China fingered for Coca Cola hack - report Suspected Chinese hackers launched damaging cyber raids on several big name multi-nationals over the past few years, including Coca Cola, according to new reports. Fizzy drink giant Coca Cola, British energy company BG Group, Luxembourg-based steel maker ArcelorMittal and Chesapeake Energy were all named by Bloomberg as having …
Exfiltrating is the term used in security when an attacker sends stealthily out the data she has stolen in a system. The objective is to avoid detection. This terminology is widely used when describing Advanced Persistent Threats (APT), which is what this article describes. RSA published last year an excellent report on this topic.
[1] When Advanced Persistent. Threats Go Mainstrean, RSA, 2011 available at www.rsa.com/innovation/docs/sbic_rpt_0711.pdf.
It is not unreasonable to suspect that China exercises an ability to perform economic espionage just as much as the US does (but without blatantly legalising it such as the US has done with TSA border control), but my problem with these reports is that they are very thin on facts - I'd love to see more detail on how they arrived at that conclusion.
Especially the Google report very suspiciously coincided with a need to pull out of China without losing face because they couldn't compete with the incumbent provider, Baidu. Reporting that a hack by the evil Chinese was to blame was less painful to their stock price than admitting they pulled out because they hadn't managed to make a dent..
Thus, I remain cynical. It's all too glib.
"It is not unreasonable to suspect that China exercises an ability to perform economic espionage just as much as the US does (but without blatantly legalising it such as the US has done with TSA border control)"
Could you please explain to me how TSA border control legalizes or enables economic espionage please, because I don't understand it and, frankly, the parallel seems stupid.
"Could you please explain to me how TSA border control legalizes or enables economic espionage please, because I don't understand it and, frankly, the parallel seems stupid."
You may want to pay some attention then. The TSA is exempt (at least according to the Supreme Court) from the Fourth Amendment restriction on search and seizure (see http://reason.com/blog/2012/10/02/fourth-amendment-challenge-to-tsa-scanne). There are ZERO controls on what the TSA does when it takes your electronic devices, which it routinely does on the pretext of "scanning for terrorist activity" or whatever excuse du jour - and you have zero comeback.
As anyone who works with larger institutions knows, no comeback or control inevitably leads to abuse, and given other US international activities it is safe to assume that economic espionage is one of the goals. As a matter of fact, almost any bank, financial institution and high tech company I have worked with on security have very explicit policies in place regarding the crossing of the US border - some even ban carrying a company phone unless it's wiped prior to the journey.
Although similar issues exist when you travel to China or Russia (crypto products are a big gotcha), I personally find it spectacularly stupid of the US to turn itself into a nation that is no longer trusted by anyone. Even the Hollywood advertising can no longer gloss over what is happening. It is very, very disappointing.
If the latter, has he suffered any sanctions?
Have any other staff ever been sanctioned for letting in malware?
Actually, this is probably the best argument for VPs having iPads - take away all their other computing and lock them in a walled garden.
Many of them seem to think they can do their work on an iPad, so let them.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
