The pressure from the United States and the public exposure of hacking attempts by hacker groups probably based in China may have paid off. According to security firm FireEye, the overall number of intrusion attempts targeting businesses in the United States and 25 other countries has dropped. But the hackers have not given up…
From mid-2014, shortly after the US government retaliated against China, including the indictment of members of the Chinese People’s Liberation Army for computer hacking, economic espionage In addition to other charges, but also the serious threats of sanctions that followed, the security company FireEye has seen in several countries a notable drop in attempted intrusions by groups suspected of operating from China. “We believe that this change in strategy is a consequence of the ongoing reforms within the Chinese military apparatus, but also of the publicity made around the Chinese cyber espionage operations and the measures taken by the American government”, indicates the report. released yesterday by FireEye’s iSight Intelligence global threat protection service which tracked the activity of 72 groups operating from China or supporting Chinese interests.
Recently, other security companies have delivered similar analysis to explain the slowdown in hacking actions by groups suspected of operating from China, especially since the drastic measures taken by the US government. Nevertheless, last April, Admiral Michael Rogers, commander of the US Cyber Command, told a Senate committee that cyber espionage operations carried out from Chinese territory continued to “target and exploit US government computer networks , the defense industry, the education system and private companies”.
Quality instead of quantity
The real change came in May 2014, when five members of the Chinese People’s Liberation Army were formally charged with espionage. Then, in April 2015, President Barack Obama authorized the prosecution of individuals or entities “involved in cyber espionage activities that pose a serious threat to the national security, foreign policy, economic health, or financial stability of the United States.” United “. This decision was followed by several statements suggesting that the US government could impose sanctions on China. Finally, in September 2015, during the meeting of Barack Obama and Chinese President Xi Jinping visiting the United States, the two leaders declared that their countries were committed not to carry out cyber espionage actions or not to support groups of pirates whose mission would be to steal trade secrets. Eventually, “between February 2013 and May 2016, active intrusion attempts by China-based hacker groups dropped from over 60 to just a few,” FireEye notes.
However, according to experts, the decrease in the number of attacks does not necessarily mean that the Chinese hacker groups have given up on their targets. They believe that from now on pirates will undoubtedly favor quality over quantity. “Since late 2015 and into 2016, hacker groups that may well be based in China have continued to launch attacks against networks in the United States, Europe and Japan. These groups have also targeted government institutions, military, and commercial entities in countries neighboring China,” FireEye said. Among the targets of 2016, the security company cites a company working for the American administration, no doubt targeted to steal information on military projects, and four companies based in the United States, Europe and in Asia who work in the semi-conductor sector and chemicals used in the manufacture of certain devices.