Bloomberg News

Spy Charges Ratchet Up Fears for Multinationals in China

May 22, 2014

Google in China

A file photograph shows a Chinese flag flying in front of Google Inc.'s offices in Beijing. Google said in 2010 it wouldn’t censor content for mainland Chinese services, shuttered its local search page and redirected users to a site in Hong Kong. Photographer: Keith Bedford/Bloomberg

Google Inc. (GOOG:US) sends an e-mail to some employees traveling to China warning that it’s a “restricted country” and online access to some internal systems will be limited, according to a person familiar with company policy.

Kyocera Corp. (6971) only makes photovoltaic cells in Japan and is reviewing cybersecurity measures at its solar-panel assembly plant in Tianjin. Infineon Technologies AG, Europe’s second-biggest chipmaker, fends off thousands of attacks from China every day, although most are amateurish, said a person familiar with the situation.

U.S. accusations of corporate spying by a Shanghai-based military unit have raised the stakes on the daily, behind-the-scenes struggle multinational companies face to protect intellectual property rights and confidential business plans in China. Military hackers stole designs for key reactor components from Westinghouse Electric Co., the Justice Department said.

Related:

  • China Will Vet Tech Firms After Threatening U.S. Retaliation
  • UglyGorilla Hacker Left Tracks, U.S. Cyber-Hunters Say

The escalation risks putting companies in the crossfire between the governments of the world’s two biggest economies. China, which has denied any hacking, may retaliate against American companies for their government’s public accusations.

Rising Costs

“Whenever words like cybersecurity or cyber-espionage are mentioned, fear is ratcheted up a notch,” said Jorg Wuttke, president of the European Union Chamber of Commerce in China. “One positive of this case is that it will serve as a valuable reminder that companies and institutions must beef up their IT security to ensure against such threats.”

Companies pursing opportunities in China must increasingly count cybersecurity among the rising costs of a presence in the world’s most-populous nation. Businesses operating in the country have been forced to counter ever-more sophisticated methods of attack, taking measures such as restricting what data employees can access there or barring the use of software seen as vulnerable.

Google’s e-mail warning to employees traveling in China states that “to protect you and our customers, we may have placed some restrictions on your account,” according to a person familiar with company practice who asked not to be identified while discussing internal policy.

Robin Moroney, a Singapore-based spokesman for Google, declined to comment on the company’s information-security measures. Google said in 2010 it wouldn’t censor content for mainland Chinese services, shuttered its local search page and redirected users to a site in Hong Kong.

High Secrecy

Some companies, such as Japan’s Kyocera, secure data by producing sensitive components close to home.

“We believe that way we can keep high secrecy,” said Midori Honda, a spokeswoman for the Kyoto-based maker of photovoltaic cells, which are used to make solar panels. The company is reviewing cybersecurity measures at its solar-panel assembly plant in Tianjin, China, Honda said by phone on May 20.

Kyocera has also been using systems to detect unauthorized attempts to access its network and banned the use of Windows XP, for which Microsoft Corp. (MSFT:US) no longer provides support, Honda said.

Germany’s Infineon must contend with thousands of largely unsophisticated attacks from China every day, said one person familiar with the situation who requested not to be identified since the information isn’t public. While the Neubiberg, Germany-based semiconductor maker has plants in Beijing and Wuxi, it keeps its most advanced production technology in Germany and Austria.

Coca-Cola Case

One of the suspected People’s Liberation Army hackers, who the Justice Department identified as operating under the alias UglyGorilla, has been linked to malware used in a 2009 hacking attack on Coca-Cola Co. (KO:US), Bloomberg News reported today.

The company was told by the FBI in March 2009 that hackers had broken into the beverage maker’s computer systems and pilfered files related to its aborted plan to buy China Huiyan Juice Group for $2.4 billion, according to three people familiar with the situation and an internal company document, Bloomberg News reported in 2012. The internal report said the intruders were state-sponsored.

Coca-Cola spokesman Petro Kacur declined to comment today when asked what measures the company was now taking to secure its information.

The Chinese government denied that its military has ever engaged in cyber-espionage.

National Security

“This action on the part of the U.S. has shown that it is not interested in having dialogue over the cybersecurity issue,” Chinese foreign ministry spokesman Hong Lei said at a May 20 daily briefing in Beijing. “The U.S. should take action to correct its mistake and drop the lawsuits.”

