Does China’s government hack US companies to steal secrets?

This week, Chinese President Xi Jinping is making his first official visit to the US. It takes place against a background of accusations flung by both the US and China over state-backed hacking.

On Monday this week, a US national security adviser warned China that the hacking must stop and said it put an “enormous strain” on the relationship between the two nations.

How has China responded to the accusations?

It has denied everything.

In an interview with the Wall Street Journal, Mr Xi said: “The Chinese government does not engage in theft of commercial secrets in any form, nor does it encourage or support Chinese companies to engage in such practices in any way.”

He went on to say that cyber-theft of industrial secrets was a crime as were hack attacks against government networks.

Both should be punished according to “law and relevant international conventions”.

The president’s comments echo many others made by Chinese state spokespeople over the years who regularly dispute the accusations levelled at them.

Are China’s denials credible?

Not to Kevin Mandia, boss of security firm FireEye, who has spent 20 years helping the US government and its contractors clear up after data breaches and work out who did them.

“It’s them and we know it’s them,” he said bluntly, when asked if China hacked Western firms.

How can he be sure?

He based his conclusion on 20 years of investigations that have catalogued thousands of attacks – 226 in 2014 alone. Forensic analysis of these has, he said, led FireEye to conclude that the Chinese state is behind them.

The company has evidence about net addresses, net domains, attack techniques, tools and character sets used in the attacks.

It has built up a log of 15-20 separate telltale signs that identify each of the military groups in China behind the breaches and intrusions.

And, he said, the attacks are not random. They are well-organised campaigns that go after specific industries seeking specific data.

Mr Mandia acknowledges that without being in Beijing watching the hackers at work, pinning the attacks on the Chinese state is hard.

But, he said, the weight of evidence very heavily suggests China is behind the attacks.

That, or a separate power has managed to infiltrate the Chinese military and has been using it as a proxy for two decades.

So how can Mr Xi deny that it happens?

Perhaps because the language he used is very carefully chosen. He said the Chinese government does not engage in hacking. It could be argued that the military is separate from the government so the statement is, technically, true.

Why does it continue if there is so much evidence?

Economics, said Mr Mandia. The financial benefits of doing business in China usually far outweigh the cost of your R&D team being spied on or all your legal papers being read.

China is a massive market for many US firms. For instance, more smartphones are sold there than anywhere else and more than 50% of all the jets Boeing makes are operating in China.

Kicking up a stink about hack attacks and data going astray could jeopardise this cash flow, said Mr Mandia.

Will it ever stop?

It might, he said. At the moment many Western nations lead the way in technical innovation making them a target for nations keen to catch up by stealing secrets.

If that balance shifts, then the rate of attacks may slow or the targets may change.

There is a small hope too that diplomacy might force a change. Cyber-attacks are due to be on the agenda when President Xi meets President Obama later this week.

The two nations are ready to “strengthen co-operation” on the issue, Mr Xi said.

It is interesting to note that some security firms, including FireEye, saw a decline in attacks emanating from China in the run-up to the state visit and summit.

Source: http://www.bbc.com/news/technology-34324252

. . . . . . . .

Leave a Reply