22 September 2015

Chinese Cyber Attacks on U.S. Targets Slows As Visit by China’s President Nears

September 20, 2015

Chinese Computer Hack Attacks Slow Ahead of Obama Summit: Experts

WASHINGTON — Major intrusions by Chinese hackers of U.S. companies’ computer systems appear to have slowed in recent months, private-sector experts say, ahead of a meeting between China’s president and President Barack Obama with cyber security on the agenda.

Three senior executives at private-sector firms in the field told Reuters they had noticed a downtick in hacking activity.

“The pace of new breaches feels like it’s tempering,” said Kevin Mandia, founder of Mandiant, a prominent company that investigates sophisticated corporate breaches.

A point of friction in U.S.-Chinese relations, cyber security will be a major focus of talks with Chinese President Xi Jinping this week in Washington, D.C., Obama said earlier this week.

In the same remarks, Obama called for a global framework to prevent the Internet from being “weaponised” as a tool of national aggression, while also holding out the prospect of a forceful U.S. response to China over recent hacking attacks.


Mandia has probed major corporate breaches, including those at Sony Pictures Entertainment, Target and healthcare insurers. Experts have connected some of these to a breach of classified background investigations at the U.S. Office of Personnel Management, which was traced to China.

Government-supported hackers in China may have backed off recently as Chinese and U.S. officials began negotiating in earnest over cyber security ahead of the Obama-Xi summit.

“In my gut, I feel like the Chinese and the U.S. over the next couple of years are going to figure this out,” said Mandia, now an executive at Mandiant’s parent, FireEye Inc.

The FBI declined to comment on Friday.

The Obama administration has been weighing bringing economic sanctions against Chinese companies that have benefited from intellectual property theft. But no sanctions have been brought and U.S. companies disagree on the wisdom of such retaliation.

U.S. Assistant Attorney General John Carlin, who leads the Justice Department’s National Security Division, has scheduled a press availability on cyber security for Wednesday in Pittsburgh.

That is the same day that President Xi is scheduled to attend an Internet industry forum in Seattle hosted by Microsoft Corp. Xi will depart the next day for Washington, D.C.

On Saturday, a Justice Department spokesman said Carlin will make routine remarks and answer questions. The spokesman said he expected U.S cyber espionage charges brought in May 2014 against five Chinese army officers would come up. The indictment alleged the officers conspired from 2006 to 2014 to hack into U.S. entities’ computers and steal information.

In July, the FBI said economic espionage cases it had handled in the preceding 12 months were up 53 percent from a year earlier, with China the biggest offender. Statistically, that period could have included a falloff toward the end.

While Mandia said his perception of a slowdown was unscientific and based on “how often my phone has been ringing,” others voiced similar views.

Stuart McClure, chief executive of Cylance Inc., a smaller cyber security firm, said he too had noticed a drop-off in presumed Chinese attacks going back about six months.

“He has more volume” and so has a broader perspective, McClure said of Mandia. “But we have not seen the samples of attacks like we had been.”

Mandia and McClure spoke Thursday on the sidelines of the Billington Cyber Security Summit in Washington, D.C.

Tom Kellermann, chief cyber security officer at large security vendor Trend Micro Inc., said in an interview in New York he also had seen fewer new Chinese hacks recently, though he said one campaign that compromised U.S. defense contractors years ago might be adding new government targets.

“There’s been a consolidation in activity coming out of China,” Kellermann said. “It’s down a notch.”

A spokeswoman for security investigations firm CrowdStrike said in an email that it had not seen a significant change.

The Billington conference featured White House cyber security policy coordinator Michael Daniel. After speaking on a panel, Daniel suggested to reporters that Chinese officials have been listening hard to U.S. complaints on economic spying.

No comments: