However, while China-sponsored hacking on the USA has decreased, FireEye said it had increased in other parts of the world including Japan, South Korea, Russia and the Middle East.
Advertisement
As for the causes behind the decline in the number of attacks, FireEye cited a shift in operations caused by ongoing military reforms, widespread exposure of Chinese cyber operations, and actions taken by the US government.
Tensions were high between the US and China leading up to a summit between Obama and Chinese President Xi Jinping in September 2015.
Revealing that cybercriminals operating out of China have, since October 2015, been linked to less than 10 hacking incidents, FireEye’s Global Intelligence Director Laura Galante said that the decline in Chinese hacking of USA government and corporate networks apparently began in 2014, and recorded another dip in 2015.
The most significant decline came during the weeks approaching the bilateral agreement between the US and China, researchers said. The most dramatic drop came during last summer’s run-up to the bilateral agreement, it added. In 2013, its Mandiant unit blamed a certain unit of the Peoples Liberation Army (PLA) of China for a major campaign of economic espionage.
Kevin Mandia, the Mandiant founder who took over last week as FireEye chief executive, said in an interview that several factors seemed to be behind the shift.
A senior Obama administration official said the government was not yet ready to proclaim that China was fully complying with the agreement but said the new report would factor into its monitoring.
“We’ve expressed our principled position on many occasions”, said ministry spokeswoman Hua Chunying.
“Between September 2015 and June 2016, we observed 13 active China-based groups conduct multiple instances of network compromise against corporations in the U.S., Europe, and Japan”, the report states. But while the hackers installed “back doors” to enable future spying, FireEye said it had seen no evidence that data was stolen.
For the study, FireEye observed 72 groups that it says it has “strong indications” are “based in China or otherwise support Chinese interests”.
But while Chinese government-backed hackers appear to be engaging less in wholesale theft of United States intellectual property, evidence suggests that they are increasingly spying on political and military targets in other countries and regions, including Russian Federation, the Middle East, Japan and South Korea.
Advertisement
Laura Galante, an analyst for FireEye, said both hacked companies were in contract with the government.
