U.S. President Barack Obama meets with Chinese President Xi Jinping at the start of the two-week climate summit in Paris, France November 30, 2015. Credit: REUTERS/Kevin Lamarque
A deal announced two months ago between China and the U.S. was pitched as bringing an end to economic espionage.
But if any business leader thinks that means their organizations are no longer a target, they haven’t been paying attention.
That is the unanimous conclusion of a number of experts who have been tracking cyber attacks from China in the two months since Chinese President Xi Jinping and U.S. President Barack Obama announced that, “neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property (IP), including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.”
A number of experts pointed to major holes in the language of the agreement as soon as it was announced, most notably that it refers only to the governments of both countries – not their private sectors.
Also, saying the government will not “knowingly support” something is obviously not a promise that it will take steps to stop it.
And it hasn’t stopped. Michelle Van Cleave, former National Counterintelligence Executive (NCIX) and a board member of AFIO (Association of Former Intelligence Officers), put it bluntly. “Agreement or no agreement, China hasn’t changed its behavior. By all accounts it is still as heavily engaged in cyber espionage against American business and industry as ever before.”
She added that since the Chinese public and private sectors are so intertwined, there is no reason to believe that the government is, “impotent or uninvolved when it comes to these lucrative cyber operations.”
Security vendor CrowdStike issued a report in mid-October saying it had detected seven attempted intrusions since the agreement, “where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property (IP) and trade secrets, rather than to conduct traditional national-security related intelligence collection,” which is conducted by all nations and is not covered in the agreement.
CrowdStrike cofounder and CTO Dmitri Alperovitch said the company had not yet released any new findings since that report.
But the conclusions were similar at RiskAnalytics, according to Wayne Crowder, director of threat intelligence. “Our intelligence shows (economic) attacks have stayed consistent since September of this year,” he said.
The same is true at Fidelis Cybersecurity, where CSO Justin Harvey said, “we are still working large-scale breaches where we suspect that China state-sponsored cyberespionage is being conducted.”
And William Munroe, vice president of marketing at Interset, said the firm’s customers report that attacks from China, “remain the same.”
Sign up for CIO Asia eNewsletters.