Adding Insult To Injury: Companies DOJ Says That China Hacked Now Facing Probes Over Failure To Disclose

from the really-winning-fans-here dept

Earlier this week, we wrote about the DOJ filing an indictment against some Chinese hackers who are a part of the People's Liberation Army. We found the situation rather ironic, given all that the NSA has been accused of on the cyberespionage front these days. We also found the whole thing to be incredibly counterproductive as it wouldn't do a damn thing to stop Chinese hacking, but would likely lead to other countries filing criminal charges against NSA hackers.

What was particularly crazy was the DOJ's smug announcement about how it finally had "proof" of Chinese hacks, naming some specific companies which had been hacked. In theory, the DOJ thinks it's helping to protect those businesses, but the reality may be the opposite. It appears that the DOJ may have just created a massive headache for those companies, as they may be facing probes and possible shareholder lawsuits about failures to disclose the hacks to investors. It's not entirely clear they needed to do so -- and the companies insist they revealed all material information -- but from the article, it's clear that class action lawyers will eat this one up and file expensive and wasteful lawsuits.
“The question is would an investor have cared if Chinese hackers broke into a company and were messing around the place?” Jacob Olcott, a principal focusing on cybersecurity at Good Harbor Security Risk Management LLC in Washington, said in a phone interview. “As an investor, show me the evidence that you reviewed this thoroughly.”
So, not only did these companies -- Alcoa and Allegheny Technologies Inc. -- get hacked in a way where it's unlikely that any criminal charges will catch the folks who did the hacking, those same companies may face another legal headache over the failure to reveal they got hacked by the Chinese. So exactly whom is the DOJ helping here?

Reader Comments (rss)

(Flattened / Threaded)

  1. icon
    Mason Wheeler (profile), May 23rd, 2014 @ 4:12pm

    So exactly whom is the DOJ helping here?

    Their clients and investors, if no on else. If I was doing business with a company that failed to report to me that they had been hacked, I would certainly count whoever did report that to me as helpful!

    reply to this | link to this | view in thread ]

  2. identicon
    Anonymous Coward, May 23rd, 2014 @ 4:37pm

    The DOJ is simply following orders handed down to them by the Execute Branch. The Executive Branch is trying to help itself, and gain some sort of foreign policy leverage.

    I admit, this strategy makes absolutely no sense. Yet it's the only plausible explanation for the DOJ's and White House's bizarre behavior.

    I'm personally happy the White House is provoking the Chinese leadership. Hopefully it will lead to less economic trade between the two countries, and boost American jobs.

    Though I doubt China is stupid enough to let a little political posturing ruin the very profitable trade agreement that mainly benefits the Chinese economy. After all, the Chinese economy is on course to become the largest economy in the world, by 2015.

    reply to this | link to this | view in thread ]

  3. identicon
    Anonymous Coward, May 23rd, 2014 @ 4:43pm

    I like it

    They should let shareholders know when they find that the US government hacks them too.

    reply to this | link to this | view in thread ]

  4. identicon
    avideogameplayer, May 23rd, 2014 @ 4:50pm

    I wouldn't be surprised if:

    There are lawsuits (would be ironic if they used some of those investor state clauses in those trade agreements) filed against the NSA and DOJ for this nonsense...

    Campaign contributions start to wane off for officials who support this program...

    reply to this | link to this | view in thread ]

  5. identicon
    Anonymous Coward, May 23rd, 2014 @ 4:54pm

    Re: I like it

    "They should let shareholders know when they find that the US government hacks them too."

    Yes, that would be nice. But let's assume for a moment that they catch the feds hacking them. Can they disclose it?

    Or will they be stopped from doing so by an NSL?

    Or will they be punished after-the-fact by a quiet referral to the IRS, the DHS, the FBI and any regulatory agency that might want to take an interest? (We all know that the feds can and do engage in punitive prosecution: see "Qwest".)

    I'm willing to bet that Amazon, eBay, Facebook, Twitter, Verizon, AT&T, Sprint, T-Mobile, Instagram, and others have all been quite thoroughly hacked by the feds -- and more than once. Why not? They can deny it. They can cover it up. They can threaten. They can intimidate. So what's the downside, for the feds, if they hack anybody and everybody any time they feel like it...because "national security".

    reply to this | link to this | view in thread ]

  6. identicon
    Anonymous Coward, May 23rd, 2014 @ 5:11pm

    Did the DOJ just blow the whistle on companies getting hacked? That is treason. Thousands of soldiers are going to die now.

    reply to this | link to this | view in thread ]

  7. icon
    madasahatter (profile), May 23rd, 2014 @ 6:24pm

    Did they know

    Presumably the Chinese used advanced techniques, 0-day exploits, and spear-phishing to gain entry. It is very likely these companies are using the best techniques. But one mistake, successful spear-phish can undo all the security measures.

    reply to this | link to this | view in thread ]

  8. icon
    Jay (profile), May 23rd, 2014 @ 7:07pm

    Who paid them off?

