Today's Wall Street Journal features the following story:
China Expands Cyberspying in U.S., Report Says by Siobhan Gorman.
I've reprinted an excerpt below and highlighted interested aspects. I can vouch for the quality of the Northrop Grumman team that wrote this report and for their experience in this arena.
Congressional Advisory Panel in Washington Cites Apparent Campaign by Beijing to Steal Information From American Firms
WASHINGTON -- The Chinese government is ratcheting up its cyberspying operations against the U.S., a congressional advisory panel found, citing an example of a carefully orchestrated campaign against one U.S. company that appears to have been sponsored by Beijing.
The unnamed company was just one of several successfully penetrated by a campaign of cyberespionage, according to the U.S.-China Economic and Security Review Commission report to be released Thursday. Chinese espionage operations are "straining the U.S. capacity to respond," the report concludes.
The bipartisan commission, formed by Congress in 2000 to investigate the security implications of growing trade with China, is made up largely of former U.S. government officials in the national security field.
The commission contracted analysts at defense giant Northrop Grumman Corp. to write the report. The analysts wouldn't name the company described in the case study, describing it only as "a firm involved in high-technology development."
The report didn't provide a damage assessment and didn't say specifically who was behind the attack against the U.S. company. But it said the company's internal analysis indicated the attack originated in or came through China.
The report concluded the attack was likely supported, if not orchestrated, by the Chinese government, because of the "professional quality" of the operation and the technical nature of the stolen information, which is not easily sold by rival companies or criminal groups. The operation also targeted specific data and processed "extremely large volumes" of stolen information, the report said.
"The case study is absolutely clearly controlled and directed with a specific purpose to get at defense technology in a related group of companies," said Larry Wortzel, vice chairman of the commission and a former U.S. Army attaché in China. "There's no doubt that that's state-controlled."
Attacks like that cited in the report hew closely to a blueprint frequently used by Chinese cyberspies, who in total steal $40 billion to $50 billion in intellectual property from U.S. organizations each year, according to U.S. intelligence agency estimates provided by a person familiar with them.