×

Is China still hacking US? This cyber firm says yes

Chinese state-backed hackers have carried out a string of cyber espionage attacks on U.S. companies, violating a pact signed by the two countries to stop carrying out this kind of activity, according to a cybersecurity company.

The U.S. technology and pharmaceutical sectors have been subject to attacks aimed at the "theft of intellectual property and trade secrets" in the last three weeks, according to U.S group CrowdStrike, which says it has blocked all of the attempted intrusions.

The U.S. and China signed an agreement on September 25 in which the world's two largest economies agreed not to steal corporate data for economic benefit.

But in the following two days there were two attacks on technology companies and further hacking attempts in the following weeks.

"Seven of the companies are firms in the technology or pharmaceuticals sectors, where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national-security related intelligence collection which the Cyber agreement does not prohibit," CrowdStrike wrote in a blog post Monday.

The Chinese government did not respond to a request for comment when contacted by CNBC.

Attributing attacks to specific countries can be difficult as hackers can use a variety of techniques to fake where they are based from. But CrowdStrike said that it could identify the attacks as being carried out by Chinese state-sponsored actors to a "high degree of confidence" and identified one of the hacking groups as Deep Panda, which the firm has been tracking for several years.

China's President XI Jinping and US President Barack Obama hold a meeting during an official State Visit at the White House September 25, 2015 in Washington, DC.
Getty Images
China's President XI Jinping and US President Barack Obama hold a meeting during an official State Visit at the White House September 25, 2015 in Washington, DC.

CrowdStrike added that the particular malware – or malicious code – that the attackers were using was the "preferred tools of a number of different Chinese actors".

The U.S. has also been accused of attacking Chinese companies. Last year, documents revealed by former NSA contractor Edward Snowden showed how the agency hacked Huawei. The U.S. government maintained that this was for national security purposes rather than giving a competitive advantage to U.S. firms.

Technology companies are aware of the continued threat from China. Facebook said on Saturday that it would begin to notify people if it believes a user's account has been "targeted or compromised by an attacker suspected of working on behalf of a nation-state". But the social networking giant made it clear that any notification is not related to a compromise of any of Facebook's platforms or systems.