Naming names in APT

Let's call a spade a spade: China is the greatest threat to international cyber­security on the planet.

I'm tired of pussyfooting around this issue the way that I, and many others in security, industry and government have been for years. We talk about the "threat from Asia," the attacks perpetrated by "a certain eastern country with a red flag," network snooping by our "friends across the Pacific." I swear, this is like reading a Harry Potter book with my daughter. "He-Who-Must-Not-Be-Named" just attacked our networks.

Let me be absolutely, crystal clear here. In this scenario, China is Voldemort. Clear enough?

Also see Byzantine Hades shows China's cyber chops

We dance around this issue because we don't want to make China mad. God forbid. This is cowardly appeasement. It's like not wanting to say anything to the schoolyard bully who steals your lunch money every day.

I understand the whole issue of economic expediency. Why aggravate China? It's a huge trading partner. But if that was a legitimate argument, wouldn't China be asking itself that same question? Why aggravate the United States? It's a huge trading partner!

I do not accept the argument. We know that if a business opens an office in China, it's going to lose whatever intellectual property it has there. We know that when we send our executives to China, the Chinese government will be pilfering their laptops and cell phones. If that wasn't the case, then why would we give our execs throwaway phones and laptops? (And if you aren't doing that, we should probably talk.) The threat is real, and it's about time we do something about it.

I was pleased to see U.S. counterintelligence chief Robert Bryant come out and finger the Chinese (and the Russians), calling their economic espionage a "national, strategic long-term threat to the United States." Better late than never. China's actions kill jobs and economic opportunity for all of us, and should not be tolerated.

Like Harry Potter, I'm not afraid of saying my enemy's name. China, Voldemort, whatever. As long as we tolerate it, the problem will only get worse. Time for us to stand up and call it what it is.

Tags: security
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Security That Fits

Improve the effectiveness of your security or get unique network threat discovery and remediation

more »

Submit your own security event

Submit your training courses

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.

Read More
more »