China is violating a 2015 cybersecurity agreement that prohibits the electronic theft of intellectual property, and the U.S. might issue sanctions in response, a top official at the National Security Agency said.
Over the last year, the U.S. government has seen a resurgence of hacking and IP theft attempts by people based in China and sometimes even by the Beijing government, Rob Joyce, senior adviser for cybersecurity at the NSA, said at the Aspen Cyber Summit in San Francisco on Thursday.
“It’s clear that they are well beyond the bounds today of the agreement,” Joyce said. “We have certainly seen their behavior erode in the last year and we’re very concerned with those troubling trends.”
Earlier this month, the Department of Justice charged a state-owned Chinese company for trying to steal technology from Idaho-based Micron Technology Inc. Chinese hackers have also sought to break into the U.S. energy grid, Joyce said.
The U.S. threatened to sanction China for its hacking three years ago, and Joyce said the “moment hasn’t passed” for sanctions. “Sanctions are something we’ve used in the context of cyber malfeasance” and that will continue, he said.
Meanwhile, U.S. Cyber Command is trying to discourage hackers by making their tools public. The military division has opened a Twitter account to highlight “malware they’ve discovered in their defensive operations,” Joyce said.
“That is an engagement saying: we’re going to take your tools, we’re going to put them out there, we’re going to show your tradecraft, we’re going to make it harder for you to do these kind of operations,” he said. “And by doing that we are imposing friction.”