19
China attempted to hack on US companies after cyber pact
Hackers related to the Chinese government have attempted to infiltrate at least seven U.S. firms in the three weeks since Washington and Beijing agreed not to spy on each other for commercial motives, according to a leading U.S. security business.
CrowdStrike said software it set at five U.S. technology and two pharmaceutical companies had found and rebuffed the strikes, which started on Sept. 26.
The deal stopped short of limiting spying to acquire government secrets, including those.
CrowdStrike Cofounder Dmitri Alperovitch said in an interview he considered the hackers who assaulted the seven firms were affiliated with the Chinese government based in part on software and the servers they used.
The software contained an application called Derusbi, according to Alperovitch. Other analysts have said Derusbi formerly turned up in strikes on health insurance company Anthem and Virginia defense contractor VAE. Alperovitch said the hackers came from various groups including one that CrowdStrike had formerly named Deep Panda.
The “primary advantages of the intrusion appear definitely aligned to ease theft of intellectual property and trade secrets, rather than to run conventional, national security-related intelligence group,” CrowdStrike said in a blog post to be released on Monday.
Chinese Foreign Ministry spokeswoman Hua Chunying repeated the Chinese government opposed all kinds of hacking or stealing commercial secrets.
A senior Obama administration official said the government was conscious of the findings of CrowdStrike but declined to address the decisions of the firm.
“As the company move forward, we will monitor China’s cyber actions closely and press China to abide by all its own obligations,” said the official who didn’t wish to be recognized by name.
There are no comments.