The Chinese State Internet Information Office announced today that it would begin vetting major technology products and services if they’re used for national security and other other public-interest purposes, the official Xinhua News Agency reported.

The office’s spokesman cited U.S. cyberspying allegations by former National Security Agency contractor Edward Snowden last year as a motivation for the move, according to Xinhua.

The hacking revelations come at a time when multinationals in China face increasing pressure from everything from regulatory crackdowns to corruption sweeps to state media exposes alleging unfair consumer practices. In recent years, state broadcaster CCTV has used its news programs to highlight what it says are unfair practices by foreign companies. Targets have included Apple Inc. (AAPL:US), McDonald’s Corp., Volkswagen AG and Nikon Corp.

Avoiding Confrontation

Highlighting the politically sensitive nature of the U.S.’s hacking claims, dozens of companies with business in China declined to comment about their experience with cyber-attacks.

“Most corporations want to avoid this kind of confrontation,” said Joseph Cheng, a political science professor at City University of Hong Kong. “This is much more an action of the U.S. government in the wider geopolitical relationship. Some companies are concerned about this and shared that with the U.S., but that’s a small minority.”

Stephane Bonifassi, a Paris-based lawyer who was recently a co-chair of the International Bar Association’s business crime committee, said he felt that concerns about aggravating authorities discouraged many corporations from discussing espionage concerns.

“Companies were not willing to disclose the cases that affected them, so there wasn’t much publicity,” Bonifassi said. “It’s a balance you have to find.”

Many Threats

Some companies addressed the issue in broad terms. Dayna Hart, a Shanghai-based spokeswoman for General Motors Co. (GM:US), said its agreements with local partners protect its intellectual property while ensuring access to the Chinese market.

Paul Adams, president of jet engine maker Pratt & Whitney, said “many, many organizations and countries around the world” were interested in acquiring its technology. The United Technologies Corp. (UTX:US) unit, which has about 1,500 employees in China, took hacking threats seriously, he said.

“We protect our IP from both a competitive and from a national security standpoint,” Adams said. “We know and have known for many years that there are many, many threats out there and this is very serious.”

While hundreds of U.S. entities have been penetrated by Chinese military hackers since 2002, the Justice Department’s indictment focused on five that specialize in solar panels, metals or next-generation nuclear power plants.

Westinghouse Reactors

In one case, the indictment detailed intrusions into Westinghouse’s internal computer systems while it was engaged in negotiations with a state-owned company it had agreed to build four AP1000 reactors with in China. The hackers stole internal e-mails in which Westinghouse executives discussed talks with the Chinese company, it said.

The attackers also sought to acquire pipe specifications that “would enable a competitor to build a plant similar to the AP1000 without incurring significant research and development costs,” the indictment said.

Chinese energy officials had previously complained to U.S. diplomats about software transfers from Westinghouse and a federal regulation that limited the exchange of some atomic energy information, according to an October 2009 cable released by WikiLeaks, an anti-secrecy group that publishes leaked documents. Zheng Yachuan, spokesman for China’s National Energy Administration, didn’t answer two calls to his office today.

Muted Reaction

Midori Hara, a Tokyo-based spokeswoman for Westinghouse’s parent company, Toshiba Corp. (6502), declined to comment on the hacking allegations or say whether the company was taking new steps to secure its networks.

One reason for companies’ muted reaction to the U.S.’s hacking indictment may be concern about provoking retaliation from China. Willy Lam, an adjunct professor at the Center of China Studies at Chinese University of Hong Kong, said such attacks probably won’t be broad.

“The Chinese probably won’t retaliate on a large scale,” he said. “They may just pick on one or two companies -- kill the chicken to scare the monkey.”

To contact Bloomberg News staff for this story: Benjamin Haas in Hong Kong at bhaas7@bloomberg.net; Lulu Yilun Chen in Hong Kong at ychen447@bloomberg.net; Alexandra Ho in Shanghai at aho113@bloomberg.net

To contact the editors responsible for this story: Frank Longid at flongid@bloomberg.net; Jason Rogers at jrogers73@bloomberg.net Brendan Scott


Best LBO Ever
LIMITED-TIME OFFER SUBSCRIBE NOW

Companies Mentioned

  • GOOG
    (Google Inc)
    • $584.77 USD
    • 4.82
    • 0.82%
  • MSFT
    (Microsoft Corp)
    • $46.52 USD
    • -0.24
    • -0.52%
Market data is delayed at least 15 minutes.
 
blog comments powered by Disqus