China doesn’t plan to cease conducting commercial espionage that benefits the central government, even as the U.S. is rolling out new, proactive cyber strategies to counter threats from Beijing, a new report by an Australian think tank says.
Furthermore, China’s hacking capabilities have gotten more sophisticated, with the intention of making the hacking harder to detect, according to a new report by the Australian Strategic Policy Institute.
The report analyzed Chinese espionage in three countries—the United States, Australia, and Germany—and found that the Chinese regime often breached cyber agreements it had signed.
With the United States, for example, former President Barack Obama and Chinese leader Xi Jinping signed an agreement in September 2015 promising that both parties won’t “conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage.”
Washington sought to have China acknowledge the difference between legitimate espionage for political and military purposes, versus illegitimate IP theft for the purpose of economic gains.
Initially, Chinese hacking activity post-agreement seemed to decrease in absolute numbers. But the report said: “A decline in the number of attacks doesn’t necessarily mean a decrease in their impact on US economic interests, as Chinese operators have significantly improved their tradecraft.”
Instead, attacks became more targeted and calculated after the Chinese military was reorganized, and industrial espionage attacks were transferred to another organ of the Chinese regime, the Ministry of State Security (MSS), according to the report. The MSS is an intelligence agency.
Beginning in 2017, hackers re-emerged, targeting “high-technology and advanced manufacturing companies.”
One unidentified security researcher cited in the report said: “Beijing never intended to stop commercial espionage. They just intended to stop getting caught.”
James Mulvenon, a U.S. security researcher, concluded that Beijing never truly accepted the distinctions between legitimate and illegitimate hacking.
Meanwhile, in Germany, there is no formal bilateral agreement with China on cyber commercial espionage.
China has been identified in a government report as a main cyber adversary. A July 2017 report by Bitkom, Germany’s digital industry association, found that German companies lose roughly $64 billion annually from cyber espionage.
As Hans-Georg Maassen, head of BfV, Germany’s domestic intelligence agency, said at an April cyber conference: “Industrial espionage is no longer necessary if one can simply take advantage of liberal economic regulations to buy companies and then disembowel or cannibalize them to gain access to their know-how.”
The Australia report concluded that, ultimately, Western nations need to take more aggressive action: “Unless the targeted states ramp up pressure and potential costs, China is likely to continue its current approach.”
Full article: China Launching More Sophisticated Cyber Attacks and Plans to Persist, Report Says (The Epoch Times)