Chinese hackers go after think tanks in wave of more surgical strikes
2016 saw a significant drop-off in cyber-espionage by China in the wake of a 2015 agreement between US President Barack Obama and Chinese Premier Xi Jingping. But over the course of 2017, espionage-focused breach attempts by Chinese hackers have once again been on the rise, according to researchers at CrowdStrike. Those attempts were capped off by a series of attacks in October and November on organizations involved in research on Chinese economic policy, US-China relations, defense, and international finance. The attackers were likely companies contracted by the Chinese military, according to Adam Myers, vice president of intelligence at CrowdStrike.
The drop in Chinese cyber-espionage may have been influenced by the 2015 agreement, reached as the US considered imposing sanctions against China. The US did so in the wake of the massive breach at the Office of Management and Budget—an operation attributed to China—and a vast economic espionage campaign in which Chinese hackers were alleged to have breached more than 600 organizations in the US over a five-year period.
But Myers told Ars that the drop may also have been because of a reorganization of China's People's Liberation Army (PLA), in which "they did a rightsizing and reduced 300 positions out of PLA's cyber-operations units," Myers said.