Hackers with ties to the Chinese government appear to be targeting US companies despite a recent security deal between the US and China's government, which promised to stop cyberattacks aimed at stealing economic secrets.
Dmitri Alperovitch, the chief technology officer of Crowdstrike, an American security company, warned on Monday that China hasn't stopped its online economic espionage just yet.
"The very fact that these attempts occurred highlights the need to remain vigilant despite the newly minted Cyber agreement," Alperovitch wrote in a blog post, where he explained that the company has detected several attacks with the goal of stealing intellectual property and trade secrets since the announcement of the deal.
"I can't tell you whether these hackers are moonlighting or whether they're getting orders directly from the government."
Alperovitch told Motherboard that Crowdstrike is "pretty confident" these attacks were carried out by Chinese hackers, but can't be certain whether "whether these hackers are moonlighting or whether they're getting orders directly from the government."
Alperovitch revealed that "the very first" attack happened on "the very next day" after President Barack Obama and President Xi Jinping reached an agreement.
The company, which has close ties to the US government, including some executives who used to work at the FBI, said there have been at least seven other attacks targeting "technology" and "pharmaceutical" companies, though it didn't name the targets.
A senior administration official told Motherboard that the White House is "aware of this report," but declined to comment on "its specific conclusions."
"We have and will continue to directly raise our concerns regarding cybersecurity with the Chinese," the official added. "As we move forward, we will monitor China's cyber activities closely and press China to abide by all of its commitments."
Security experts were not too surprised by the findings.
Still, this might not necessarily mean the deal is doomed to fail, according to security expert Jason Healey, a senior research scholar at Columbia University. If the attacks have decreased in frequency, this could mean the Chinese are rolling back their attacks.
"Has the pace slowed down? Would we have expected to have seen fourteen incidents at this point?" he told Motherboard in an email.
Healey added that "diplomacy is analog, not binary, and a 'non-zero' improvement is still an improvement," especially considering that "this deal cost the United States essentially nothing yet we have an awful lot to gain."
"Diplomacy is analog, not binary, and a 'non-zero' improvement is still an improvement."
Alperovitch, however, said in a phone interview that the pace has not slowed down, adding that "it's more or less the same," both in terms of number of attacks and techniques.
Yet, he remains optimistic.
"Call me an optimist, but I continue to have hope that meaningful progress can be made to turn the corner and establish norms of behavior for nation-states in cyberspace," he wrote in the blog post.
Crowdstrike's report comes on the heels of a series of alerts sent out by the FBI to security firms and contractors, alerting them of Chinese cyberattacks, which were first reported by The Daily Beast.
In that case, however, the hackers appeared to target military or government contractors with the goal of doing traditional espionage to gather intelligence, not stealing trade secrets. These kind of attacks, such as the one on the Office of Personnel Management (OPM), are not forbidden under the terms of the US-China deal.