Beijing is still involved in cyberattacks against other targets, they say
White House claims that China is meddling in the US midterms do not ring true to experts and cybersecurity firms that have long tracked Beijing’s digital espionage operations and propaganda campaigns.
“I’m not aware of anything credible that ties directly to any targeting from China to election influence,” said Ron Bushar, chief technology officer of FireEye, a cybersecurity firm that has tracked Chinese hackers for years.
“There’s certainly no evidence of Russia-style online manipulation or hacking and doxing,” said Adam Segal, a cyber and China expert at the Council on Foreign Relations.
US President Donald Trump aired the idea last month that Russia isn’t the only country attempting to undermine the US democratic process.
And in a speech at the United Nations last month, he alleged that “China has been attempting to interfere in our upcoming 2018 election coming up in November against my administration.”
Vice-President Mike Pence echoed those remarks in a speech Thursday.
“China has initiated an unprecedented effort to influence American public opinion, the 2018 elections, and the environment leading to the 2020 presidential elections,” he said at the Hudson Institute.
Neither Trump nor Pence explicitly accused China of mounting the types of social media trolling efforts or multiple, coordinated cyberattacks that the US has accused Russia of carrying out during the 2016 race.
But Trump has likened the behaviour of the two countries, saying last month that China is “trying to meddle in our elections. And we’re not going to let that happen. Just as we’re not going to let that happen with Russia.”
Yet China watchers have not seen any effort from Beijing to execute a disinformation campaign or propaganda effort to tilt the midterm elections one way or the other.
Plenty of evidence exists, of course, that Chinese hackers have infiltrated US businesses and international human rights groups and are continuing to carry out operations to steal American intellectual property.
But the cyber researchers say there’s no sign yet that its hackers have turned their attention on the US political process in any kind of concerted campaign to undermine Trump.
Those include the experts at FireEye, a firm whose work has included uncovering operations to infiltrate American corporations and law firms to steal intellectual property or to hack non-profits and think tanks to learn of potential policy changes.
In 2015, the company identified a Chinese hacking group it believed was responsible for the massive breach of the Office of Personnel Management, in which highly sensitive security clearance documents on more than 20 million current and former federal employees were stolen.
More recently, the firm discovered suspected Russian and Iranian digital influence operations taking place on Facebook and Twitter. It also has uncovered what it calls a massive North Korean hacking operation aimed at stealing millions of dollars from banks around the world.
Some of the evidence the administration has offered – such as an ad in The Des Moines Register – is a normal reaction to the ongoing trade war between Trump and China, the Council on Foreign Relations’ Segal said.
And despite Trump’s claims, he said, China does not seem to have decided yet whether it wants Trump re-elected.
He suggested the White House is attempting to divert attention from Russia’s hacking activities to give Trump more ammunition in his trade battle with China or to help distract from domestic political and legal issues.
Recorded Future, a cybersecurity firm that in August said it detected a hacking operation originating from a top university in China to steal US business and government secrets, also cast doubt on the White House claims.
“We have not observed such behaviour against US elections even if we’re observing much Chinese activity at large,” Christopher Ahlberg, Recorded Future’s CEO, told POLITICO.
In her own remarks on the subject last week, Homeland Security Secretary Kirstjen Nielsen offered a more nuanced depiction of Trump’s charges – saying the alleged Chinese operation is subtler, longer-term and “more holistic” than what Russia did in 2016.
While the Kremlin wanted to create chaos, Nielsen argued at an event hosted by The Washington Post Tuesday, Beijing was more interested in a “longer game” of influencing American public opinion about China.
Meanwhile, she said DHS has seen no sign of attempts to hack election equipment from China, or anyone else.
“We currently have no indication that a foreign adversary attempts to disrupt our election infrastructure,” Nielsen said.
Dmitri Alperovitch, chief technology officer at the firm CrowdStrike, which investigated the Russian breach of the Democratic National Committee, said at the same event that China has surged back with cyberattacks on US.industry during the past year and a half.
That uptick follows a decline after Washington and Beijing struck a deal in 2015 to ban cyber theft for economic purposes.
But, Alperovitch said, “we’re not seeing much on elections.”