Slashdot Mirror

← Back to Stories (view on slashdot.org)

China, Canada Vow Not To Conduct Cyberattacks On Private Sector (reuters.com)

Posted by BeauHD on from the fingers-crossed dept.

New submitter tychoS writes from a report via Reuters: China and Canada have signed an agreement vowing not to conduct state-sponsored cyberattacks against each other aimed at stealing trade secrets or other confidential business information. The new agreement was reached during talks between Canada's national security and intelligence adviser, Daniel Jean, and senior communist party official Wang Yongqing, a statement dated June 22 on the Canadian government's website showed. "This is something that three or four years ago (Beijing) would not even have entertained in the conversation," an unnamed Canadian government official told the Globe and Mail, which first reported the agreement. The new agreement only covers economic cyber-espionage, which includes hacking corporate secrets and proprietary technology, but does not deal with state-sponsored cyber spying for intelligence gathering.

30 of 52 comments (clear)

  1. I trust China to.... by Neo-Rio-101 · · Score: 3, Insightful

    I trust China to abide by this agreement as much as they abide by Copyright laws.

    --
    READY.
    PRINT ""+-0
    1. Re:I trust China to.... by Anonymous Coward · · Score: 1

      The problem is with this sort of agreement, is that everyone assumes it doesn't work, but no one notices when it does.

      When Obama signed a cyber espionage agreement with China during his presidency everyone said the same thing, but he did so shortly after the US had issued indictments for a number of top Chinese military officials assigned to hacking duties - it wasn't until afterwards that it turned out that the photos used in those indictments were personal images taken from each of those officials personal computers by US hacks against them. This was a response to the Chinese attacks against things such as the F-35 programme and so forth.

      The US sent a message by doing this that it works both ways, until that point China thought it was getting away with it, but the shock of finding pilfered images from the private systems of China's elite military brass sent chills down their spines, hence why China decided to sign the US-China cyber security agreement as more than just a hollow gesture. There's a reason Chinese hacking has been out of the news in the years following, because whilst it may not have disappeared altogether, the agreement has certainly reduced it. This is why the focus is now on Russian hacking - because this is the new big threat now that the threat from China has been nullified somewhat through mutual agreement. I would not be surprised if when all is said and done, and the investigations into Russian hacking are complete, with Putin getting increasingly desperate in changing his story about how it may have been patriots rather than flat denials and so forth that the US-Russia situation ends up with a similar agreement.

      Slashdot is full of negativity and skepticism towards politics, but sometimes political agreement does work, and sometimes it's what we don't see that tells the true story - the vast reduction in stories of Chinese hacks is the story in the US' case, because it's a genuine reduction, through genuine acceptance from both sides that they both have more to lose than to gain in attacking each other so prolifically.

    2. Re:I trust China to.... by sabbede · · Score: 2
      Multinationals are taking patent infringement claims to Chinese courts now. I think they may have finished stealing their way to parity and now find themselves needing to actually protect IP in general in order to protect theirs in particular.

      But I could be wrong.

  2. Re:hilarious by Highdude702 · · Score: 4, Funny

    A harshly worded letter.

  3. Re:hilarious by Highdude702 · · Score: 1

    I forgot to add the "Sorry" my bad.

  4. Re:As a representive of the US by Anonymous Coward · · Score: 2, Informative

    Good, because it's bullshit. Anyone who trusts China is an imbecile.

  5. Re: Hahaha by Highdude702 · · Score: 1

    Spam bot? thats all i can think. A shitty one at that.

  6. Canada is being foolish by WindBourne · · Score: 1

    Gut feeling says that the treaty says that the Chinese gov will not crack Canada's systems.
    However, China will continue to crack all nation's computers.
    They will simply outsource it to citizens and pay them for doing it.

    --
    I prefer the "u" in honour as it seems to be missing these days.
    1. Re: Canada is being foolish by bestweasel · · Score: 1

      "China and Canada have signed an agreement vowing not to conduct state-sponsored cyber attacks against each other."

      Yes, there's the loophole. They can just follow the Russian example and say it's not us, where's the proof, it's all MSM lies and you can't trust your intelligence agencies after Iraq.

      It's not as if anyone ever owns up with, "Yes, we stole the plans for your new jet, but it's OK, we're state-sponsored."

      Also, if there are any state-sponsored hackers reading this, do you get free stuff with your sponsors' logos on?

    2. Re:Canada is being foolish by Gavagai80 · · Score: 1

      "State-sponsored" already means the government outsourcing it to citizens and paying for it, so the treaty is saying they won't do that. Of course it's quite possible China will break the treaty. But if Canada already planned to not hack Chinese companies for economic espionage, then what do they have to lose from the treaty? Nothing.

      --
      This space intentionally left blank
    3. Re:Canada is being foolish by rtb61 · · Score: 1

      Much more detail here https://www.theglobeandmail.co.... So an agreement by both governments not to hack each others corporate networks but government networks are still all right to hack and of course us nobodies, well, fuck the nobodies, hack away.

      Pretty fucking shitty agreement Canada, fuck you. Next time there is an agreement, how about fucking people come first for a a fucking change instead of fucking corporations, fucking hell.

      --
      Chaos - everything, everywhere, everywhen
    4. Re:Canada is being foolish by Altrag · · Score: 1

      Almost by definition, us "nobodies" aren't worth hacking. We're not talking about botnets and ransomware here. We're talking about dedicated efforts to steal or damage critical (or at least very valuable) information.

      In this case, there's absolutely no reason to "put people first." Why would they go to the trouble of international negotiations to stop hacking against targets that wouldn't be getting hacked anyway? Or at least not hacked in the way that this agreement would be attempting to prevent.

  7. Re:ok... by aliquis · · Score: 1

    I guess Canada hasn't anything like this to take.

