Day After Agreement on Cybersecurity Between US and China, Security Firm Reports Cyberattack From China

Posted: Oct 19, 2015 5:02 PM
Day After Agreement on Cybersecurity Between US and China, Security Firm Reports Cyberattack From China

The day after President Obama and Chinese President Xi Jinping reached an agreement on cyber theft last month, China attempted to hack American corporate intellectual property, cybersecurity firm CrowdStrike recently announced.

The Irvine, California-based company, CrowdStrike, says it documented seven Chinese cyberattacks against U.S. technology and pharmaceuticals companies "where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national security-related intelligence collection."

"We've seen no change in behavior," said Dmitri Alperovich, a founder of CrowdStrike who wrote one of the first public accounts of commercial cyberespionage linked to China in 2011.

One attack came on Sept. 26, CrowdStrike says, the day after President Barack Obama and Chinese President Xi Jinping announced their deal in the White House Rose Garden. CrowdStrike, which employs former FBI and National Security Agency cyberexperts, did not name the corporate victims, citing client confidentiality. And the company says it detected and thwarted the attacks before any corporate secrets were stolen.

The day of the September meeting President Obama said the two leaders agreed that neither government "will conduct or knowingly support the cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage."

CrowdStrike’s timeline of recent attempted attacks may show that the Chinese did nothing but pay lip service to the Obama administration on this matter. And worse, they’re ongoing. The company said that “many of the China-affiliated actors [are] persistently attempting to regain access to victim networks even in the face of repeated failures."

In addressing whether these intrusions mean the cyber agreement between the U.S. and China failed, Alperovich said it “depends on what is done about it and how long the current situation persists.”

The delay in execution of the agreement is somewhat understandable, he continued, but going forward it needs to be made clear what the “parameters for success” are. In other words, what was the timeframe for implementation?

Even if that is cleared up, however, the U.S. government and all private cybersecurity companies must remain vigilant.