Five global energy and oil firms have been the target of "coordinated covert and targeted cyberattacks" by hackers based in China, according to net security firm McAfee. The five unnamed petrochemical giants are confirmed victims of the so-called Night Dragon attacks, which began before November 2009 and remain ongoing. …
Maybe the rest of the world should erect its own "great firewall" and cut China off from the worldwide internet. While we're at it, cut off N. Korea too (loads of crap comes from there too).
I have blocked ALL traffic from China for years now. If you MUST let them have access then set up a seperate, minimalist system that they can spam/hack that won't matter so much.
Judging From My Experience With Corporate Germany
...this report could be fully true, except for the "McAfee solutions for the problem" part.
Instead of having a proper (ie speedy, pervasive) patch policy in place, the corpos have two-factor-authentication, x-ray machines to check the bag you bring in and restrictive physical access policies.
Worker's PCs have age-old firefoxes, age-old Flash and age-old JavaWebstart versions installed. Exfiltration by Google Mail's SSL is certainly possible. Spearphishing would be the easiest thing one can imagine.
The management people don't want to be bothered with the problem, they do not want to develop social and technological solutions which would reconcile security with business efficiency. All they are willing to do is to shell out money for some Magical Device, which would fend off the threat at the firewall. Because this does not require interacting with these smelly unshaved computer folks.
A sophisticated AppArmor- or Sandboxie-based solution could thwart this attack. But that would require more than writing a cheque. It would require these "skilled executives" to use their brain cells. Horrible !