A 31-count indictment filed in the US District Court Monday charged Chinese hackers with gaining illegal access to a handful of Pittsburgh-area industrial firms, including US Steel. The charges against five officers in the Chinese military included impersonating US Steel’s then-CEO John Surma in order to gain access to the steelmaker’s computer network and extract data related to trade cases against China.
Two cases in particular--DOC rulings in 2009 and 2010 that imposed duties on Chinese steel producers--allegedly led a hacker identified as Sun Kailiang to create a fake email from Surma to 20 employees who were involved in the trade cases.
"The e-mail contained a link to malware, which some of the recipients clicked on, installing malware on computers located in the Western District of Pennsylvania and providing Defendant Sun and his co-conspirators with backdoor access to US Steel's computers," said the indictment.
Hackers gained access to at least one US Steel computer, taking the hostnames and descriptions of about 1,700 other computers including servers that access the company's facilities, network security and emergency response.