Months after U.S. President Barack Obama reached a truce with Chinese President Xi Jinping to stop supporting cyber espionage of American trade secrets, Chinese cyberattacks on U.S. targets appear to be on the decline.
A new report by cyber security company FireEye Inc. revealed on June 20 that security breaches most commonly attributed to Chinese black hat hackers had decreased by 90 percent in the past two years.
The most significant decline came during the weeks approaching the bilateral agreement between the U.S. and China, researchers said.
Possible Reasons
FireEye is best known for battling sophisticated Chinese hacking. In 2013, its Mandiant unit blamed a certain unit of the Peoples Liberation Army (PLA) of China for a major campaign of economic espionage.
What could be causing the decline in cyberattacks? Mandiant founder Kevin Mandia, who took over as the CEO of FireEye, says there are several factors behind the drop.
He mentioned embarrassment from the 2013 Mandiant report and the 2014 indictment of five PLA officers from the same group that Mandiant uncovered. The victims of this cyberattack included Alcoa Inc., U.S. Steel and Westinghouse Electric.
Mandia also mentioned that the threat just before the truce between China and the U.S. could impose sanctions on Chinese companies and officials.
Still Monitoring
A spokesperson from Obama's office said the government is not yet ready to proclaim that China has indeed been complying with the agreement. However, he says the FireEye report could factor into the monitoring.
The U.S. official, who refused to be named, said that a second round of talks with China on the more intricate details of the agreement had gone well.
The East Asian country sent senior leaders, even after the secretary of the U.S. Homeland Security pulled out due to the Orlando shootings.
Hua Chunying, a spokesperson for China, said the country has expressed its position on the matter countless times.
"We oppose and crack down on commercial cyber-espionage activities in all forms," she added.
Less Attacks, But Stronger
According to FireEye, intrusions from Chinese hackers into several U.S. companies have continued, with at least two firms breached this year. However, although hackers installed "back doors" to allow future spying, FireEye said there is no evidence that data had been stolen.
Laura Galante, an analyst for FireEye, said both hacked companies were in contract with the government. It was likely that the intrusions were methods to gather information on military and government projects.
And as Chinese hackers dropped cyber espionage of U.S. intellectual property, FireEye said these groups increased activity on other military and political targets such as Russia, South Korea, Japan and the Middle East.
Furthermore, FireEye said that although the cyberattacks decreased in volume, it increased in complexity. Like Russian hackers, Chinese intruders pick their targets more carefully and are more cautious in covering their tracks.
Photo: Day Donaldson | Flickr