T3H Blog

The UK Centre for the Protection of National Infrastructure (MI5) prepared a short ‘restricted’ report back in 2007~08 entitled “The Threat from Chinese Espionage” – that was widely distributed to UK business organizations worldwide – to little effect.

The report of bugging and burgling by agents from the People’s Liberation Army and the Ministry of Public Security. It warns also of electronic gifts given at exhibitions and seminars riddled with Trojans capable of creating a backdoor, ferreting and transmitting specific data, and remotely triggered malware.

According to CPNI “The Chinese government represents one of the most significant espionage threats to the UK because of its use of widespread electronic hacking.” UK cybersecurity experts suspect that Chinese cyberwarfare units have directed concerted hacking exercises against UK’s defence, energy, communications, and manufacturing entities.

In their great wisdom MI5 and CPNI believe that “any UK company might be at risk if it holds information which would benefit the Chinese.”

At the time of the ‘restricted’ letter released by MI5′s DG it was observed in Schneier on Security (4 December 2007) that sending a confidential letter to 300 businesses and expecting it to be kept so was not such a good idea – publicity, and lots of it, should have been the order of the day. The Chinese Ministry of Public Security must have had a good laugh at the time (from reading their own copy); it sure did not slow them down any…

References:

MI5 alert on China’s cyberspace spy threat, Exclusive: director-general of MI5 sends letter to British companies warning systems are under attack from China, From The Times, published: 1 December 2007

Britain Warned Businesses of Threat of Chinese Spying, By Jonh F. Burns, published: 31 January 2010

The Internet has opened global markets and revolutionized modern business practices. Yet, while providing new opportunities, reliance on the Web has also exposed new vulnerabilities. McAfee estimates that in 2008, “companies worldwide lost more than $1 trillion” from IP and data theft. A recently released PwC report on the rising threat of e-espionage asks: “Are companies aware and ready to respond?” In general, the resounding answer is, “No.”

Surveys after reports after commissions unanimously demonstrate that the Internet (Web, cyberspace) is unsecured. Threats are multiplying and growing evermore successful in gaining access to desired data or results. Nevertheless, no one in is right mind stays away – yet, most do very little to protect their property, even themselves – Why?

One answer is ease of use – the Internet is too simple to use and yields too much benefits at a click – how can something this beneficial be this nefarious!

Until we find the right answer, we will continue to barrel down towards an unparalleled cataclysmic  catastrophe where not only IP or data will be lost, but lives…

References:

Study Finds Growing Fear of Cyberattacks, by John Markoff, Published: 28 January 2010

Unsecured Economies: Protecting Vital Information, The first global study highlighting the vulnerability of the world’s intellectual property and sensitive information, December 2009

Securing Cyberspace for the 44th Presidency, A Report of the CSIS Commission on Cybersecurity for the 44th Presidency, December 2008