American security researchers have identified a group of state-sponsored Chinese hackers that appears to be more sophisticated than other groups targeting American companies and government bodies. Dubbed “Axiom,” the group’s unveiling comes only weeks before U.S. President Obama and Secretary of State John Kerry are scheduled to meet with Chinese leadership in Beijing to discuss a number of issues, including cyber-warfare.
Novetta Solutions, a firm that counts respected cybersecurity watchdogs like FireEye and Cisco among its partners, released a report Tuesday asserting that Axiom poses more of a threat to western interests than the notorious People’s Liberation Army Unit 61398. In targeting over 43,000 computers, the group has infiltrated Fortune 500 companies, pro-democracy groups, academic institutions, journalists, environmental groups and a range of other areas, according to researchers.
“The Axiom threat group is a well-resourced, disciplined, and sophisticated subgroup of a larger cyber espionage group that has been directing operations unfettered for over six years,” the report stated. “Novetta has moderate to high confidence that the organization tasking Axiom is part of Chinese Intelligence Apparatus. This belief has been partially confirmed by a recent FBI flash…stating the actors are affiliated with the Chinese government.”
This report comes after the FBI warned last week that a group of highly skilled Chinese government hackers was operating a costly, worrisome campaign against both the U.S. government and American companies. That advisory differentiated the group in question (now identified as Axiom) with PLA Unit 61398, the cyber warfare unit identified as the group behind the theft of hundreds of terabytes of data from countless American and British organizations.
Chinese representatives have consistently denied that China conducts any kind of cyber warfare, saying its actually American intelligence activity like the National Security Agency’s infiltration of Huawei computer systems that stokes international tension.
The Novetta report is also reminiscent of the U.S. Department of Justice’s name-and-shame strategy, in which attorneys unsealed an indictment against five Chinese hackers accused of infiltrating American retail chains. Unable to apprehend the suspects inside China, though, the strategy inadvertently lionized the suspected hackers, with the Chinese media hailing them as heroes.
President Obama and Secretary Kerry will seek to manage the lingering tension during a visit to Beijing in November. Officials on both sides are already promising to better cooperate on cyber issues while at the same time denying any wrongdoing. The discussion could endure long past the November meetings.
“Dialogue and cooperation between china and the U.S. in the field of cybersecurity is faced with difficulty due to the wrong actions taken by the American side,” Chinese State Counselor Yang Jiechi said last week, as quoted by China Daily. “The American side should take positive actions so as to create conditions for the restart of dialogue and cooperation between the two countries in the field of cyber security.”