President Obama’s cyber-security deal with China is beginning to look a lot like his Iran nuke deal: Obama makes loud pronouncements about a new era of mutual understanding and cooperation, while his partners-in-peace stab him in the back.
China waited less than 24 hours to resume hacking U.S. companies after Obama and President Xi Jinping announced a new era of mutual commitment to data security, according to research from a security firm called CrowdStrike, as reported by The Hill.
“The very first intrusion conducted by China-affiliated actors after the joint Xi-Obama announcement at the White House took place the very next day – Saturday, Sept. 26,” CrowdStrike CEO Dimitri Alperovitch wrote on his blog.
Alperovitch went on to say that most of these new hacking targets were technology and pharmaceutical firms, suggesting the intrusions were meant to “facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national-security related intelligence collection, which the agreement does not prohibit.”
He suggested that the Chinese might need more time to ramp down their militarized hacking operations, which seems like an odd contention, given that China is an authoritarian regime – if the big bosses of the Politburo tell their underlings to stop hitting American targets, they stop – and also that China knew for some time that Obama wanted to use Xi’s visit to declare a cyber-war truce. The hacking squads of the People’s Liberation Army could not have been taken completely by surprise when Obama and Xi made their announcement. China had plenty of time beforehand to trim the hacking back.
Their failure to do so might be taken as a sign that the Politburo has somewhat limited control over the hacking groups it uses for the worst of dirty work. China likes to maintain the fiction that the hackers are rogues acting beyond government control, although The Hill notes they had no problem working up a few arrests last week of “cyber thieves” identified by the U.S. government, in what supposed to be a show of good faith.
Some analysts think the most active Chinese hackers are semi-rogue operations, directed and sponsored by Beijing but kept at plausibly-deniable arm’s length. Others believe even that is a fiction, and the PLA has direct control over the hackers. The group fingered by CrowdStrike as the culprits behind some of the latest raids, “Deep Panda,” is often depicted as linked to the Chinese government without being micro-managed by them.
There is no reason to soft-pedal what these attacks represent. So far, it looks like Obama’s agreement with Xi was just for show. Obama loves to talk tough and pat himself on the back for intimidating the Chinese into good behavior, such as his post-agreement declaration that he would be “watching carefully to make an assessment as to whether progress has been made in this area.”
In truth, Beijing clearly sees no need to make any “progress” beyond tagging and bagging a couple of disposable hackers to reinforce its long-standing narrative about how it hates cyber-espionage more than anyone… while its campaign of cyber-espionage continues unabated.
Xi knows Obama has neither the inclination, nor political stature, to make his big splashy announcements look foolish by calling China out, and there isn’t much he would be prepared to do about it anyway. China has only to look at Iran to see how seriously an Obama sanctions threat should be taken.