    NSA Details Chinese Cyber Theft of F-35, Military Secrets

    Well.. Isn't the joke on them?

    Don't read this:
    JK. I assume F-35 isn't a disaster. Maybe not F-22 either. At-least if we keep on using manned planes and over a longer time. Not interested in arguing it just making a joke.

  8. It wasn't theft by ark1 · · Score: 1

    it was copyright infringement.

  9. Re:As a representive of the US by Anonymous Coward · · Score: 2, Funny

    Preach.

    Today, President Obama, appearing with Chinese President Xi Jinping, announced that the United States and China had reached an agreement to curb "cyber-enabled theft of intellectual property" between the two countries. Obama, at the announcement, said he had "indicated it has to stop," and that the two had come to a "common understanding."

    https://www.theverge.com/2015/9/25/9399187/obama-china-cyber-security-agreement

  10. Re:Just the tip, honest. by PopeRatzo · · Score: 2

    You have to admit, I bring the best out in ACs.

    --
    You are welcome on my lawn.
  11. Do you think we can trust him? by Mhrmnhrm · · Score: 2

    Myself I’d trust him to the end of the earth.

    Yes but how far is that?

    About twelve minutes away. Come on I need a drink

    --
    I suspect that one of these choices is incorrect. Correct.
    1. Re:Do you think we can trust him? by DontBeAMoran · · Score: 1

      And don't forget your towel.

      --
      #DeleteFacebook
  12. Re: As a representive of the US by Anonymous Coward · · Score: 2, Interesting

    Why on Earth do you imagine that it's Canada that was duped by China here?

  13. Re:Just the tip, honest. by drinkypoo · · Score: 1

    The Almighty says this must be a fashionable fight. It's drawn the finest people.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  14. Re:hilarious by fluffernutter · · Score: 1

    "Oh, were they private?"

    --
    Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
  15. Don't have to hack Canada by CanadianMacFan · · Score: 1

    Chinese companies have plenty of money so they can just come in and buy up pretty much any company they want. There are very few companies that the government would prevent a foreign company from buying except for certain sectors such as banking, airlines, telecom, and media. I wish the Chinese would buy up Bombardier because I'm tired of them always asking for more government assistance and then cutting jobs.

  16. Re: As a representive of the US by Anonymous Coward · · Score: 1

    Nor should you, this is the cyber equivalent of "we have peace in our time".

  17. State vs state by manu0601 · · Score: 1

    If I understand correctly, the agreement does not ban state sponsored cyberattack against state. This is a bit weird.

    1. Re:State vs state by Altrag · · Score: 1

      While I agree its weird, it probably benefits us as much or possibly more than it benefits them. Canada certainly isn't irrelevant on the world stage, but nor are we exactly a superpower that would be any sort of a threat to China. So Canada would have limited usefulness as a target to be hacked.

      On the other hand, while we may ourselves not have much reason to hack China (again, what would we do with the information we gleaned? Threaten them?) But we have a neighbor we're pretty friendly with who would be much more interested in knowing what China's up to, and they may well want to ask us to appropriate information as proxy for them.

      Of course that said, the spy game is pretty prevalent anyway. Generally not James Bond-style action spies, but every government is happy to learn what the other governments are doing in hopes of finding even a tiny bit of leverage for the next time they have to negotiate something.

    2. Re:State vs state by Blymie · · Score: 1

      Erm.

      NATO. Shared military secrets. Any planes / high tech military hardware we buy, come with full specs on how to repair. Learn how to hack our planes, you learn how to hack allies' planes.

      GoC contracts. Shared military drills. Military defense plans for NATO / North America. Outcomes of war games, war simulations, shared with all allies. Studies and tests on munitions, nuclear, biological and chemical warfare. (Yes, we do this, we simulate this).

      There's *tonnes* to obtain through state to state hacking. Yes, even from Canada.

      And, Google the size and scope of CSEC. Signal Intelligence is all about caliber and quality of processing, not about raw manpower.

      There's lots to see and do in Canada, for China. ;P

      But, realistically Canadian companies are often world leaders in tech. There's more meat for the Chinese to steal, to boost their local economy. The National Capital Region is known as 'Silicon Valley North', for the sheer scope and size of startups, high tech, IC design firms, and more. Lots, lots, lots to steal here. Which is why this agreement benefits us, more than China.

      State to Corporate espionage has a long, long history. Everyone from Canada, the US, to non-democratic regimes have employed state power, spying, and more to enhance the position and power of domestic corps.

      In this scenario, I'd say this is a win (if China were to be honestly trusted) for Canadian corps.

  18. Re:hilarious by Wootery · · Score: 1

    Except it's cyber, so you'll never know who really sent it.

  19. Canadian companies or companies in Canada? by sabbede · · Score: 1

    How does this affect AMD? ATI was a Canadian company till AMD bought it, and they still design GPUs there. Can China still go after AMD's HQ in California, just so long as they stay in the US based systems?

  20. A little late, don't you think? by newbie_fantod · · Score: 1

    In 2004, it was discovered that crackers ... gained almost complete access to Nortel's systems. Thought to have originated in 2000, for nearly ten years they accessed documents including emails, technical papers, research, development reports, and business plans. ... The Wall Street Journal reports that hackers working from Chinese IP addresses used seven passwords of Nortel executives, including a former CEO, to penetrate networks owned by the company.

    https://en.wikipedia.org/wiki/Nortel/

  21. Re:Hahaha by AutodidactLabrat · · Score: 1

    Wrong
    Because fools like you don't read the source, here's the skinny
    NO large, multicity establishments were included in the study BECAUSE INCLUDING THEM WOULD VITIATE THE CLAIM BY NBER, the entire study is a fraud