Discuss as:

Exclusive: Corporate victims of Chinese hackers speak out

The former head of the CIA and NSA, Gen. Michael Hayden, says that China is launching cyberattacks against every sector of the U.S. economy. Most companies do not say much - if anything - about being hacked. But in an exclusive television interview with CNBC's David Faber, one victim describes how the cyber-attack unfolded before his eyes.

By Anna Schecter
Rock Center

This article was originally published on Oct. 11 and was updated on Feb. 22, as more information became available.

UPDATE: In a new report released this week, cyber-security firm, Mandiant, pinpointed exactly where some of the most sophisticated hackers in China are working – in or around a building that serves as a Chinese military unit's headquarters on the outskirts of Shanghai.

This elite group of hackers has been dubbed the "Shanghai Group." They've struck 141 times since 2006 across all sectors of the U.S. economy.  This is the first time such a group has been tracked right to the doorstep of the People's Liberation Army.

Two major United States newspapers, The New York Times and The Wall Street Journal, reported earlier this year that their computer systems have been repeatedly targeted by hackers based in China for the past several months.

The New York Times said the attacks, which began in mid-September, were in response to a Times investigation of the relatives and family of China’s Premier Wen Jiabao. The Wall Street Journal simply stated that the infiltration was "for the apparent purpose of monitoring the newspaper's China coverage."

This is not the first time cyber-attacks originating from China have been in the national spotlight. According to current and former intelligence officials at the highest levels of government, the Chinese have playing dirty in the international spy game for years.

“This is stealing American wealth.  It's stealing American jobs.  It's stealing American competitive advantage,” General Michael Hayden, former head of the Central Intelligence Agency and the National Security Agency, said in an interview with NBC News.

Hayden’s comment was echoed by a House Intelligence Committee report released on October 8, 2012 warning that two Chinese telecommunications companies, Huawei and ZTE, could be funneling sensitive information back to Beijing, and cautioned American carriers to avoid doing business with them.

Intelligence Committee Chairman Mike Rogers, R-Mich., told NBC News that the Chinese have targeted every sector of the American economy.

“Everything you can possibly imagine we have seen the Chinese make a concerted effort to steal that information and use it for their own economic advantage,” he said.

That includes blueprints for the next generation of auto parts, formulas for pesticides and pharmaceuticals, and other information that makes American companies competitive in the global marketplace.

Though the United States limits its espionage to national security interests, intelligence officials said, China has launched a well-organized campaign to steal American corporate secrets via the Internet.

“I know states steal secrets. Our states steal secrets. And we're actually pretty good at it.  But we self-limit.  We steal things that are valuable and useful for your security, for your liberty and for your safety,” Hayden said.

One of the first to find himself on the front lines of the economic cyber war with China at the corporate level was Brian Shields. He was a computer security specialist for Nortel, a giant Canadian telecommunications company.


A success story from the early Internet age, Nortel made cell phone and computer network equipment. At its height, the company employed 20,000 people in the U.S.

Shields said he first got wind of the Chinese in Nortel’s network in 2004.  An employee working in highly technical research and development saw some curious activity on a computer server.  His documents were being downloaded apparently by a senior executive named Brian McFadden, who worked in a completely different department.

Shields said McFadden had not downloaded anything.  Instead, someone had hacked into the computer network using McFadden’s stolen password. Shields said he discovered that seven passwords had been stolen, including that of then CEO Frank Dunn.

Though Shields could never determine who the individual hacker was, he was able to track the activity to servers in Shanghai and Hangzhou, China.

In total more than 1,400 documents were stolen including product designs and valuable customer information, according to Shields.

“They could know what companies we're buying, how much. They could know where we saw our future product. They could know where we saw our profitability,” he said.

After the attack, Shields said he watched his company steadily lose business, while a competitor, Huawei, began to grow.  Nortel went bankrupt in 2009, while Huawei has become one of the world’s premiere telecommunications companies. Shields said he believes Nortel went under as a result of spying by companies like Huawei. 

Most industry insiders say that Nortel was a victim of bad business decisions coupled with the burst of the Internet bubble.

A spokeswoman for Nortel said the company responded appropriately to the 2004 attacks and “found no evidence of wide spread security issues.”

Huawei has denied stealing from Nortel or any other company. In a statement emailed to NBC News, the spokeswoman said the company has "the highest respect for the intellectual property of others."

In response to October 8th's House Intelligence Committee report, a Huawei spokesman said the accusations were based on rumors. The company defended its record as a member of the Fortune 500 list of the largest companies in the world.

“For the past 25 years, we have held an upstanding record…We have been emphasizing that Huawei is committed to cooperating transparently with any and all government agencies who wish to carry out an open and impartial dialogue about our company and the products and services that have made us successful internationally,” read a Huawei statement responding to the report.

Huawei has already sold equipment to a dozen small carriers in the U.S.

The Huawei spokesman said company is a “partner to the U.S. high-tech industry” and “helps create jobs in the U.S.”

ZTE released a statement saying that the company is China’s “most transparent, independent, globally focused, publicly traded telecom company.”

Click here to read a full response from Huawei

In response to this story, China’s Foreign Ministry Spokesman Hong Lei denied stealing from any corporations, adding that last year the Chinese helped international agencies address hundreds of cyber-attacks.   He said the Mandiant report linking attacks to the Chinese military was “unfounded” and “unprofessional.”

“China is also a victim of cyber-attacks, and we take a firm stance on continuously playing an active role in international cooperation,” Hong Lei told NBC News.

But top American brass said they are exasperated by China’s efforts to portray themselves as victims. Hayden said it is time to hold China accountable.

“Don't treat me like a child.  We know what you're doing.  We have good evidence with regard to what you're doing.  And if you continue to do what you do actions will have consequences,” said Hayden.

Rogers advocated that the White House make Chinese cyber espionage the number one issue in bilateral relations with China.

“They do respond to embarrassment.  And we ought to embarrass them for being thieves of the research and development of the United States of America.”