25 October 2015

UK and China Sign No Cyber Economic Spying Pact

Katie Bo Williams
October 22, 2015

UK, China mirror US anti-hacking pact 

China and the UK have inked an agreement similar to a Beijing-U.S. one reached in September forbidding economic espionage against one another’s companies, The Guardian reports.

The two nations have signed a “high-level security dialogue” regarding cybercrime that is intended to halt hacks on companies either to acquire intellectual property or to disable computer systems, according to The Guardian.

The announcement comes just days after an American research firm accused China of breakingits agreement with the U.S. almost immediately.

“The very first intrusion conducted by China-affiliated actors after the joint Xi-Obama announcement at the White House took place the very next day — Saturday, Sept. 26,” CrowdStrike CEO Dmitri Alperovitch wrote in a Monday blogpost.

Seven of the recently hacked companies were technology or pharmaceutical firms, “where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national-security related intelligence collection, which the agreement does not prohibit,” Alperovitch wrote.


Some security experts caution that the research firm’s claims should be taken with a grain of salt because the company has not opened up its research methods to independent verification.

Alperovitch cautioned that the report doesn’t necessarily indicate that the agreement has been a failure, noting that it might take some time for China to dismantle its espionage apparatus. 

“The fact that there is some time delay between agreement and execution is not entirely unexpected,” Alperovitch wrote. “But, we need to know the parameters for success, and whether the parties to the agreement discussed a timeframe for implementation or, instead, expected it to be immediate.”

The agreement is seen as significant because it marks the first time that China has drawn a distinction — at least nominally — between hacking for traditional intelligence-gathering purposes and hacking for commercial gain.

While the U.K. has been less vocal on the subject of Chinese hacking, Britain’s Government Communications Headquarters has reported a “disturbing” number of cyberattacks on British firms, according to The Guardian.

The agreement is the first time that the U.K. and China have worked together on cybersecurity issues.

The two nations also announced a “global comprehensive strategic partnership” that includes a £67-billion investment in the first British nuclear power plant in a generation.

No comments: