China’s new, combative response to hacking from the U.S.

March 4, 2020, 3:46 PM UTC

This article first appeared in Data Sheet, Fortune’s daily newsletter on the top tech news. Sign up here.

America calls out China’s hacking so frequently that when accusations flow the other way, it’s notable.

One of China’s top cybersecurity companies, Qihoo 360, on Monday accused the U.S. Central Intelligence Agency of hacking Chinese organizations across a wide array of industries including aviation, oil and gas, and government. Qihoo alleges that the CIA infiltrated targets in Beijing, Guangdong, and Zhejiang between September 2008 and June 2019—an 11-year spree of breaches.

The Qihoo report follows a similar one published in September by Qi An Xin, another Chinese cybersecurity firm. Both rely on “Vault 7,” a cache of CIA documents exposed by WikiLeaks in 2017. The Chinese firms parsed the trove of leaked documents to match attacks they observed with likely perpetrators. (Joshua Schulte, a former CIA employee, is currently standing trial in the U.S. for allegedly leaking the Vault 7 documents.)

Since the Chinese cybersecurity firms’ reports draw so heavily from what is already in the public domain, they don’t contain much new information. But they do seem to signal a new, more combative approach by China in responding to breaches from abroad—even as the country comes under increasing fire for its own hacking escapades.

The U.S. Justice Department has been indicting more and more Chinese hackers. In recent weeks, federal prosecutors charged four Chinese nationals with hacking Equifax, the credit reporting agency that suffered a major breach in 2016. The prosecutors helped put another Chinese national behind bars for stealing trade secrets worth $1 billion from a petroleum company. And they accused two more of laundering more than $100 million in cryptocurrency on behalf of North Korea.

Beijing already seems to be seizing on the Qihoo report to undermine the U.S. “The findings, if confirmed, lay bare the US’ astonishing hypocrisy in accusing China of cyber attacks against its institutions and even imposing sanctions on Chinese entities and individuals, despite itself attacking China for years,” wrote one columnist for Global Times China, a Communist party tabloid. “If the revelations are confirmed, swift action must be taken against the involved US institutions, including the CIA, its hacking group and personnel involved in the cyber attacks.”

But there’s a big difference between China and America’s hacking. The former all too often breaches businesses in apparent attempts to steal trade secrets for economic gain. The latter has, from what anyone can tell, penetrated networks for intelligence-gathering—an activity that U.S. authorities would argue falls within acceptable nation-state hacking norms.

It’s unlikely China will take action against the alleged CIA hackers, given a widespread, tacit understanding that certain forms of international espionage are OK. If it does, the two superpowers’ spy games will substantially escalate.

Robert Hackett

Twitter: @rhhackett



Feel the Bern. Someone has been impersonating Democratic presidential hopeful Bernie Sanders and attempting to set up meetings with other campaigns under the pretext. Meanwhile, a third of American voters say they have little confidence in an accurate vote tally in the upcoming U.S. presidential election, according to a recent poll. The vulnerability of many election-related websites—plus Los Angeles County, which debuted a brand-new voting system with unresolved security flaws—probably aren't helping to assuage people's fears.

Going viral. Misinformation related to the fast-propagating coronavirus disease, or COVID-19, is getting more engagement online than official reports out of the World Health Organization or the Centers for Disease Control and Prevention. A news-rating startup called NewsGuard found that false and misleading sources received 142 times more likes, shares, and comments than legitimate sources. Meanwhile, the wonks over at Citizen Lab, an academic group based out of the University of Toronto, revealed how Chinese censors have been restricting the flow of information about the disease.

NSO no-show. The Israeli spyware-maker NSO Group failed to show up to court in California after being sued by WhatsApp, resulting in a notice of default that could swing a decision in WhatsApp's favor. The Facebook unit alleges that NSO Group used software vulnerabilities to help remotely hack hundreds of smartphones. NSO responded that WhatsApp “prematurely moved for default before properly serving NSO with the lawsuit," despite WhatsApp cataloguing its many efforts to serve legal documents to the company.

Too big for your breaches. Walgreens has warned that an app used by its customers to track prescriptions may have leaked people's personal information between January 9th and 15th. Visser, a firm that supplies parts for Tesla and SpaceX, also told TechCrunch that it was “the recent target of a criminal cybersecurity incident, including access to or theft of data.” And Carnival Cruises disclosed that two subsidiaries—Holland America and Princess Cruises—suffered a data breach involving people's credit card information and Social Security numbers.

Sophosticated dealmaking. Private equity firm Thoma Bravo closed its $3.9 billion acquisition of Sophos, a British cybersecurity firm. Sophos had raised $500 million in venture capital before going public on the London Stock Exchange in 2015.

"Indicting nation-state hackers is like pissing your pants"


People who claimed to be manipulated by electronics, mass media, and hidden machinery used to be considered delusional, paranoid, or insane. Today, in the age of Facebook and hyper-targeted advertising, they don't sound so crazy. In a feature for The New Atlantis, a journal of technology and society, Geoff Shullenberger reveals how belief in mind control—once deemed crazy—became conventional wisdom. (I particularly like the anecdote about the 18th-century "air loom" device, believed by one paranoid schizophrenic to be a treasonous, technologic puppet-master of sorts.)

The worries stirred up by the Cambridge Analytica story — whether they were an outburst of irrational panic or a recognition of new political realities — were just the latest in a long history of anxieties about technologically enabled mass deception and manipulation. The potential for such an enterprise entered the realm of the imagination well before anything like it was technically feasible. But the earliest people to imagine it were not technology critics or political reporters. They were paranoids in the original sense of the word: individuals regarded as insane.


Amazon’s Alexa can now give you detailed information on your medications by Sy Mukherjee 

The autonomous vehicle war is very much a money war by Polina Marinova 

What is Clearview AI and why is it raising so many privacy red flags? by Alyssa Newcomb

More and more companies are gaining an appetite for A.I. acquisitions by Jonathan Vanian

A little taste of Brainstorm Finance, Fortune's fintech conference by Robert Hackett


Last week we ran a small excerpt from Wired editor Stephen Levy's new book about Facebook. Tech blog OneZero recently ran a passage from a prior Levy book, Crypto, that's worth rereading. It details the breakthroughs of Whitfield Diffie, a massively influential cryptographer whose work forms the basis of digital security. As Levy writes, "In short, Diffie had not only figured out a way to assure privacy in an age of digital communications, but he had enabled an entirely new form of commerce, an electronic commerce that had the potential not only to match but to exceed the current protocols in commercial transactions."

We salute you, Mr. Diffie.

Read More

CEO DailyCFO DailyBroadsheetData SheetTerm Sheet