Chinese hackers targeting US firms’ financial data, report says
Cyberattacks looking to get information on bid prices, contracts and mergers and acquisitions, US-based security company claims
China is boosting efforts to steal more financial information from US companies, seeking to give domestic enterprises an edge in international deals, computer security firm FireEye said.
State-controlled Chinese hackers have increased attacks against American companies to obtain information related to bid prices, contracts and mergers and acquisitions, FireEye said in a report on Wednesday.
The allegations of financial espionage comes just as trade tensions between the US and China could lead to a full-blown trade war. While the Asian country has denied supporting hacking activities, US security investigators have pointed to evolving threats that originate from the world’s second largest economy. The hacking of trade secrets is happening even as China has made efforts to honour an agreement to rein in the theft of intellectual property.
“Rather than stealing intellectual property and potentially devaluing it, buying the company at a good price may be another way to get access to the intellectual property and maintain the economic value,” said Bryce Boland, chief technology officer for Asia-Pacific at FireEye.
FireEye did not identify victims or provide the number of attacks. Officials at China’s Ministry of Foreign Affairs did not immediately respond to a faxed request for comment. Ministry spokesman Lu Kang said at a briefing last month that China opposed all kinds of cyberattacks. “We will continue to implement the important consensus on cybersecurity reached in 2015,” he said.
The 2015 agreement sought to rein in the cyber-theft of intellectual property after the White House warned it could impose economic sanctions on Chinese companies and people in response to a string of attacks. The Washington summit was seen as a step toward resolving one of the biggest thorns in the relations between the two countries. FireEye detected as many as 72 cyber-operations conducted by Chinese hackers in 2013.
A quarter of American companies surveyed by the American Chamber of Commerce in China the same year said their corporate secrets had been compromised in their Chinese operations, The New York Times reported. An email to the organisation seeking comment was not immediately returned.
China renewed its anti-hacking agreement with the US, but a month later the US charged three Chinese citizens with cyber-espionage against Siemens, Trimble and Moody’s Analytics, saying they stole sensitive information, including trade secrets.
One Chinese group called APT10 targets technology companies worldwide and uses spear-phishing to infiltrate computers, FireEye said, adding it had seen a surge in espionage targeting cloud services, telecommunications companies and law firms.
“From what we observed, Chinese state actors can gain access to most firms when they need to,” Boland said. “It’s a matter of when they choose to and also whether or not they steal the information that is within the agreement.”