Cybersecurity firm: Chinese hacking on U.S. companies persists

The “primary benefits of the intrusion seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional, national-security-related intelligence collection”, CrowdStrike said in a blog post to be published on Monday. On September 25, President Barack Obama said he and Chinese President Xi Jinping agreed that neither government would knowingly support cyber theft of corporate secrets to support domestic businesses.

Security firm CrowdStrike has revealed that its software has documented Chinese attacks on USA firms, with the attacks starting the day after President Obama and President Xi made their agreement public. The company said it stopped this attack and none of its customer’s data was taken, but the fact that this attack occurred “highlights the need to remain vigilant despite the newly minted Cyber agreement”. US spies have hacked into Chinese companies, such as Huawei Technologies Co., though American officials have argued such hacks are for national security purposes and not to steal trade secrets.

Chinese efforts at cyberespionage against the US have been a key sticking point in between the two nations.

However, in accordance with the timeline of the China-linked intrusions released by CrowdStrike, “commercial entities that fit directly within the hacking prohibitions covered under the Cyber understanding” are still being targeted.

The intrusion attempts are continuing, the company says, “with numerous China-affiliated actors persistently attempting to regain access to victim networks even in the face of repeated failures”.

CrowdStrike has told Reuters that it has notified the White House of the intrusions.

Alperovitch said the hackers belonged to several groups including one that CrowdStrike had previously named Deep Panda.

Pointing to one specific group called “Deep Panda”, he adds that previous attempts to infiltrate USA industry has resulted in targeting industries including Finance, Healthcare, Insurance, Legal, Agriculture, Technology and more.

Another US cyber security company, FireEye Inc., said the state-sponsored Chinese hackers that it monitored were still active but it was too soon to say whether their aims had shifted. Those findings were later validated by American intelligence officials.