    Maybe I'm cynical, but this seems like a calculated move to expose a company that the DoJ doesn't view in high favor.

    Why go into this unless there was a benefit for them?

    The only thing that the DoJ seems to protect are large banks and I'm aware that some of the big banks have investments in metals and commodities.

    Could this be a favor for other corporations?

    reply to this | link to this | view in thread ]

  9. identicon
    Maximo III, May 23rd, 2014 @ 7:43pm

    Security from security providers

    This is just a combination of a dummy spit and a diversionary tactic.

    The US establishment have always provided an inside track for select multinationals against foreign competitors. They are spitting the dummy and doing a bit of sabre rattling against China because they don't want competition in strategic markets. They also don't want competing sources of infrastructure and computer devices that do not have integrated back doors for the NSA.

    It is also a diversionary tactic deflecting heat from them to China having been caught out by the Snowden leaks. "Dont look at us, look at the COMMUNIST Chinese!"

    Major tech companies such as Cisco & Google are also trying to distort the truth by supposedly taking the NSA to task in the press. Those tech companies are completely complicit but deflect the blame off themselves onto the Government "who made them to do it". Their PR departments are trying to spin the story they don't do the spying willingly... Even though they take a generous part of their earnings from Government agency contracts, receive cheap financing loans from the same select banks, and gain share holder placements from complex investment companies & trusts that prop up their over the top valuations.

    reply to this | link to this | view in thread ]

  10. identicon
    Anonymous Coward, May 24th, 2014 @ 12:31am

    Re: Who paid them off?

    In Corporate America, Microsoft patents YOU.

    reply to this | link to this | view in thread ]

  11. identicon
    Spaceman Spiff, May 24th, 2014 @ 5:12am

    Who is the DOJ helping here?

    They are padding their own resumes for better job opportunities after they leave public "service"... Personally, I think their best job opportunity should be as custodian (as in the person who cleans the loo) in a federal prison. They are not qualified for any regular job, IMO.

    reply to this | link to this | view in thread ]

  12. identicon
    Anonymous Coward, May 24th, 2014 @ 6:01am

    Intercept releases story: Spying on Bahamas and an unnamed country - Old Chinese "hacking" "Scandal" appears

    So transparent, it hurts to see idiots give the "Chinese hacking" any sort of weight. When the US has just been exposed to record all the cellphone calls of two complete countries. l-phone-call-bahamas/

    There is little reason this capability cannot expand to other accesses [REDACTED] and the Bahamas.

    Look away people. Just look away. Evil China and their evil hackers are here.

    reply to this | link to this | view in thread ]

  13. identicon
    Robert, May 24th, 2014 @ 6:36am

    Who Hacked Whom

    Problem with the prosecution how did the NSA get the details. Was it a joint investigatory procedure in cooperation with the police in China or perhaps did the NSA break China's laws and hack those computers.
    Now if the NSA hacked the computers in China to gain that information, now just how exactly are they going to bloody provide they just didn't plant it there in order to take pressure of the NSA and all of it's hacking.
    Is the NSA trying to cover it own hacking of those companies?
    Oh what a mess we weave when we first start to decieve.

    reply to this | link to this | view in thread ]

  14. identicon
    Mr. James P. Crothers, May 25th, 2014 @ 2:11pm

    Re: Who Hacked Whom

    Oh what a mess we we weave, when we first start to decieve. I just wanted to say, we have a problem. But how can we fix it? That is another problem. And if we could,what do we do...? I know, it's redundent.

    reply to this | link to this | view in thread ]

  15. identicon
    Anonymous Coward, May 26th, 2014 @ 6:46am

    Funny. When I used to hack, I always used hacked Chinese systems to come back to "important" north american systems.

    Did the DOJ just press charges against the NSA?

    reply to this | link to this | view in thread ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Insider Shop - Show Your Support!

Hide this ad »
Essential Reading
Techdirt Deals
Hide this ad »
Techdirt Insider Chat
Hide this ad »
Recent Stories
Advertisement - Amazon Prime Music
Hide this ad »


Email This

This feature is only available to registered users. Register or sign in to use it.