Slashdot Mirror

← Back to Stories (view on slashdot.org)

China, Canada Vow Not To Conduct Cyberattacks On Private Sector (reuters.com)

Posted by BeauHD on from the fingers-crossed dept.

New submitter tychoS writes from a report via Reuters: China and Canada have signed an agreement vowing not to conduct state-sponsored cyberattacks against each other aimed at stealing trade secrets or other confidential business information. The new agreement was reached during talks between Canada's national security and intelligence adviser, Daniel Jean, and senior communist party official Wang Yongqing, a statement dated June 22 on the Canadian government's website showed. "This is something that three or four years ago (Beijing) would not even have entertained in the conversation," an unnamed Canadian government official told the Globe and Mail, which first reported the agreement. The new agreement only covers economic cyber-espionage, which includes hacking corporate secrets and proprietary technology, but does not deal with state-sponsored cyber spying for intelligence gathering.

52 comments

  1. As a representive of the US by Anonymous Coward · · Score: 0

    I cannot sign to this proposal.

    1. Re:As a representive of the US by Anonymous Coward · · Score: 2, Informative

      Good, because it's bullshit. Anyone who trusts China is an imbecile.

    2. Re:As a representive of the US by Anonymous Coward · · Score: 2, Funny

      Preach.

      Today, President Obama, appearing with Chinese President Xi Jinping, announced that the United States and China had reached an agreement to curb "cyber-enabled theft of intellectual property" between the two countries. Obama, at the announcement, said he had "indicated it has to stop," and that the two had come to a "common understanding."

      https://www.theverge.com/2015/9/25/9399187/obama-china-cyber-security-agreement

    3. Re: As a representive of the US by Anonymous Coward · · Score: 2, Interesting

      Why on Earth do you imagine that it's Canada that was duped by China here?

    4. Re: As a representive of the US by Anonymous Coward · · Score: 1

      Nor should you, this is the cyber equivalent of "we have peace in our time".

    5. Re:As a representive of the US by Anonymous Coward · · Score: 0

      I'd say the same thing about USA (assuming you are a US sock puppet).

  2. hilarious by Anonymous Coward · · Score: 0

    what is the penalty for violating this agreement?

    1. Re:hilarious by Highdude702 · · Score: 4, Funny

      A harshly worded letter.

    2. Re:hilarious by Highdude702 · · Score: 1

      I forgot to add the "Sorry" my bad.

    3. Re:hilarious by fluffernutter · · Score: 1

      "Oh, were they private?"

      --
      Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
    4. Re:hilarious by Wootery · · Score: 1

      Except it's cyber, so you'll never know who really sent it.

    5. Re: hilarious by Anonymous Coward · · Score: 0

      And an "Oops" in the letter

  3. ok... by Anonymous Coward · · Score: 0

    I guess Canada hasn't anything like this to take.

    Espionage.

    1. Re:ok... by aliquis · · Score: 1

      I guess Canada hasn't anything like this to take.

      NSA Details Chinese Cyber Theft of F-35, Military Secrets

      Well.. Isn't the joke on them?

      Don't read this:
      JK. I assume F-35 isn't a disaster. Maybe not F-22 either. At-least if we keep on using manned planes and over a longer time. Not interested in arguing it just making a joke.

  4. I trust China to.... by Neo-Rio-101 · · Score: 3, Insightful

    I trust China to abide by this agreement as much as they abide by Copyright laws.

    --
    READY.
    PRINT ""+-0
    1. Re:I trust China to.... by Anonymous Coward · · Score: 1

      The problem is with this sort of agreement, is that everyone assumes it doesn't work, but no one notices when it does.

      When Obama signed a cyber espionage agreement with China during his presidency everyone said the same thing, but he did so shortly after the US had issued indictments for a number of top Chinese military officials assigned to hacking duties - it wasn't until afterwards that it turned out that the photos used in those indictments were personal images taken from each of those officials personal computers by US hacks against them. This was a response to the Chinese attacks against things such as the F-35 programme and so forth.

      The US sent a message by doing this that it works both ways, until that point China thought it was getting away with it, but the shock of finding pilfered images from the private systems of China's elite military brass sent chills down their spines, hence why China decided to sign the US-China cyber security agreement as more than just a hollow gesture. There's a reason Chinese hacking has been out of the news in the years following, because whilst it may not have disappeared altogether, the agreement has certainly reduced it. This is why the focus is now on Russian hacking - because this is the new big threat now that the threat from China has been nullified somewhat through mutual agreement. I would not be surprised if when all is said and done, and the investigations into Russian hacking are complete, with Putin getting increasingly desperate in changing his story about how it may have been patriots rather than flat denials and so forth that the US-Russia situation ends up with a similar agreement.

      Slashdot is full of negativity and skepticism towards politics, but sometimes political agreement does work, and sometimes it's what we don't see that tells the true story - the vast reduction in stories of Chinese hacks is the story in the US' case, because it's a genuine reduction, through genuine acceptance from both sides that they both have more to lose than to gain in attacking each other so prolifically.

