Cybersecurity firm: Chinese hacking on American companies still persists quick

More from author

Nike survives pandemic blues via online sales

NEW YORK—Nike appears to have recovered from its pandemic slump, posting a solid quarterly profit driven by...

What are the different types of coronavirus tests?

There are three broad categories of coronavirus tests in the US. Two diagnose whether you have an active infection, and a third indicates if you previously had the virus.

Does my employer have to say if a coworker has the virus?

Employers are generally not required to tell workers when someone in the workplace has tested positive for the coronavirus.

WASHINGTON—Chinese-hacking attempts on American corporate intellectual property have occurred with regularity over the past three weeks, suggesting that China almost immediately began violating its newly minted cyber agreement with the United States, according to a newly published analysis by a cybersecurity company with close ties to the US government.

The Irvine, California-based company, CrowdStrike, says it documented seven Chinese cyber attacks against US technology and pharmaceuticals companies “where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national security-related intelligence collection.”

“We’ve seen no change in behavior,” said Dmitri Alperovich, a founder of CrowdStrike who wrote one of the first public accounts of commercial cyber espionage linked to China in 2011.

One attack came on September 26, CrowdStrike says, the day after President Barack Obama and Chinese President Xi Jinping announced their deal in the White House Rose Garden. CrowdStrike, which employs former Federal Bureau of Investigation and National Security Agency cyber experts, did not name the corporate victims, citing client confidentiality. And the company says it detected and thwarted the attacks before any corporate secrets were stolen.

A senior Obama administration official, speaking on condition of anonymity because he was not allowed to discuss the matter publicly, said officials are aware of the report but would not comment on its conclusions. The official did not dispute them, however.

The US will continue to directly raise concerns regarding cyber security with the Chinese, monitor the country’s cyber activities closely and press China to abide by all of its commitments, the official added.

The US-China agreement forged last month does not prohibit cyber spying for national security purposes, but it bans economic espionage designed to steal trade secrets for the benefit of competitors. That is something the US says it doesn’t do, but Western intelligence agencies have documented such attacks by China on a massive scale for years.

China denies engaging in such behavior, but threats of US sanctions led Chinese officials to conduct a flurry of last-minute negotiations which led to the deal. CrowdStrike on Monday released a timeline of recent intrusions linked to China that it says it documented against “commercial entities that fit squarely within the hacking prohibitions covered under the cyber agreement.”

The intrusion attempts are continuing, the company says, “with many of the China-affiliated actors persistently attempting to regain access to victim networks even in the face of repeated failures.”

CrowdStrike did not explain in detail how it attributes the intrusions to China, an omission that is likely to draw criticism, given the ability of hackers to disguise their origins. But the company has a long track record of gathering intelligence on Chinese hacking groups, and US intelligence officials have often pointed to the company’s work.

“We assess with a high degree of confidence that these intrusions were undertaken by a variety of different Chinese actors, including Deep Panda, which CrowdStrike has tracked for many years breaking into national security targets of strategic importance to China,” Alperovich wrote in a blog posting that laid out his findings.

The hacking group, known as Deep Panda, which has been linked to the Chinese military, is believed by many researchers to have carried out the attack on insurer Anthem Health earlier this year. CrowdStrike and other companies have tracked Deep Panda back to China based on the malware and techniques it uses, its working hours and other intelligence.

In 2013 another cybersecurity company, Mandiant, published a report exposing what it said was a hacking unit linked to China’s People’s Liberation Army, including identifying the building housing the unit in Beijing. Those findings were later validated by American intelligence officials.

Image credits: AP/Evan Vucci

- Advertisement -


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More updates

Europe finds mass testing is no panacea for the virus

When the coronavirus swept across Europe this spring, overwhelming hospitals and killing thousands each day, few but...
- Advertisement -

Born to prevent war, U.N. at 75 faces a deeply polarized world

UNITED NATIONS—The United Nations marked its 75th anniversary on Monday with its chief urging leaders of an increasingly polarized, go-it-alone world to work together and preserve the organization’s most important success since its founding: avoiding a military confrontation between the major global powers. Secretary-General Antonio Guterres’ appeal for a...

China’s rejection of Taiwan buffer zone raises risk of war

China is ratcheting up the risk of military confrontation in the Taiwan Strait, as Beijing seeks to deter Taipei from continuing to deepen ties with the US and other like-minded democracies. People’s Liberation Army aircraft repeatedly breached the median line between Taiwan and the Chinese mainland last week, in...

Melbourne to ease lockdown as India seen surpassing U.S.

MELBOURNE, Australia—Australia’s second-largest city, Melbourne, has moved close to easing severe lockdown restrictions after recording only 14 new Covid-19 cases on Sunday. It was the second day in a row new infections fell below 30, after 21 were reported on Saturday, the lowest daily number since June 19. There...

US cases breach 6.7 million as deaths approach 200,000

US coronavirus cases increased by 49,299 on Friday, a 0.7 percent increase that compares with a 0.6 percent daily average over the previous week. It was the second-highest number of new infections on a single day in the last two weeks. Another 932 people died of Covid-19. Confirmed cases...
- Advertisement -

In case you missed it