Threat from China

According to the “Annual Report to Congress on Foreign Economic Collection and Industrial Espionage, FY07”, China is a major threat to Americas Industrial and Economic base. The following extracted comes from that report.

Since 2002, the United States has identified China-
connected computer network intrusions that have
compromised thousands of hosts and hundreds of
thousands of users accounts and exfiltrated terabytes
of data from US, allied , and foreign government,
military, and private-sector computer networks.

Actors conducting a subset of intrusion activity
affiliated with China have used socially engineered
e-mails to compromise the computers of cleared
defense contractors.

US Government networks are being continuously probed and targeted by both state and non-state actors for a wide variety of reasons, including legitimate cooperative scientific research. Chinese networks are the source of a significant amount of malicious activity targeting computers in the United States, but it is often difficult to attribute the origin or specific intent of any given activity. Many countries and criminals are able to get into the PRC’s networks and use its Internet protocols (IP) to obscure the origin of their attacks against other targets.


Pacific Regions Security Corporation has also noticed this trend relating to its own website. Since the corporation set up its website in 2008 nearly 25% of its hits have come from Beijing, China.

Beside the network probing by China, they are also involved in illegal export of sensitive items from the United States. In 2007, there were at least six incidences involving China. These incidences included illegal transfers or technology theft by the Peoples Republic of China (PRC).

Although China is not alone in illegal transfers, theft or efforts to compromise workers with security clearances, they are perhaps the most persistent of all the Pacific Rim Countries.

Question of the day is: What steps are being taken by your organization to ensure security awareness?