Believe It or Not, Chinese-based Cyberattacks Have Decreased

Though no exact figures were released, a new report claims that last year’s almost daily cyber raids on Silicon Valley firms, U.S. military contractors, and major commercial targets by Chinese state-sponsored hackers have been significantly curtailed so far this year.

The assumed reason: Chinese president Xi Jinping has brought the Chinese military – thought to be the main sponsor of that Communist nation’s cyber global attacks – even more under his control. In a similar crackdown, Xi has acted to suppress Chinese media, bloggers and others who challenge the Communist Party online.

The study was conducted by FireEye, a U.S. company that manages large network breaches, as reported June 20 by The New York Times.

The most cogent Times excerpt: “It’s a mixed bag,” said Kevin Mandia, the founder of Mandiant, now part of FireEye, which first detailed the activities of a People’s Liberation Army cyber-arm, called Unit 61398, that had been responsible for some of the most highly publicized thefts of American technology. “We still see semiconductor companies and aerospace firms attacked.”

Today, said the report, Unit 61398 appears to be largely out of business. Its state-sponsored hackers have been dispersed to other military, private and intelligence units.

As a result, the Chinese-based hackers have recently moved their focus from the U.S. to more vulnerable targets in Russia, South Korea and Vietnam.

Another factor: The bi-national agreement reached nearly a year ago by President Obama and Mr. Xi that covered a wide range of intellectual property theft by Chinese agents.

Amid the good news, there’s still plenty of bad: The FireEye report concludes that while Chinese attacks on U.S. targets have decreased in volume, they have increased in sophistication.

The conclusion: Chinese hackers are now more like Russian-based hackers. They pick their targets more carefully, and cover their tracks more effectively.

“We see a threat that is less voluminous but more focused, calculated, and still successful in compromising corporate networks,” the report said.

Let’s be careful out there.


By Darin Andersen

DHS cyber role elevated in new legislation

The Department of Homeland Security is likely to expand its role and profile as the lead agency in the federal government for cybersecurity. A bill approved by the House Homeland Security Committee could create a new DHS cyber defense agency that would be called the Cybersecurity and Infrastructure Protection Agency. The transformation would reorganize and optimize key cybersecurity roles and functions currently in DHS’s National Protection and Programs Directorate. The change may take place as early as 2017 as it has strong bi-partisan support.

The prospective agency would replace NPPD and put a stronger focus on DHS’s integral role in cyber preparedness, response and resilience. More importantly, it would reorganize the agency into an operational role to help protect against targeted cyber intrusions of the nation’s critical infrastructure, such as financial systems, chemical plants, water and electric utilities, hospitals, communication networks, commercial and critical manufacturing, pipelines, shipping, dams, bridges, highways and buildings.

DHS’s responsibility to protect against cyber threats has evolved significantly from early days of the department and its creation under the Homeland Security Act of 2002. A major reason for this new focus on cybersecurity has been the rapid changes in the information technology landscape. Since 2002, the capabilities and connectivity of cyber devices and communications has grown exponentially. So have the cyber intrusions and threats from malware and hackers, requiring restructuring of priorities and missions. The cyber threat reaches far beyond terrorists, and includes various criminal enterprises and adversarial nation states.

A change in these risk environments has corresponded with a heightened DHS collaboration with other agencies, and especially the private-sector stakeholders who own most of the nation’s vital infrastructure. DHS has had to step up assessing situational awareness, information sharing and resilience research and development plans with these stakeholders to mitigate risk and protect critical infrastructure and key resources.

DHS’s heightened cybersecurity mission was also reaffirmed via the House Appropriations Subcommittee on Homeland Security allocating $1.1 billion in fiscal 2017 for cybersecurity programs.

DHS has significantly evolved since 2002 and has elevated its technological and organizational capabilities in confronting security and terrorist threats. The new reorganized and streamlined agency will address the new security challenges of the digital world and hopefully enable DHS to successfully fulfill its growing leadership role.

Charles (Chuck) Brooks serves as the vice president for government relations & marketing for Sutherland Government Solutions. He served at the Department of Homeland Security as the first director of legislative affairs for the Science & Technology Directorate. Find him on Twitter: @ChuckDBrooks.