Seven U.S. companies were close to becoming victims of cyber breaches at the hands of hackers associated with the Chinese government, a U.S. security firm reported. This comes three weeks after the two countries agreed to not spy on each other for commercial purposes.
CrowdStrike, Inc. detected seven attacks against five technology companies and two pharmaceutical companies “where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national security-related intelligence collection,” as reported by CBS News.
These attacks, the firm says, began on September 26. President Barack Obama said that he and the Chinese President Xi Jinping had agreed on September 25 that neither country will indulge in cyber theft of corporate secrets for commercial purposes; the first attack came the next day. While the targets of the attacks were not revealed by the firm, citing client confidentiality, the potential breach was foiled before the hackers got the chance to steal any corporate secrets.
On Monday, a timeline of hacks against “commercial entities that fit squarely within the hacking prohibitions covered under the cyberagreement” with China was released by CrowdStrike, Inc. These attempts to penetrate U.S. companies are increasing “with many of the China-affiliated actors persistently attempting to regain access to victim networks even in the face of repeated failures.”
However, how the attacks could be traced to China hasn’t been made clear by CrowdStrike. “We assess with a high degree of confidence that these intrusions were undertaken by a variety of different Chinese actors, including Deep Panda, which CrowdStrike has tracked for many years breaking into national security targets of strategic importance to China,” Dmitri Alperovich, a founder of CrowdStrike, wrote in a blog post.
Chinese Foreign Ministry spokeswoman, Hua Chunying, maintained that the Chinese government did not support cyber theft or stealing commercial secrets. In a daily news briefing, she said, “Internet hacking attacks are marked by their secretive, cross border nature.”
A senior Obama administration official said that the government was made aware of the security firm’s findings. “As we move forward, we will monitor China’s cyber activities closely and press China to abide by all of its commitments,” the official said.
Another U.S. cyber security firm, FireEye, Inc., said that while there were signs of cyber theft from China, “it is premature to conclude that activity during this short time frame constitutes economic espionage,” FireEye spokesman, Vitor De Souza, said, as reported by Huffington Post.