Chinese kept hacking after pact with US: researchers (Update)
Hackers linked to the Chinese government kept up efforts to break into US computer networks even after a cybersecurity agreement between the two countries announced last month, researchers said Monday.
A report by the security firm CrowdStrike said it detected hacking efforts as soon as one day after US President Barack Obama and his Chinese counterpart Xi Jinping announced an agreement not to conduct or condone cyber attacks on each other's private sectors for commercial gain.
"CrowdStrike Falcon platform has detected and prevented a number of intrusions into our customers' systems from actors we have affiliated with the Chinese government," said a blog post from security specialist Dmitri Alperovitch.
"Seven of the companies are firms in the technology or pharmaceuticals sectors, where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national-security related intelligence collection which the cyber agreement does not prohibit."
The US and China announced the accord on September 25 during a visit by Xi to Washington.
Alperovitch said that "the first intrusion conducted by China-affiliated actors after the joint Xi-Obama announcement at the White House took place the very next day—Saturday, September 26."
He added that "we detected and stopped the actors, so no exfiltration of customer data actually took place, but the very fact that these attempts occurred highlights the need to remain vigilant despite the newly minted cyber agreement."
But Alperovitch added that the attacks do not necessarily mean the agreement is a failure.
"The fact that there is some time delay between agreement and execution is not entirely unexpected," he said.
"But, we need to know the parameters for success, and whether the parties to the agreement discussed a timeframe for implementation or, instead, expected it to be immediate."
White House spokesman Josh Earnest said he had no comment on the CrowdStrike report but noted that Obama "made clear that the United States would judge China not based on its words, not based on any verbal commitments, but based on its actions."
"And so you can rest assured that the relevant agencies in the United States government are closely monitoring China's actions in this regard," Earnest told reporters.
"This is obviously a priority, and it's something that the United States government follows closely."
Beijing denied any involvement in commercial cyberspying. "China is a staunch advocate for cybersecurity, as well as a victim of cyberattacks," said foreign ministry spokeswoman Hua Chunying.
She added: "The Chinese government will neither encourage companies to carry out cybertheft for commercial secrets, nor take part in such activities."
© 2015 AFP