FOR THE LAST two years, America’s cybersecurity relationship with China has been held up as a triumph of digital diplomacy: Since the two countries signed an agreement not to hack each others’ private sector companies for commercial gain in late 2015, that pact has come to represent one of the most effective demonstrations in history of government negotiation to curtail state-sponsored cyberspying.
Yet under the surface of that deal, cybersecurity researchers suspect China’s intrusions of American companies continue—including one recent, brazen breach that used a backdoor in the popular CCleaner security to target US companies including Google, Microsoft, Intel and VMware, and left behind a few tell-tale indicators of Chinese involvement. And other researchers say they’ve seen signs of earlier Chinese intrusions designed to siphon exactly the sort of corporate intel the US-China cybersecurity agreement was meant to protect.
Earlier this month, the Trump administration’s Department of Justice and its Chinese counterparts agreed to formally reaffirm that agreement, renewing its promises for years to come. Whatever holes have appeared in the US-China hacking détente, a White House that otherwise wants to erase all sign of the previous administration believes it’s worth maintaining. All of which makes China’s behavior over the last two years—toeing the furthest edge of the agreement’s red line and occasionally crossing it entirely—a case study in the power and limits of diplomacy when applied to curbing secret, deniable, and often invisible digital misbehavior.
Pushing the Limits
“The total threat from China didn’t decrease, it just changed shape” in the two years since America’s cybersecurity agreement with China was first signed, says Chris Porter, the chief intelligence strategist for security firm FireEye, which has closely tracked Chinese hacking activity. For the most part, he says he’s seen China’s hacking groups shift their targeting to their own region, and move from pillaging US companies for intellectual property theft to a focus on traditional government-focused espionage, which falls outside the agreement’s tightly defined ban on hacking foreign companies to give domestic companies a business advantage.
“They’ve been careful to go after targets where you can’t clearly say what they’re taking, or where they can defend what they’re taking as permissible” under the agreement’s exceptions for traditional security-focused espionage, says Porter. “These groups are still taking data they can when they feel it won’t be held against them diplomatically.”
But China’s strategy—essentially doing everything it can get away with under the agreement-—isn’t limited to merely hacking American government targets in its recent spying campaigns. In the CCleaner attack that was uncovered in September, for instance, hackers used a backdoor in a popular security tool distributed by the security firm Avast to infect hundreds of thousands of computers, and tried to use that infection to plant malware on computers at 18 specific tech firms, according to researchers at Cisco’s Talos security division. They successfully planted that second, more targeted payload on machines owned by American companies including Intel, VMware, and DNS provider Dyn, among a longer list of largely Asian companies.
While the link to China remains far from certain, researchers found that the hackers’ server was set to the Chinese time zone, and both the initial malware and that targeted payload shared a significant portion of its code with tools used by a hacker group known as Axiom or APT17, long believed to be based in China.
If that operation were Chinese in origin, it might still not technically violate China’s agreement with the US, so long as those American companies were hacked as part of a traditional, government-focused espionage operation—say, to find hackable vulnerabilities in Intel chips that might allow Chinese operatives to spy on American intelligence agencies.
But FireEye’s Porter says the company’s analysts have tracked cases that edged closer to a violation of the US-China agreement, too, including Chinese hacking groups compromising American firms that were targets for Chinese investment or acquisition, possibly to gain an upper hand in negotiations. Even in those cases, however, Porter says that the motivations behind those thefts—and thus any violation of the US-China agreement—are very tough to prove.
FireEye notes two cases of specific Chinese hacker groups penetrating American private-sector targets with possible business intelligence goals: In April 2016, FireEye saw a suspected Chinese group known as Wekby penetrate a series of US, Canadian, and European targets in the petrochemical, tech, and insurance industries. A couple of months later, a suspected Chinese group known as APT10 restarted its hacking activities after a lull following the initial signing of the US-China agreement, hacking a US managed services provider to access a collection of victim companies.
Letting It Slide
Why, then, has the Trump administration renewed that Obama-era deal, even as China appears to nibble at its edges? The Justice Department didn’t respond to WIRED’s request for comment on its decision to reaffirm the Obama-era agreement. But some of the Obama administration officials who helped to architect the pact argue that the continuation of the deal makes sense. In the vast majority of cases, they say, it continues to accomplish its objectives.
“In broad terms, it was successful,” say J. Michael Daniel, who served as Obama’s White House cybersecurity coordinator. After all, despite the nagging exceptions, as much as 90 percent of Chinese hacking incidents targeting the US private sector did disappear following the agreement, according to numbers from both FireEye and security firm Crowdstrike. “I think it continues to be a success. It did what it was intended to do: It shifted Chinese thinking and behavior.”
And as for the remaining cases of US corporate penetrations that FireEye and other cybersecurity companies continue to point to? “There’s an understanding that you’re not going to reduce intrusions into private companies to zero,” Daniel says. “We never expected that every single instance of stealing intellectual property or trade secrets for commercial gain would go away.”
Daniel argues the few cases in which China has continued to hack American companies could be false flags or misattributions, where non-Chinese activity has been mistakenly pinned on Chinese. They could be traditional espionage, using companies as footholds to get into governmental targets. Or they could be rogue Chinese hacker groups moonlighting for private interests, conducting corporate espionage without the government’s involvement.
“The Chinese government doesn’t have complete and total control over all these Chinese hacker groups,” Daniel says. “Some of that activity may not be the Chinese government, but the companies that it would benefit, hiring those hackers to conduct these operations.”
But playing down violations of the agreement could be shrewd pragmatism as much as a lack of a smoking gun, says Robert Knake, a director of cybersecurity policy in the Obama administration who served until early 2015, before the US-China agreement was made. “It’s not always a bright-line bureaucratic decision,” Knake says. “Will you get the outcome you want by declaring someone in violation? Or do you get it by validating the agreement and then quietly pushing them?”
Knake notes it’s possible the Trump administration is focused on its escalating conflict with North Korea, and doesn’t want to ruffle its relationship with a key ally in the region. “The thinking could be, ‘let’s not start a fight with China too, we need them on North Korea,'” Knake says. “If this were the Obama administration, I would consider that a real possibility.”
The upshot for potential targets of that hacking, regardless, means that China’s teams of well-resourced spies remains a real, if now rarer, threat to corporate cybersecurity. America’s two-year old accord with China shows that diplomacy can indeed tamp down state-sponsored hacking. But it can’t stamp it out.