Why Have Chinese Cyberattacks Declined?

keyboard-typingBy Mara Hvistendahl

MIT Technology Review

Last summer, an audience of government officials, military personnel, and foreign ambassadors gathered in Aspen, Colorado, to hear John Carlin, then an assistant attorney general, speak about cyberattacks. The Aspen Security Forum, which is held every year at a breathtaking resort in the Rocky Mountains, is the sort of event where national security wonks go for hikes in T-shirts and shorts, then trade war stories over lemon-raspberry water and superfood balls. The news of the Democratic National Committee hack had broken just the day before, and many hoped that Carlin, who headed up the investigation into the incident, might speak candidly about it. Instead, he recounted the Justice Department’s indictment of five hackers in China’s People’s Liberation Army Unit 61398 for commercial espionage—back in 2014 (see “Cyber-Espionage Nightmare”).

A boyish Harvard-trained former prosecutor, Carlin oversaw the department’s efforts to stamp out economic espionage before stepping down earlier this month. In June, the cybersecurity firm FireEye released a report describing a significant decrease since early 2013 in the number of commercial attacks from China, which is the largest source of such attacks. The firm charted attacks on clients around the world by 72 groups that are either based in China or believed to represent Chinese state interests. Beginning in mid-2014, its analysts observed a “noticeable decline” in activity. Intelligence officials have quietly echoed that claim.

For some in the Obama administration, this is proof that using both carrots and sticks to combat Chinese theft of intellectual property—what Carlin called an “all-tools” approach—is working. Indictments and so-called “naming and shaming” have been accompanied by economic sanctions and diplomatic efforts, including a September 2015 agreement between President Obama and Xi Jinping to refrain from conducting or supporting cyber-theft of intellectual property. “This approach is a giant ‘No trespassing’ sign,” Carlin said. “It’s ‘Get off our lawn.’”

But others are not sure the U.S. government should get so much credit. The perceived decline in attacks from China raises a question: why? Former government officials and cybersecurity experts now offer up a range of theories—including a provocative one that questions the extent to which straight commercial cyber-espionage, as opposed to the more targeted spying on military technologies and capabilities that many nations engage in, was ever a priority of the Chinese central government in the first place.

Continue to full article . . . 

Picture: MoD/MOD [OGL (http://www.nationalarchives.gov.uk/doc/open-government-licence/version/1/)%5D, via Wikimedia Commons

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.