In the three weeks since Chinese President Xi Jinping and U.S. President Barack Obama agreed not to steal each other's trade secrets and intellectual property through cyber espionage, hackers with ties to the Chinese government have attempted to penetrate the networks of at least seven U.S. companies, according to a prominent U.S. security firm.
The firm, CrowdStrike Inc., said it placed software at five U.S. technology companies and two pharmaceutical companies and detected and rebuffed the attacks, which began on Sept. 26 and continue to this day, sometimes multiple times per day, reported Reuters.
"The primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national security-related intelligence collection," which was not covered under the agreement, CrowdStrike co-founder and chief technology officer Dmitri Alperovitch wrote in a blog post.
On Sept. 25, Obama and Xi Jinping struck a landmark pact in which they agreed that both governments would no longer "conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage," as HNGN previously reported.
The agreement was meant to improve the business relations between the two countries and only bans economic espionage with the intent of stealing commercial trade secrets for the benefit of competitors. The accord stopped short of prohibiting cyberspying to obtain government secrets for national security purposes, including secrets held by private contractors, noted The Associated Press.
Alperovitch said CrowdStrike believes the hacking is connected to the Chinese government because of the specific servers and software the hackers used, which included a program known as Derusbi.
Other analysts have noted that Derusbi was used in previous attacks on Virginia defense contractor VAE Inc., and health insurer Anthem Health earlier this year, according to Reuters.
"We assess with a high degree of confidence that these intrusions were undertaken by a variety of different Chinese actors, including Deep Panda, which CrowdStrike has tracked for many years breaking into national security targets of strategic importance to China," Alperovich wrote in the report.
The group known as Deep Panda has been linked to the Chinese military and is also believed to have been behind the Anthem Health attack.
Chinese Foreign Ministry spokeswoman Hua Chunying insisted that the Chinese government opposes all forms of hacking and does not support stealing commercial secrets.
"Internet hacking attacks are marked by their secretive, cross border nature," she said in a daily news briefing, reported Reuters.
A senior Obama administration official speaking on condition of anonymity said the White House is aware of the CrowdStrike report, but declined to comment on its specific conclusions, according to The Washington Post.
"As we move forward, we will monitor China's cyber-activities closely and press China to abide by all of its commitments," the official said.
