In September 2015, China agreed to a series of accords with the US, UK, and G20 barring Beijing from conducting cyber-enabled economic espionage with parties around the world. Since, the key question has been: is China complying with those agreements?
- FireEye analysed the activity of 72 China-based cyber threat groups since early 2013 and found a substantial decline that began to occur in mid-2014.
- It analysed 262 incidents of compromise. China’s espionage activity has hit companies around the world. Of those, 80 incidents affected organisations in 13 countries in the Europe, the Middle East and Africa since 2013. (Europe (9): UK, Italy, Switzerland, Germany, Netherlands, Denmark, Sweden, France, Norway; Middle East (3) : Israel, Egypt, Saudi Arabia; Africa (1) : Tunisia)
- Despite the decline in activity, since mid-2015 we have observed 13 China-based cyber threat groups targeting organisations in Europe, the U.S., and Japan. In one case, a group collected user credentials during an intrusion into the network of a European logistics company.
- The Chinese remain a top cyber threat for any company in EMEA holding intellectual property. Today, the threat from China is less voluminous, but is more focused, calculated and still successful in compromising corporate networks.