Cybersecurity

China has cut back on its cyber-spying activity against US firms: Study

China has scaled back its cyber-espionage activities against the U.S. and its theft of stealing company secrets, according to a new study released on Tuesday.

U.S. cybersecurity firm FireEye said it had seen a "notable decline" in China-based groups' attacks on U.S. firms.

At the height of Chinese cyber-espionage on companies around the world, the hackers were carrying out over 70 network compromises a month. This is down to less than 10 as of May 2016, according to FireEye. The major drop-off in attacks came around mid-2014.

China's cyber activities were brought into the limelight in early 2013 after a number of breaches were disclosed. FireEye released a report at the time outlining the People's Liberation Army's (PLA) involvement in cyber espionage. The contingent known as Unit 61398 was deemed by FireEye to be behind a number of attacks and the cybersecurity company's report highlighted the group's tools, tactics and targets.

U.S. President Barack Obama pays a state visit to China after attending the 22nd Asia-Pacific Economic Cooperation (APEC) Economic Leaders' Meeting.
Getty Images

The Chinese government denied its involvement in hacking, while U.S. lawmakers said FireEye's report backed up what it was seeing.

In May 2014, the U.S. government filed charges against five hackers in the Chinese military, accusing them of stealing American trade secrets through cyber-espionage. And the following year, President Barack Obama signed an executive order allowing the government to freeze the property and assets of individuals engaged in cyber-attacks on the U.S.

Tensions were high between the U.S. and China leading up to a summit between Obama and Chinese President Xi Jinping in September 2015. The two leaders said they had reached a "common understanding" to not engage in cyber-espionage.

These factors have helped to bring down Chinese cyber-espionage on U.S. companies. And in China, Xi Jinping was focused on getting rid of corruption in the military and centralizing the PLA's cyber elements.

"Rather than viewing the Xi-Obama agreement as a watershed moment, we conclude that the agreement was one point amongst dramatic changes that had been taking place for years," FireEye said in its report.

"We attribute the changes we have observed among China-based groups to factors including President Xi's military and political initiatives, the widespread exposure of Chinese cyber operations, and mounting pressure from the U.S. government."

Still, cyber-espionage has continued with a number of Chinese attacks in the last few months. Between April and May 2016, three groups compromised the networks of four firms headquartered in the U.S., Europe and Asia that are involved in the manufacturing and production of semiconductors.