Secure Payments, PCI DSS, Regulatory Compliance Blog

China Expands Cyberspying in the US

October 22nd, 2009 by cmark Posted in PCI DSS

The Wall Street Journal has a very interesting article out today that talks about cyberspying in the US.  A report released today by the U.S.-China Economic and Security Review Commission indicates that the Chinese government is ratcheting up their cyber espionage efforts in the US.  US companies have been specifically targeted.  The report says that US companies are being attacked to steal intellectual property and secret information from defense contractors and other companies.  The report states that Chinese cyberspies steal up to $50 billion a year in intellectual property.  Finally, it states that the Chinese government has been creating cyberwarfare militia units, which draw on civilians in the telecommunications and technology sectors, as well as academia.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

  1. 2 Responses to “China Expands Cyberspying in the US”

  2. By House on Oct 29, 2009

    ? ?????? ?? ???????? ????)

  3. By Matt on Nov 4, 2009

    Interesting. China has been actively attacking US infrastructure since…well.. .since there was US infrastructure. In fact, I remember working with folks at the Center for International Security and Arms Control in 1998 with regard to Chinese cyber attacks. They were then citing that it was an imminent threat with hundreds of .gov compromises every month.

    China is not the threat. In actuality, this has little to nothing to do with China. It is, once again, a misunderstanding of computer and network technology complexity.

    People assume that computers are hard to understand and even harder to break into. This is patently false. When you have hackers breaking into security researchers’ networks and you can’t honestly name a major company that hasn’t been compromised, then only one question is left….

    “How hard is it to compromise modern security controls on computers?”

    It’s not. In fact, my 67 year old mother, who, until her recent passing was apparently completely technologically inept, pointed out a seemingly complex flaw involving cvv2. She just knew… she knew that this website shouldn’t hold onto that data. But it did. There it was… for the rest of us to see, throughout many iterations of the transaction.

    And that, is why China has been owning us for years, and will continue to do so until the end of time. There’s an educational gap with regards to the difficulty of exploiting vulnerabilities. Anyone can do it….
    irrespective of country or motive.

    The Chinese only represent as much of a threat to our infrastructure as:

    A) we allow them to.
    B) they have the time or inclination to attack.

Sorry, comments for this entry are closed at this time.