Responding to the buzz generated by the release of a new evidence-rich report on China’s cyber threat actors by Mandiant, a pair of articles today point out again China-sourced cyber-threats to businesses. Financial services is a global enterprise. Virtually all financial services organizations are attempting to enter China markets and are pursuing investments in China in order to better diversify their portfolios and offer their customers opportunities in throughout Asia.
The report by Mandiant and signals from the U.S. government remind us again that it is important to resist the types of attacks that seem to continue out of China. Mandiant documented that the China-based hostile actors have systematically stolen hundreds of terabytes of data from at least 141 organizations. The White House specifically highlighted that this threat was directed against Financial Services organizations, among others.
Writers at The Washington Post said that the recent “Mandiant report echoed a classified National Intelligence Estimate by the U.S. intelligence community that concluded that China was the most aggressive perpetrator of a massive campaign of cyber-espionage against commercial targets in the United States.”
Writers in the Wall Street Journal added that:
“U.S. officials said the allegations in the Mandiant report come as no surprise and build on other evidence of cyber infiltration.
A 2011 intelligence report publicly accused China of a role in cyberattacks. More recently, a U.S. assessment known as a National Intelligence Estimate, which remains classified and hasn’t been released, cited the Chinese government as being behind pervasive cyberthefts resulting in the loss of intellectual property, according to people who have read it.”
Bringing value to China appears to come at a material risk. Can you afford to lose your risk models? Your fraud analysis engines? Your portfolio management tooling? Your investing strategies? We all have material investments in highly-portable intellectual property. Protect it from known threats as a demonstration of threshold due diligence.
At a minimum, ensure that you have employed a full spectrum of threat-resisting technology and process that is already hand in every financial services organization. Ensure that your protective layers overlap and compensate for each other, and do so throughout your infrastructure, not just at the Internet edge. Plan for and fund enhancement of your detective, preventative, corrective, and compensating control capabilities — as the issue of persistent “world-class” state-sponsored hostile actors appears to be with us for the forseeable future.
“Mandiant Intelligence Center Report — APT1: Exposing One of China’s Cyber Espionage Units.”
“Report ties cyberattacks on U.S. computers to Chinese military.”
By William Wan and Ellen Nakashima; 02-19-2013
“U.S., China Ties Tested in Cyberspace.”
By JULIAN E. BARNES and SIOBHAN GORMAN in Washington and JEREMY PAGE in Beijing; 02-19-2013
Updated to include the following reference on 04-15-2013:
“contextChina’s Guide to Understanding Recent News on Chinese Hackers.”
By Robert O’Brien, 02-22-2013