    2. Re:I trust China to.... by sabbede · · Score: 2
      Multinationals are taking patent infringement claims to Chinese courts now. I think they may have finished stealing their way to parity and now find themselves needing to actually protect IP in general in order to protect theirs in particular.

      But I could be wrong.

  5. Re: Hahaha by Highdude702 · · Score: 1

    Spam bot? thats all i can think. A shitty one at that.

  6. Canada is being foolish by WindBourne · · Score: 1

    Gut feeling says that the treaty says that the Chinese gov will not crack Canada's systems.
    However, China will continue to crack all nation's computers.
    They will simply outsource it to citizens and pay them for doing it.

    --
    I prefer the "u" in honour as it seems to be missing these days.
    1. Re: Canada is being foolish by bestweasel · · Score: 1

      "China and Canada have signed an agreement vowing not to conduct state-sponsored cyber attacks against each other."

      Yes, there's the loophole. They can just follow the Russian example and say it's not us, where's the proof, it's all MSM lies and you can't trust your intelligence agencies after Iraq.

      It's not as if anyone ever owns up with, "Yes, we stole the plans for your new jet, but it's OK, we're state-sponsored."

      Also, if there are any state-sponsored hackers reading this, do you get free stuff with your sponsors' logos on?

    2. Re:Canada is being foolish by Gavagai80 · · Score: 1

      "State-sponsored" already means the government outsourcing it to citizens and paying for it, so the treaty is saying they won't do that. Of course it's quite possible China will break the treaty. But if Canada already planned to not hack Chinese companies for economic espionage, then what do they have to lose from the treaty? Nothing.

      --
      This space intentionally left blank
    3. Re:Canada is being foolish by rtb61 · · Score: 1

      Much more detail here https://www.theglobeandmail.co.... So an agreement by both governments not to hack each others corporate networks but government networks are still all right to hack and of course us nobodies, well, fuck the nobodies, hack away.

      Pretty fucking shitty agreement Canada, fuck you. Next time there is an agreement, how about fucking people come first for a a fucking change instead of fucking corporations, fucking hell.

      --
      Chaos - everything, everywhere, everywhen
    4. Re:Canada is being foolish by Altrag · · Score: 1

      Almost by definition, us "nobodies" aren't worth hacking. We're not talking about botnets and ransomware here. We're talking about dedicated efforts to steal or damage critical (or at least very valuable) information.

      In this case, there's absolutely no reason to "put people first." Why would they go to the trouble of international negotiations to stop hacking against targets that wouldn't be getting hacked anyway? Or at least not hacked in the way that this agreement would be attempting to prevent.

  7. It wasn't theft by ark1 · · Score: 1

    it was copyright infringement.

  8. Re:Just the tip, honest. by Anonymous Coward · · Score: 0

    Go take your homophobic dribble elsewhere, rabbi.t

  9. Re: Hahaha by Anonymous Coward · · Score: 0

    WHOOOOSSSHHHHHH

  10. Re:Just the tip, honest. by PopeRatzo · · Score: 2

    You have to admit, I bring the best out in ACs.

    --
    You are welcome on my lawn.
  11. Do you think we can trust him? by Mhrmnhrm · · Score: 2

    Myself I’d trust him to the end of the earth.

    Yes but how far is that?

    About twelve minutes away. Come on I need a drink

    --
    I suspect that one of these choices is incorrect. Correct.
    1. Re:Do you think we can trust him? by DontBeAMoran · · Score: 1

      And don't forget your towel.

      --
      #DeleteFacebook
  12. Re:Just the tip, honest. by drinkypoo · · Score: 1

    The Almighty says this must be a fashionable fight. It's drawn the finest people.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  13. Don't have to hack Canada by CanadianMacFan · · Score: 1

    Chinese companies have plenty of money so they can just come in and buy up pretty much any company they want. There are very few companies that the government would prevent a foreign company from buying except for certain sectors such as banking, airlines, telecom, and media. I wish the Chinese would buy up Bombardier because I'm tired of them always asking for more government assistance and then cutting jobs.

  14. Second verse same as the first by Anonymous Coward · · Score: 0

    This is something that three or four years ago (Beijing) would not even have entertained in the conversation

    China did have this conversation three or four years ago with Barrack Obama and signed a similar agreement.

    We are having the same discussion over the same problems all over again. Watch as China does not hold up their end of the bargain, as they did before, they merely back-off on the most aggressive tactics. Canada is placed at a disadvantage and China can claim the moral high-ground.

    It happened before and will happen again.

  15. State vs state by manu0601 · · Score: 1

    If I understand correctly, the agreement does not ban state sponsored cyberattack against state. This is a bit weird.

    1. Re:State vs state by Altrag · · Score: 1

      While I agree its weird, it probably benefits us as much or possibly more than it benefits them. Canada certainly isn't irrelevant on the world stage, but nor are we exactly a superpower that would be any sort of a threat to China. So Canada would have limited usefulness as a target to be hacked.

