Breach, Threat Intelligence, Data Security

China cyber incursions drop, but more focused, report

A new report from FireEye assesses the outcomes of a September 2015 agreement between President Obama and Chinese President Xi Jinping pledging that neither government would “conduct or knowingly support cyber-enabled theft of intellectual property.”

The study, "Redline drawn: China recalculates its use of cyber espionage," examined nearly three-and-a-half years of cyber activity of 72 groups suspected of either being based in China or working for China state interests.

The study found a significant drop in the success rate of network incursions by China-based groups targeting enterprises in the U.S. and 25 other countries. FireEye attributes the decrease to evolving policies in China's political and military entities, increased public attention to its cyber activity, and moves by the U.S. government, including indicting members of the People's Liberation Army and threatening sanctions.

Researchers witnessed a massive drop in network compromises since 2013 from 72 group suspected to be of Chinese origin. In fact, between 2013 and the beginning of 2016, monthly attacks dropped from over 60 to less than five.

In particular, the study credits Xi Jinping for reforms that consolidated government and military elements conducting cyber operations and a redistribution of state resources to combat criminal and unauthorized use of cyber operations.

However, among the report's conclusion is that while activity has tailed off, it has also focused itself, becoming keener. iSIGHT researchers observed 13 China-based groups succeeding in compromising corporate networks around the world. And cyberespionage activity continues as well, with suspected China-based groups spear phishing governments and commercial organizations in neighboring countries several times in 2015 and 2016.

A spokesperson for FireEye told that Chinese groups are going after more specific targets: “If you review the list of ongoing activity since mid-2015, China-based threat groups seem especially interested in dual-use technologies – systems and software that could have a military or civilian use – and high-tech insights that would allow the Chinese economy to “move up the value chain” from a manufacturing- to consumer-based economy.”

With additional reporting by Max Metzger, SC Magazine UK.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.