China’s Cyberspace Minister Accuses U.S. of Hacking

Aside from defending China’s right to block foreign websites, top Internet regulator struck back against accusations at a news conference on Thursday. 80 per cent of government websites in China, he claimed, have come under hacking assaults, many reportedly launched from the US. The Financial Times’ Charles Clover reports:

China’s internet tsar has lashed out at US cyber hacking allegations against his country, saying it was in fact the “world’s largest victim” of the practice.

[…] “There are some who accuse China of hacking, and here I must stress that we do not permit hacking of others’ networks to attain information,” said Mr Lu, adding: “China is the world’s main victim of cyber hacking.” [Source]

Nevertheless, Lu told the audience that Sino-American talks on cyber security cooperation had not stalled as previously reported. From Reuters’ Gerry Shih:

Lu Wei, head of the State Internet Information Office, condemned the use of “superior technology to attack or steal secrets”. But he described U.S.-China dialogue on as “unhindered”, less than a week after the talks appeared to have stalled.

Chinese state councillor Yang Jiechi told U.S. Secretary of State John Kerry this month that resuming cybersecurity cooperation between China and the United State would be difficult because of “mistaken U.S. practices”.

Speaking to reporters at a Beijing news conference on Thursday to publicize an Internet conference, Lu said the two countries had “differences but also commonalities”, and he hoped they could find common ground. [Source]

The latest hacking accusations against China involve a group of allegedly government-backed hackers dubbed “Axiom” that is said to target foreign companies, government agencies, and dissidents both inside and outside China. Ellen Nakashima at Washington Post reports:

In a report to be issued Tuesday, the researchers said Axiom is going after intelligence benefiting Chinese domestic and international policies — an across-the-waterfront approach that combines commercial cyberespionage, intelligence and counterintelligence with the monitoring of dissidents.

Axiom’s work, the FBI said in an industry alert this month, is more sophisticated than that of Unit 61398, a People’s Liberation Army hacker unit that was highlighted in a report last year. Five of the unit’s members were indicted this year by a U.S. grand jury. The researchers concur with the FBI’s conclusion, noting that, unlike Unit 61398, Axiom is focused on spying on dissidents as well as on industrial espionage and theft of intellectual property.

“Axiom’s activities appear to be supported by a nation state to steal trade secrets and to target dissidents, pro-democracy organizations and governments,” said Peter LaMontagne, chief executive of Novetta Solutions, a Northern Virginia cybersecurity firm that heads the coalition. “These are the most sophisticated cyberespionage tactics we’ve seen out of China.” [Source]

At Bloomberg News, Chris Strohm and Michael Riley report that a number of private sector firms in the US are now forming coalitions to combat Chinese hacking assaults in new and innovative ways:

A coalition of technology companies says it has disrupted a hacking campaign linked to Chinese intelligence, demonstrating for the first time a private-sector model that they believe can move faster than investigations by law enforcement agencies.

[…] The take-down largely bypassed traditional law enforcement tools, relying instead on cooperation between companies that are normally fierce competitors. Coalition members — which include Microsoft Corp. (MSFT), Cisco Inc. (CSCO) and Symantec Corp. (SYMC) — say they can act faster than governments because they operate global Internet systems and have business relationships with tens of thousands of companies.

“We believe this is a first-of-its-kind effort,” said Peter LaMontagne, chief executive officer of Novetta Solutions LLC, a cybersecurity company based in McLean, Virginia, that is part of the coalition. “The security industry is starting to raise the bar, or hopefully forcing hostile actors to have to spend more of their resources” to continue attacks. [Source]

A recent study found that China and the U.S. were both implicated in thousands of attacks on a “honeypot” decoy computer.