Business

Chinese Hackers & You

For some time now, when we reverse scans on networks, originators of phishing attacks and other types of illicit network traffic we’ve found so often that the trail ends at the Great Wall of China. Basically, if the IP address is a Chinese IP then more than likely you will never have anything done, never get a response from an inquiry and essentially be laughed at if you do anything more than block the IP or the subnet. It has gotten to the point where when you see those entries in the logs or in reports you in fact think, this must be some drive-by and while you give the nefarious traffic the attention it deserves you know that you’re just basically wasting your time for the most part.

But why? What’s it all about? A new report from Northrup Grumman, entitled Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation suggests that it’s about intellectual property and foreign intelligence. It seems that what many of us in the private and educations space have seen for years is finally being given. There are bold statements (literally made in bold) such as:

The Chinese People’s Liberation Army (PLA) is actively developing a capability for computer network operations (CNO) and is creating the strategic guidance, tools and trained personnel necessary to employ it in support of traditional warfighting disciplines.

It’s a well produced document, and well worth the read if you have time:

But Northrup Grumman isn’t just publishing reports. The CSO of the organization, Timothy McKnight is actually doing interviews backing it up. If you are interested in information security and more specifically in cyber-warfare, then this is a story worthy of following, although for most of us it will have little real world implications for the foreseeable future.