Two companies were hacked in 2016, but this represents a significant decline from two years ago

Chinese cyber-attacks on US fall by 90 per cent

The Chinese government appears to be abiding by its September pledge to stop supporting the hacking of American trade secrets.

FireEye, a US-based network security company best known for fighting sophisticated Chinese hacking, has released a report stating that breaches attributed to China-based groups have plunged by 90 per cent in the past two years.

The most dramatic drop came during last summer's run-up to the bilateral agreement.

A senior Obama administration official said the government was not yet ready to proclaim that China was fully complying with the agreement but said the new report would be factored into its monitoring.

"We are still doing an assessment," said the official, adding that a just concluded second round of talks with China on the finer points of the agreement had gone well.

China's Foreign Ministry, the only government department to regularly answer questions from foreign reporters on the hacking issue, said China aimed to maintain dialogue on preventing and combating cyber-spying.

"We've expressed our principled position on many occasions," said ministry spokeswoman Hua Chunying. "We oppose and crack down on commercial cyber-espionage activities in all forms."

FireEye said that Chinese intrusions into some US firms have continued, with at least two hacked in 2016. But while the hackers installed ‘back doors’ to enable future spying, FireEye said it had seen no evidence that data was stolen.

Both hacked companies had government contracts and FireEye analyst Laura Galante believes it was plausible that the intrusions were stepping stones toward gathering information on government or military people or projects, which remain fair game under the September accord.

But while Chinese government-backed hackers appear to be engaging less in wholesale theft of US intellectual property, evidence suggests that they are increasingly spying on political and military targets in other countries and regions, including Russia, the Middle East, Japan and South Korea.

The Pentagon has been trying to plug holes in its cyber-security and recently invited a group of vetted outside hackers to test some public US Defence Department websites as part of a pilot project. 

Another security firm, CrowdStrike, has observed more Chinese state-supported hackers spying outside of the United States over the past year, company vice-president Adam Meyers said in an interview.

Targets include Russian and Ukrainian military targets, Indian political groups and the Mongolian mining industry.

FireEye and CrowdStrike said they were confident that the attacks are being carried out either directly by the Chinese government or on its behalf by hired contractors.

Since late last year there has been a flurry of new espionage activity against Russian government agencies and technology firms, as well as other targets in India, Japan and South Korea.

Cyber-security company Kaspersky has said the groups involved use tools and infrastructure that depend on Chinese-language characters.

One group, known as Mirage or APT 15, appears to have ended a spree of attacks on the US energy sector and is now focusing on government and diplomatic targets in Russia and former Soviet republics.

China and the UK made a similar pact in October not to conduct industrial cyber-espionage against each other. 

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them