China cuffs hackers at US request to stave off sanctions

Cooperation – what a concept


Hacking suspects have been arrested in China by the nation's authorities at the behest of the US government for the first time, The Washington Post reports.

The unprecedented arrests took place in early September – shortly before Chinese President Xi Jinping's state visit to Washington – and appeared aimed at providing a show of good faith and forestalling the possibility of the US levying economic sanctions against China.

Washington has been complaining for years that state-sponsored hackers from China have been ransacking US hi-tech firms in order to steal secrets subsequently handed over to Chinese firms. Aerospace and military contractors have been the most high-profile examples of such skullduggery, but examples abound across many sectors, according to various US security intelligence firms.

China has always insisted it doesn't engage in the theft of commercial secrets, and claims it's more hacked against than hacking. Few independent infosec experts believe these denials, essentially because of the weight of circumstantial evidence of hacking by PLA (People's Liberation Army) units and other elements of the Chinese state.

US intelligence and law enforcement agencies reportedly put together a list of hackers the United States wanted arrested. China has seemingly responded to this and arrested an unspecified number of suspects. Details of how many were cuffed and what exactly they are accused of remain unclear.

Beijing watchers are waiting to see whether local prosecutions will follow. It's as yet unclear whether the arrests represent a shift in policy or a temporary move designed to placate the US and avoid the possibility of sanctions at the time when China's growth is imperiled by local stock market instability.

US President Barack Obama and Chinese President Xi Jinping agreed last month to a deal in which neither side will engage in commercial espionage against the other. The pact has no bearing on political or "national security" targets, which are still considered fair game, as previously reported.

The deal featured a Chinese commitment to provide "timely responses" to requests for assistance from the US related to hacking attacks. This commitment came after the arrests.

"I bet they nabbed 'contractors,' not PLA/MSS*," FireEye/Mandiant strategist Richard Bejtlich said in a series of tweets about the arrests. "If CN gov arrested [PLA Unit] 61398 members, CN gov will likely claim they were rogue actors. Fits w/anti-corruption campaign, but bad for PLA morale."

PLA Unit 61398 (APT1) is a Shanghai-based Chinese army unit blamed for mounting a sustained series of cyberattacks against US businesses, and outed by FireEye in 2013. Five 61398 officers were indicted on charges of theft of confidential intellectual property and planting malware in US corporations back in May 2014. Those arrested in China last month may have nothing to do with that earlier case.

If a case based on the recent arrests goes forward, it's more likely to be dealt with in China, according to Bejtlich.

"Next milestone would be extradition of CN hackers to US. I doubt that will happen. Dangerous precedent. Wouldn't want our guys sent to CN," he noted. ®

* MSS is China's Ministry of State Security, an intelligence agency.

Similar topics

Broader topics

Narrower topics


Other stories you might like

  • Tesla driver charged with vehicular manslaughter after deadly Autopilot crash

    Prosecution seems to be first of its kind in America

    A Tesla driver has seemingly become the first person in the US to be charged with vehicular manslaughter for a deadly crash in which the vehicle's Autopilot mode was engaged.

    According to the cops, the driver exited a highway in his Tesla Model S, ran a red light, and smashed into a Honda Civic at an intersection in Gardena, Los Angeles County, in late 2019. A man and woman in the second car were killed. The Tesla driver and a passenger survived and were taken to hospital.

    Prosecutors in California charged Kevin George Aziz Riad, 27, in October last year though details of the case are only just emerging, according to AP on Tuesday. Riad, a limousine service driver, is facing two counts of vehicular manslaughter, and is free on bail after pleading not guilty.

    Continue reading
  • AMD returns to smartphone graphics with new Samsung chip for your pocket computer

    We're back in black

    AMD's GPU technology is returning to mobile handsets with Samsung's Exynos 2200 system-on-chip, which was announced on Tuesday.

    The Exynos 2200 processor, fabricated using a 4nm process, has Armv9 CPU cores and the oddly named Xclipse GPU, which is an adaptation of AMD's RDNA 2 mainstream GPU architecture.

    AMD was in the handheld GPU market until 2009, when it sold the Imageon GPU and handheld business for $65m to Qualcomm, which turned the tech into the Adreno GPU for its Snapdragon family. AMD's Imageon processors were used in devices from Motorola, Panasonic, Palm and others making Windows Mobile handsets.

    Continue reading
  • Big shock: Guy who fled political violence and became rich in tech now struggles to care about political violence

    'I recognize that I come across as lacking empathy,' billionaire VC admits

    Billionaire tech investor and ex-Facebook senior executive Chamath Palihapitiya was publicly blasted after he said nobody really cares about the reported human rights abuse of Uyghur Muslims in China.

    The blunt comments were made during the latest episode of All-In, a podcast in which Palihapitiya chats to investors and entrepreneurs Jason Calacanis, David Sacks, and David Friedberg about technology.

    The group were debating the Biden administration’s response to what's said to be China's crackdown of Uyghur Muslims when Palihapitiya interrupted and said: “Nobody cares about what’s happening to the Uyghurs, okay? ... I’m telling you a very hard ugly truth, okay? Of all the things that I care about … yes, it is below my line.”

    Continue reading

Biting the hand that feeds IT © 1998–2022