US-China cyber espionage treaty 'will do nothing': FireEye boss
So what are all those hack groups in China doing?
Cyber Defence Summit The China-US treaty will do next to nothing to slow or stymie espionage attacks, says FireEye boss Kevin Mandia.
Presidents Obama and Xi Jinping recently pledged to stop economic espionage efforts, in a bid to repair the bilateral relationship between the countries.
The agreement, positioned as a means to curb wholesale pillaging of US corporate assets and the activities of the NSA, has attracted wide criticism from the information security community since so much network-centric espionage is confirmed to originate from China.
Beijing's backing of well-resourced Chinese hacking groups has not been confirmed but is the subject of much speculation.
Some groups employ dozens of hackers working regular nine to five shifts and are using expensive zero day exploits to compromise high-value corporate and defence targets.
Mandia, a former Pentagon man and founder of forensics giant Mandiant, says the treaty will do little to curb the hacking.
"This agreement with China … healthcare is fair game, universities are fair game, and you keep going down the list, and bottom line is it doesn't end," Mandia told the Cyber Defence Summit (formerly Mircon) in Washington DC today.
"Nothing really changes. The intrusions will still stay the same.
"I'm not anti-China, it just so happens that 99 percent of the breaches we respond to are coming out of China and Russia."
Xi said at the start of his visit to the US last month that the "Chinese government does not engage in theft of commercial secrets in any form", a claim which sparked criticism from Mandiant strategy bod Richard Bjtlich who said the President is "either a bold-faced liar, or he considers the PLA (People's Liberation Army), MSS (Ministry of State Security), and other state hackers to not be part of" the Chinese Government.
Mandia says his firm this year has dealt with 224 breaches and is tracking some 900 actor groups, up from only 30 or 40 in 2011.
Of these groups 20 are responsible for the hairiest hacks, including military attacking private sector organisations.
The firm's botnet sinkholes are also busy receiving some 20 million pings every hour from compromised machines. ®
Darren Pauli travelled to Washington DC as a guest of FireEye.