Seven U.S. companies were allegedly under cyberattack by hackers known to be associated with the Chinese government, despite the non-cyber aggression agreement signed three weeks ago by Washington and Beijing.
The attacks were conducted against five technology companies and two pharmaceutical businesses, starting September 26, just one day after the two presidents agreed not to support cyber theft pursuing corporate secrets.
“Seven of the companies are firms in the Technology or Pharmaceuticals sectors, where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national-security related intelligence collection which the Cyber agreement does not prohibit,” wrote CrowdStrike Co-founder Dmitri Alperovitch, the security company that lead the investigations. “The very first intrusion conducted by China-affiliated actors after the joint Xi-Obama announcement at the White House took place the very next day – Saturday September 26th.”
Although the methods and software used by attackers point to a variety of Chinese actors known totarget Agriculture, Chemical, Financial, Healthcare, Insurance, Legal, Technology and other industries, an investigation is underway, according to U.S. officials.
“As we move forward, we will monitor China’s cyber activities closely and press China to abide by all of its commitments,” said an Obama administration official who asked to remain anonymous.