-
A unit of the Chinese army has been launching advanced persistent threat attacks against U.S. organizations including banks. Security software company Mandiant’s chief security officer offers insight and advice.
February 19 -
The Department of Homeland Security has issued advice to companies about how to better protect themselves from cyber attacks. Bill Stewart at Booz Allen helps explain what the guidelines mean for banks.
March 1 -
The White House has issued an executive order on cybersecurity. Now the hard work begins.
February 15
The White House is calling on the Chinese government to halt its alleged program of cyber intrusions on U.S. businesses and to discuss diplomatically what constitutes tolerable conduct for both countries in a digital age.
"Increasingly, U.S. businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber intrusions emanating from China on an unprecedented scale," Donilon said in
Donilon, who stressed that both China and the U.S. face risks when it comes to protecting personal data, critical infrastructure and financial transactions from electronic assaults, called on the Chinese to recognize the threat to trade their alleged spying poses, to investigate and stop the swiping of business plans and other information from American firms, and to engage in "direct dialogue to establish acceptable norms of behavior in cyberspace."
The remarks follow a report in February by digital security firm Mandiant that a group backed by China's People's Liberation Army has stolen business plans, technology blueprints, network user credentials and other information from at least 115 firms in the U.S. since 2006.
Financial firms are among those compromised, according to the report, although China has spent less time targeting the financial industry than information technology companies, aerospace firms and other businesses the Chinese view as strategically significant. Banks that look to do business in China or that team with a Chinese firm are most likely to trigger scrutiny from the group, which allegedly operates out of a building owned by the military in Shanghai.
Though China has denied the allegations while charging that its own computers have weathered cyberattacks from the U.S., the government says it would be willing to talk. "China is willing, on the basis of the principles of mutual respect and mutual trust, to have constructive dialogue and cooperation on this issue with the international community including the United States, to maintain the security, openness and peace of the Internet", Hua Chuying, a Foreign Ministry spokeswoman, told reporters on Tuesday, Reuters
The countercharges come amid efforts by the Obama administration to strengthen cybersecurity standards. In February, the president signed an
House Intelligence Committee Chairman Mike Rogers (R-Mich.) and Rep. Dutch Ruppersberger (D-Md.), the panel's ranking member, in February reintroduced legislation that would encourage sharing of information between companies and government agencies about cyber threats.
In his remarks Monday, Donilon said the administration views the Chinese hazard seriously. "I am not talking about ordinary cybercrime or hacking," Donilon said. "As the president said in the State of the Union, we will take action to protect our economy against cyber-threats."