CNET también está disponible en español.

Ir a español

Don't show this again

Tech Industry

China's daily cyberattacks on the US are in decline, says report

China's hacker groups have been laying off the US and 25 other countries that they have previously targeted, according to security firm FireEye.

President Obama made cybersecurity discussions a priority on his Chinese counterpart's recent US visit.

Feng Li, Getty Images

A sharp drop-off in the number of cyberattacks on US interests originating in China has been recorded by security firm FireEye. The group said in a report published Monday that it suspected the decline is a reflection of work by the US and Chinese governments to rein in the activities of groups conducting the attacks.

At one point such attacks -- many aimed at Silicon Valley tech companies -- were occurring on an almost daily basis. This is no longer the case, in part thanks to the US government's plea to China to lay off its cyberspying efforts, which are mainly designed to steal industrial secrets from successful US businesses. Chinese military reforms conducted by President Xi Jinping are also thought by FireEye to have played a key role in the decline of attacks.

FireEye reviewed the activity of 72 groups operating in China or representing Chinese interests, going back three and a half years. It found that since mid-2014, there has been a steep decline in the number of attacks not only on the US, but on 25 other countries, including Russia, Japan and several European nations.

This predates the meeting in September 2015 between President Barack Obama and the Chinese leader, who agreed that neither country would "conduct or knowingly support cyber-enabled theft of intellectual property." It seems that this was not "a watershed moment," according to FireEye, but rather "one point amongst dramatic changes that had been taking place for years."

Since late 2015, however, 13 China-based groups have compromised corporate networks in the US, Europe and Japan, FireEye said. They have also targeted government, military and commercial entities in the countries surrounding China.

"We have not seen evidence of a coordinated shift in the behavior of recently active China-based groups," the FireEye report said. "Tactical changes appear to be specific to each group's mission and resources, and in response to public exposure of its cyber operations."