      On the other hand, while we may ourselves not have much reason to hack China (again, what would we do with the information we gleaned? Threaten them?) But we have a neighbor we're pretty friendly with who would be much more interested in knowing what China's up to, and they may well want to ask us to appropriate information as proxy for them.

      Of course that said, the spy game is pretty prevalent anyway. Generally not James Bond-style action spies, but every government is happy to learn what the other governments are doing in hopes of finding even a tiny bit of leverage for the next time they have to negotiate something.

    2. Re:State vs state by Blymie · · Score: 1

      Erm.

      NATO. Shared military secrets. Any planes / high tech military hardware we buy, come with full specs on how to repair. Learn how to hack our planes, you learn how to hack allies' planes.

      GoC contracts. Shared military drills. Military defense plans for NATO / North America. Outcomes of war games, war simulations, shared with all allies. Studies and tests on munitions, nuclear, biological and chemical warfare. (Yes, we do this, we simulate this).

      There's *tonnes* to obtain through state to state hacking. Yes, even from Canada.

      And, Google the size and scope of CSEC. Signal Intelligence is all about caliber and quality of processing, not about raw manpower.

      There's lots to see and do in Canada, for China. ;P

      But, realistically Canadian companies are often world leaders in tech. There's more meat for the Chinese to steal, to boost their local economy. The National Capital Region is known as 'Silicon Valley North', for the sheer scope and size of startups, high tech, IC design firms, and more. Lots, lots, lots to steal here. Which is why this agreement benefits us, more than China.

      State to Corporate espionage has a long, long history. Everyone from Canada, the US, to non-democratic regimes have employed state power, spying, and more to enhance the position and power of domestic corps.

      In this scenario, I'd say this is a win (if China were to be honestly trusted) for Canadian corps.

  16. China schedules its exfiltrations by Anonymous Coward · · Score: 0

    Sadly, must post this as A/C. I have had the experience in my job of performing a number of forensic cyber analyses. One of the striking commonalities in Chinese compromises of US industry is the delay between the collection and packaging of the data to be exfiltrated and the time of exfiltration. It can be days and the exfiltration almost always starts on an exact hour. My conclusion is that China is stealing so much data from the US that they have to schedule the exfiltrations.

  17. Cyber attacks? by Anonymous Coward · · Score: 0

    How do you attack a country with cybersex? This is just weird!
    Cyber
    Cyber
    Cyber
    It's all I ever hear, as soon as I see that word I know the organization using it is a joke.
    Now please excuse me, I must head back to cybersex command headquarters.

    Cyber Bob

  18. China ruined Nortel by Anonymous Coward · · Score: 0

    ... with hacking over a long period of time.

    Does Canada even have any "Nortels" left? Blackberry's practically out.

    1. Re:China ruined Nortel by Anonymous Coward · · Score: 0

      And now Norsat is gone after the government of the young Mr Trudeau sold them off to the Chinese

      This guy is so naive, he is being incredibly dangerous and needs to be curbed.

      The Chinese will not need to hack anything in my country anymore, because Trudeau just keeps selling them whatever they want against the advice of security agencies, the military and our allies. With the Norsat sale, he said there was no need for a security review at all.

      Someone above stated you cannot trust the Chinese. I strongly disagree, you can trust them to do whatever is best for the people of China, always and in all things.
      If it matches your own goals, that is just fortunate. An accident

  19. Why won't the U.S. agree to something like this? by Anonymous Coward · · Score: 0

    because industrial, financial, and political sabotage, espionage, and theft of industrial secrets, technical know-how, intellectual property is a large part of what NSA and CIA do.

    It's funny how all Americans thoroughly believe the whole world is out to steal everything from them, which the horde of European, Russian and Asian immigrants produce in their tech sector, when their own government is doing exactly what they accuse others of.

  20. Canadian companies or companies in Canada? by sabbede · · Score: 1

    How does this affect AMD? ATI was a Canadian company till AMD bought it, and they still design GPUs there. Can China still go after AMD's HQ in California, just so long as they stay in the US based systems?

  21. I'm calling "BS" on this by Anonymous Coward · · Score: 0

    My Internet facing router is no big deal. I take hits on port 22 every day from China, and if I open up the port, I can immediately see password guessing attempts on the port.... BS! They are scanning all IP addresses and have for many years.

  22. A little late, don't you think? by newbie_fantod · · Score: 1

    In 2004, it was discovered that crackers ... gained almost complete access to Nortel's systems. Thought to have originated in 2000, for nearly ten years they accessed documents including emails, technical papers, research, development reports, and business plans. ... The Wall Street Journal reports that hackers working from Chinese IP addresses used seven passwords of Nortel executives, including a former CEO, to penetrate networks owned by the company.

    https://en.wikipedia.org/wiki/Nortel/

  23. Re:Hahaha by AutodidactLabrat · · Score: 1

    Wrong
    Because fools like you don't read the source, here's the skinny
    NO large, multicity establishments were included in the study BECAUSE INCLUDING THEM WOULD VITIATE THE CLAIM BY NBER, the entire study is a fraud