Adding Insult To Injury: Companies DOJ Says That China Hacked Now Facing Probes Over Failure To Disclose
from the really-winning-fans-here dept
Earlier this week, we wrote about the DOJ filing an indictment against some Chinese hackers who are a part of the People’s Liberation Army. We found the situation rather ironic, given all that the NSA has been accused of on the cyberespionage front these days. We also found the whole thing to be incredibly counterproductive as it wouldn’t do a damn thing to stop Chinese hacking, but would likely lead to other countries filing criminal charges against NSA hackers.
What was particularly crazy was the DOJ’s smug announcement about how it finally had “proof” of Chinese hacks, naming some specific companies which had been hacked. In theory, the DOJ thinks it’s helping to protect those businesses, but the reality may be the opposite. It appears that the DOJ may have just created a massive headache for those companies, as they may be facing probes and possible shareholder lawsuits about failures to disclose the hacks to investors. It’s not entirely clear they needed to do so — and the companies insist they revealed all material information — but from the article, it’s clear that class action lawyers will eat this one up and file expensive and wasteful lawsuits.
“The question is would an investor have cared if Chinese hackers broke into a company and were messing around the place?” Jacob Olcott, a principal focusing on cybersecurity at Good Harbor Security Risk Management LLC in Washington, said in a phone interview. “As an investor, show me the evidence that you reviewed this thoroughly.”
So, not only did these companies — Alcoa and Allegheny Technologies Inc. — get hacked in a way where it’s unlikely that any criminal charges will catch the folks who did the hacking, those same companies may face another legal headache over the failure to reveal they got hacked by the Chinese. So exactly whom is the DOJ helping here?
Filed Under: breaches, china, disclosure, doj, hackers, indictment, privacy, sec
Companies: alcoa, allegheny technologies inc.
Comments on “Adding Insult To Injury: Companies DOJ Says That China Hacked Now Facing Probes Over Failure To Disclose”
Their clients and investors, if no on else. If I was doing business with a company that failed to report to me that they had been hacked, I would certainly count whoever did report that to me as helpful!
The DOJ is simply following orders handed down to them by the Execute Branch. The Executive Branch is trying to help itself, and gain some sort of foreign policy leverage.
I admit, this strategy makes absolutely no sense. Yet it’s the only plausible explanation for the DOJ’s and White House’s bizarre behavior.
I’m personally happy the White House is provoking the Chinese leadership. Hopefully it will lead to less economic trade between the two countries, and boost American jobs.
Though I doubt China is stupid enough to let a little political posturing ruin the very profitable trade agreement that mainly benefits the Chinese economy. After all, the Chinese economy is on course to become the largest economy in the world, by 2015.
I like it
They should let shareholders know when they find that the US government hacks them too.
Re: I like it
“They should let shareholders know when they find that the US government hacks them too.”
Yes, that would be nice. But let’s assume for a moment that they catch the feds hacking them. Can they disclose it?
Or will they be stopped from doing so by an NSL?
Or will they be punished after-the-fact by a quiet referral to the IRS, the DHS, the FBI and any regulatory agency that might want to take an interest? (We all know that the feds can and do engage in punitive prosecution: see “Qwest”.)
I’m willing to bet that Amazon, eBay, Facebook, Twitter, Verizon, AT&T, Sprint, T-Mobile, Instagram, and others have all been quite thoroughly hacked by the feds — and more than once. Why not? They can deny it. They can cover it up. They can threaten. They can intimidate. So what’s the downside, for the feds, if they hack anybody and everybody any time they feel like it…because “national security”.
I wouldn’t be surprised if:
There are lawsuits (would be ironic if they used some of those investor state clauses in those trade agreements) filed against the NSA and DOJ for this nonsense…
Campaign contributions start to wane off for officials who support this program…
Did the DOJ just blow the whistle on companies getting hacked? That is treason. Thousands of soldiers are going to die now.
Did they know
Presumably the Chinese used advanced techniques, 0-day exploits, and spear-phishing to gain entry. It is very likely these companies are using the best techniques. But one mistake, successful spear-phish can undo all the security measures.
Who paid them off?
Maybe I’m cynical, but this seems like a calculated move to expose a company that the DoJ doesn’t view in high favor.
Why go into this unless there was a benefit for them?
The only thing that the DoJ seems to protect are large banks and I’m aware that some of the big banks have investments in metals and commodities.
Could this be a favor for other corporations?
Re: Who paid them off?
In Corporate America, Microsoft patents YOU.
Security from security providers
This is just a combination of a dummy spit and a diversionary tactic.
The US establishment have always provided an inside track for select multinationals against foreign competitors. They are spitting the dummy and doing a bit of sabre rattling against China because they don’t want competition in strategic markets. They also don’t want competing sources of infrastructure and computer devices that do not have integrated back doors for the NSA.
It is also a diversionary tactic deflecting heat from them to China having been caught out by the Snowden leaks. “Dont look at us, look at the COMMUNIST Chinese!”
Major tech companies such as Cisco & Google are also trying to distort the truth by supposedly taking the NSA to task in the press. Those tech companies are completely complicit but deflect the blame off themselves onto the Government “who made them to do it”. Their PR departments are trying to spin the story they don’t do the spying willingly… Even though they take a generous part of their earnings from Government agency contracts, receive cheap financing loans from the same select banks, and gain share holder placements from complex investment companies & trusts that prop up their over the top valuations.
Who is the DOJ helping here?
They are padding their own resumes for better job opportunities after they leave public “service”… Personally, I think their best job opportunity should be as custodian (as in the person who cleans the loo) in a federal prison. They are not qualified for any regular job, IMO.
Intercept releases story: Spying on Bahamas and an unnamed country – Old Chinese “hacking” “Scandal” appears
So transparent, it hurts to see idiots give the “Chinese hacking” any sort of weight. When the US has just been exposed to record all the cellphone calls of two complete countries. https://firstlook.org/theintercept/article/2014/05/19/data-pirates-caribbean-nsa-recording-every-cell-phone-call-bahamas/
Look away people. Just look away. Evil China and their evil hackers are here.
Who Hacked Whom
Problem with the prosecution how did the NSA get the details. Was it a joint investigatory procedure in cooperation with the police in China or perhaps did the NSA break China’s laws and hack those computers.
Now if the NSA hacked the computers in China to gain that information, now just how exactly are they going to bloody provide they just didn’t plant it there in order to take pressure of the NSA and all of it’s hacking.
Is the NSA trying to cover it own hacking of those companies?
Oh what a mess we weave when we first start to decieve.
Re: Who Hacked Whom
Oh what a mess we we weave, when we first start to decieve. I just wanted to say, we have a problem. But how can we fix it? That is another problem. And if we could,what do we do…? I know, it’s redundent.
Funny. When I used to hack, I always used hacked Chinese systems to come back to “important” north american systems.
Did the DOJ just press charges against the NSA?