Last month, President Barack Obama met with Chinese President Xi Jinping to discuss the strained relations between their two countries – primarily the prevalence of digital espionage.
As you may recall, the two nations have a long history of being at one another’s throat in the digital realm. Neither is entirely blameless in this, of course – while China has made a habit of targeting American businesses with aggressive hacking campaign, digital espionage in the States is nothing to sneeze at, either. It’s hoped by everyone involved that the pact signed between Obama and Jinping will serve to warm relations between the two countries, and make aggressive digital attacks a thing of the past.
The question is whether or not this will actually be the case. Just three weeks after the agreement was reached, seven United States companies were targeted by a series of hacks aimed at stealing business secrets. These attacks, according to security firm Crowdstrike, have been directly linked to the Chinese government.
Jinping disavowed the attacks, denying that the hackers had his support. What that means, then, is that either there’s a rogue body within Jinping’s government, Jinping is lying, or Crowdstrike is mistaken. Hopefully it’s either the former or the latter.
Make no mistake here – there’s a chance the States might not honor its side of the agreement, as well. Espionage isn’t exactly a field that lends itself well to openness, after all. Both sides could well have been crossing their fingers behind their backs during talks.
What we can say for certain here is that it does seem unlikely that Jinping would so obviously violate the cybersecurity pact, particularly as he’s made no secret of his desire to court organizations in the American tech sector. If those organizations think his government’s trying to hack them, it seems rather unlikely they’d be willing to do business with him. At the end of the day, it doesn’t matter so much where these attacks actually originate, truth be told.
The fact that they’re happening should be enough – and until such time as they stop, you’ll need to shore up your defenses. While there’s no real guarantee you’ll be able to safeguard your data against an experienced team of black hats, what you can do is make it more difficult for them – and maybe give yourself a chance to respond. To that end, let’s tie this piece off with a few security tips:
- Don’t let your software or applications get outdated. If there’s a security patch to be applied, apply it as soon as humanly possible.
- Don’t store sensitive data in public platforms such as Dropbox – they lack enterprise-level security.
- Audit your security on a regular basis (we recommend doing it at least once a month) to find out if there are any outstanding bugs, vulnerabilities, unpatched programs, or malware.
- Use EMM software coupled with a VPN to protect your mobile employees.
It’s not clear at this point whether or not the pact between the United States and China will have any long-lasting impact. Best not to let it bother you too much, though – your business is as likely to be hacked by someone within your own country as it is to be targeted by someone from overseas, after all.