Is the Chinese government hacking US corporations?

A security firm says its software repelled attempted hacks that started the day after a landmark cyber-theft agreement was announced. Will the pursuit of corporate secrets between the US and China ever subside?

|
Andrew Harnik/AP
A military honor guard await the arrival of President Barack Obama and Chinese President Xi Jinping for a state arrival ceremony, Friday, Sept. 25, 2015, on the South Lawn of the White House in Washington. (AP Photo/Andrew Harnik)

Even after a landmark cyber theft agreement, US companies appear as vulnerable as ever to hacks emanating from China.

In the three weeks after the US and China agreed to stop spying on each other for commercial purposes, hackers associated with the Chinese government have attempted to penetrate at least seven different US companies, according to Reuters.

The prominent security firm CrowdStrike Inc said its software, installed at five technology and two pharmaceutical companies, detected and successfully repelled the attempted intrusions that started on Sept. 26.  

The day before, President Obama and Chinese President Xi Jinping agreed to forbid their governments from permitting cyber theft of trade secrets for the benefit of domestic companies. The White House is aware of the latest attempted hacks but has yet to comment on CrowdStrike's conclusions. 

In an interview with Reuters, CrowdStrike Co-Founder Dmitri Alperovitch said he believed the hackers were associated with the Chinese government, partly because of the software and servers the perpetrators used.

The "primary benefits of the intrusion seem clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional, national-security-related intelligence collection," Alperovitch said in a blog post. He also added that more hacks after the agreement were to be expected:

So does this evidence of ongoing intrusions into the commercial sector from China indicate the failure of the US-China cyber agreement? That depends on what is done about it and how long the current situation persists. As George Kurtz stated on the date of the agreement, “even under the best of circumstances, industry is left to wonder how quickly China’s bold intelligence gathering apparatus might be dismantled.” The fact that there is some time delay between agreement and execution is not entirely unexpected. But, we need to know the parameters for success, and whether the parties to the agreement discussed a timeframe for implementation or, instead, expected it to be immediate.  

Richard Brejtlich, a Senior Fellow at the Brookings Institute, tells The Christian Science Monitor it is too soon to make sense of this latest round of hacks. In an article he wrote shortly after the agreement, he outlined several interpretations for the cyber pact. One included that intrusions would certainly continue, but now under the guise of good governance:  

The United States has a long-standing policy of not passing what it learns from these spying missions to American companies for competitive gain. It’s possible the US administration believes its Chinese counterpart will now act in a reciprocal manner. American companies will still be targeted by Chinese hacking teams, but the Chinese government will claim that it is working to collect economic data and uncover bribery and corruption. Whether the Chinese government passes what it learns to Chinese companies for economic advantage remains an open question.

He also theorized that Mr. Xi may consider the People’s Liberation Army (PLA), Ministry of State Security, and other organizations that typically conduct hacking to be excluded from his definition of “Chinese government.” Therefore, while the “Chinese government” holds up its commitment, shadow groups can still do the dirty work.  

And on Friday, NBC News reported that the Woods Hole Oceanographic Institution, one of the most important scientific research centers in the US, said it was the target of a hack emanating from China in June. The institute has said so far, only commercial data and emails were accessed. The WHOI performs classified research for the US Navy, but a spokesman said sensitive data is kept on a different network than the one that was attacked.

This report contains material from Reuters.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Is the Chinese government hacking US corporations?
Read this article in
https://www.csmonitor.com/World/Global-News/2015/1019/Is-the-Chinese-government-hacking-US-corporations
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe