To Be Hacked or Not To Be Hacked?

People often ask me how to tell if they might be victims of state-serving adversaries. As I've written before, I don't advocate the position that "everyone is hacked." How then can an organization make informed decisions about their risk profile?

A unique aspect of Chinese targeted threat operations is their tendency to telegraph their intentions. They frequently publish the industry types they intend to target, so it pays to read these announcements.

Adam Segal Tweeted a link to a Xinhua story titled China aims to become world technological power by 2049. The following excerpts caught my attention:

China aims to become a world technological power by 2049 and strives to be a leading nation in innovation and scientific development, according to a government document released on Sunday.

The document, released by the Communist Party of China Central Committee and the State Council, or the Cabinet, namely opinions on "deepening technological system reform and accelerating national innovation system construction," sets the goal for the country to be "in the ranks of innovative nations" by 2020...

In this intro we read two key dates: 2020 for "in the ranks of innovative nations" and 2049 for a "world technological power." As we've seen during the last 10-12 years, one of the ways China pursues these goals is to steal intellectual property from target industries. What are those industries?

The development of strategic emerging industries, such as energy preservation and environmental protection, new-generation information technology, biology, advanced equipment manufacturing, new energy and material as well as green vehicles, should be accelerated, it said.

Major breakthroughs of key technologies should be materialized in sectors including electronic information, energy and environment protection, biological medicine and advanced manufacturing, it said.

Those industries have already been targeted and compromised by Chinese intruders. If you work in these areas but aren't actively seeking to detect and respond to Chinese intruders in your enterprise, I recommend taking a closer look at who is using your network.

Later in the document I was somewhat surprised to read the following:

And technological innovation should be made in industries that were related to people's livelihoods, such as health, food and drug safety, and disaster relief, the document said.

The underlined industries explain some activity I've seen recently, and it may be a warning for those of you in those sectors.

The last part of the document I would like to mention says the following: It called for an enhanced system to integrate the technologies for military use and those for civilian purposes.

The document said the nation's technological plan would be more open to the outside world in terms of cooperation, and international academic institutions and multinational companies would be encouraged to set up R&D centers.

None of that is new, but it shows the Chinese commitment to applying "dual use" technologies to both sides of that equation. It also shows the Chinese think they can still fool Western companies into sending engineers to China, where stealing IP is as easy as setting foot in an office building. Unfortunately plenty of Western companies appear to be falling for this ploy.

Comments

Daniel Martin said…
In China seriously attended to use of foreign technologies at the end of the 20th century. In Beijing even the special bureau on assimilation of foreign technologies was open. Foreign including the American technologies played a huge role in formation of the Chinese economy. However transfer of modern American technologies to China causes more and more tough discussions.

Popular posts from this blog

Zeek in Action Videos

MITRE ATT&CK Tactics Are Not Tactics

New Book! The Best of TaoSecurity Blog, Volume 4