle on companies getting hacked? That is treason. Thousands of soldiers are going to die now.

    link to this | view in chronology ]

  • icon
    madasahatter (profile), 23 May 2014 @ 6:24pm

    Did they know

    Presumably the Chinese used advanced techniques, 0-day exploits, and spear-phishing to gain entry. It is very likely these companies are using the best techniques. But one mistake, successful spear-phish can undo all the security measures.

    link to this | view in chronology ]

  • icon
    Jay (profile), 23 May 2014 @ 7:07pm

    Who paid them off?

    Maybe I'm cynical, but this seems like a calculated move to expose a company that the DoJ doesn't view in high favor.

    Why go into this unless there was a benefit for them?

    The only thing that the DoJ seems to protect are large banks and I'm aware that some of the big banks have investments in metals and commodities.

    Could this be a favor for other corporations?

    link to this | view in chronology ]

  • identicon
    Maximo III, 23 May 2014 @ 7:43pm

    Security from security providers

    This is just a combination of a dummy spit and a diversionary tactic.

    The US establishment have always provided an inside track for select multinationals against foreign competitors. They are spitting the dummy and doing a bit of sabre rattling against China because they don't want competition in strategic markets. They also don't want competing sources of infrastructure and computer devices that do not have integrated back doors for the NSA.

    It is also a diversionary tactic deflecting heat from them to China having been caught out by the Snowden leaks. "Dont look at us, look at the COMMUNIST Chinese!"

    Major tech companies such as Cisco & Google are also trying to distort the truth by supposedly taking the NSA to task in the press. Those tech companies are completely complicit but deflect the blame off themselves onto the Government "who made them to do it". Their PR departments are trying to spin the story they don't do the spying willingly... Even though they take a generous part of their earnings from Government agency contracts, receive cheap financing loans from the same select banks, and gain share holder placements from complex investment companies & trusts that prop up their over the top valuations.

    link to this | view in chronology ]

  • identicon
    Spaceman Spiff, 24 May 2014 @ 5:12am

    Who is the DOJ helping here?

    They are padding their own resumes for better job opportunities after they leave public "service"... Personally, I think their best job opportunity should be as custodian (as in the person who cleans the loo) in a federal prison. They are not qualified for any regular job, IMO.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 May 2014 @ 6:01am

    Intercept releases story: Spying on Bahamas and an unnamed country - Old Chinese "hacking" "Scandal" appears

    So transparent, it hurts to see idiots give the "Chinese hacking" any sort of weight. When the US has just been exposed to record all the cellphone calls of two complete countries. https://firstlook.org/theintercept/article/2014/05/19/data-pirates-caribbean-nsa-recording-every-cel l-phone-call-bahamas/


    There is little reason this capability cannot expand to other accesses [REDACTED] and the Bahamas.


    Look away people. Just look away. Evil China and their evil hackers are here.

    link to this | view in chronology ]

  • identicon
    Robert, 24 May 2014 @ 6:36am

    Who Hacked Whom

    Problem with the prosecution how did the NSA get the details. Was it a joint investigatory procedure in cooperation with the police in China or perhaps did the NSA break China's laws and hack those computers.
    Now if the NSA hacked the computers in China to gain that information, now just how exactly are they going to bloody provide they just didn't plant it there in order to take pressure of the NSA and all of it's hacking.
    Is the NSA trying to cover it own hacking of those companies?
    Oh what a mess we weave when we first start to decieve.

    link to this | view in chronology ]

    • identicon
      Mr. James P. Crothers, 25 May 2014 @ 2:11pm

      Re: Who Hacked Whom

      Oh what a mess we we weave, when we first start to decieve. I just wanted to say, we have a problem. But how can we fix it? That is another problem. And if we could,what do we do...? I know, it's redundent.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 May 2014 @ 6:46am

    Funny. When I used to hack, I always used hacked Chinese systems to come back to "important" north american systems.

    Did the DOJ just press charges against the NSA?

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.