China didn't wait long to start hacking U.S. companies after its president promised his country would stop, according to a U.S. cybersecurity firm. In fact, hackers waited only one day.
CrowdStrike, a firm that defends some Fortune 500 companies, said it has warded off "a number of intrusions" from Chinese hackers against its clients since Chinese President Xi Jinping held a press conference with President Obama on Sept. 25 to say that neither country would engage in such activity.
"The very first intrusion conducted by China-affiliated actors after the joint Xi-Obama announcement at the White House took place the very next day — Saturday September 26th," wrote Dmitri Alperovitch, the company's chief technology office, in a blog post on Monday.
"The intrusion attempts are continuing to this day, with many of the China-affiliated actors persistently attempting to regain access to victim networks even in the face of repeated failures," Alperovitch said. "Seven of the companies are firms in the technology or pharmaceuticals sectors, where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets."
CrowdStrike identified only one of the entities that it said was responsible for the attacks, a group known as "Deep Panda." For several years the group has targeted governments, companies and organizations around the world in which the Chinese would have a strategic interest. However, the government has denied any connection.
Based on their attack vectors, CrowdStrike further reported, "The hackers saw no need to change their usual tradecraft or previously used infrastructure in an attempt to throw off their scent."
The Obama administration is still considering whether to impose sanctions on Chinese companies that officials say have engaged in commercial hacking. China has arrested several hackers that the U.S. said were responsible for commercial hacking, but officials are waiting to see the extent of the government's effort to prosecute them.