The Decline in Chinese Cyberattacks: The Story Behind the Numbers

Mara Hvistendahl wrote for MIT Technology Review about the decline in Chinese cyberattacks:

Last summer, an audience of government officials, military personnel, and foreign ambassadors gathered in Aspen, Colorado, to hear John Carlin, then an assistant attorney general, speak about cyberattacks. The Aspen Security Forum, which is held every year at a breathtaking resort in the Rocky Mountains, is the sort of event where national security wonks go for hikes in T-shirts and shorts, then trade war stories over lemon-raspberry water and superfood balls. The news of the Democratic National Committee hack had broken just the day before, and many hoped that Carlin, who headed up the investigation into the incident, might speak candidly about it. Instead, he recounted the Justice Department’s indictment of five hackers in China’s People’s Liberation Army Unit 61398 for commercial espionage—back in 2014.

A boyish Harvard-trained former prosecutor, Carlin oversaw the department’s efforts to stamp out economic espionage before stepping down earlier this month. In June, the cybersecurity firm FireEye released a report describing a significant decrease since early 2013 in the number of commercial attacks from China, which is the largest source of such attacks. The firm charted attacks on clients around the world by 72 groups that are either based in China or believed to represent Chinese state interests. Beginning in mid-2014, its analysts observed a “noticeable decline” in activity. Intelligence officials have quietly echoed that claim.