Chinese hackers arrested at US request
Late last month, China’s president Xi Jinping made a state visit to the US and it resulted, among other things, in an agreement that the US and China will provide each other timely responses to requests for information and assistance concerning malicious cyber activities, will cooperate with requests to investigate cybercrimes, and will not conduct or support cyber-enabled theft of intellectual property.
It was revealed on Friday by The Washington Post that a week or two before president Xi came to the US, China arrested an unspecified number of Chinese hackers that have apparently stolen commercial secrets from US companies in order to share them with Chinese state-run companies.
It is unknown whether the arrested individuals are the five Chinese military officers that have been indicted in May 2014 for computer hacking, economic espionage and other offenses directed at six American victims in the US nuclear power, metals and solar products industries.
The news made FireEye/Mandian strategist Richard Bejtlich wonder whether the arrested hackers were members of the APT1 hacker group Mandiant believes to be a unit of China’s People’s Liberation Army (PLA). Although, he noted, if the Chinese government did arrest those particular individuals, they are likely to claim they were rogue actors.
He also noted that its unlikely that the hacker will be extradited to the US, because such a move would set a dangerous precedent.
The arrests are likely the first ones China has carried out at the request of the US, but the US is still sceptical about what this move means and whether China will continue to prosecute this group and others.
It’s generally believed that this arrest was a show of good faith made before Xi’s visit, and a way to stave off potential economic sanctions.
The US is looking to see whether cyberespionage attacks against US business organizations will slow down in the coming months. In the meantime, potential sanctions against China are still being debated, and a lists of other Chinese-based hackers wanted by the US is being compiled.