Security Experts:

Connect with us

Hi, what are you looking for?


Network Security

New National Intelligence Estimate to Detail China’s Cyber Threat

Two former U.S. officials have told the Associated Press that a new National Intelligence Estimate (NEI) is being prepared, and that it will include details of the economic impact cyberattacks from China have on the nation.

Two former U.S. officials have told the Associated Press that a new National Intelligence Estimate (NEI) is being prepared, and that it will include details of the economic impact cyberattacks from China have on the nation.

The NIE reflects the views of the nation’s intelligence agencies, and according to the officials who spoke to the AP on the condition of anonymity (as they were not authorized to discuss the classified report), the latest report is expected to detail cyberthreat data, particularly form China, and the impact it has on the U.S. economy. Moreover, it will cite the role played by the Chinese government in state-sponsored espionage.

National Intelligence Estimates Cyber ThreatsAccording to the AP report, such threats pose a growing problem. The NIE is also expected to place a serious amount of emphasis on diplomatic and trade measures that can be used against China’s government for their role in these ongoing campaigns. According to comments made to the AP by Secretary of State Hillary Rodham Clinton, the U.S. will begin making it clear to China that both government and private sector will be protected from cyberattacks and other intrusions.

The need for a stronger stance and reaction can be attributed to attacks similar to the ones that were disclosed at The New York Times and The Wall Street Journal this week. According to the Times, 53 employees were targeted by hackers in China by what is presumed to be a Spearphishing attack, which gave the attackers their network credentials.

This resulted in 45 pieces of malware being created, each one unique and previously unknown to the signature engines used by Symantec – who provides endpoint protection to the Times.

The malware was used to control the systems and record keystrokes and other data, as part of an effort to discover sources who fed information to the Times about Premier Wen Jiabao. The Times said that the breach lasted four months, noting that Symantec’s software only detected one of the samples during the entire event.

In a statement Symantec indirectly, passively even, suggested that the Times failed to utilize all of the features available to them as part of a layered security program. The AV giant said that attacks such as the ones detailed by the Times underscore how important it is for companies, countries and consumers to make sure they are using the full capability of [their] security solutions.

“The advanced capabilities in our endpoint offerings, including our unique reputation-based technology and behavior-based blocking, specifically target sophisticated attacks. Turning on only the signature-based anti-virus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats. We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security. Anti-virus software alone is not enough,” Symantec’s statement said.

A day after the Times story ran, The Wall Street Journal said they too were hit by Chinese hackers.

“Evidence shows that infiltration efforts target the monitoring of the Journal’s coverage of China, and are not an attempt to gain commercial advantage or to misappropriate customer information,” said a statement from Paula Keve of Journal parent Dow Jones, a unit of Rupert Murdoch’s News Corp.

For their part, China calls the claims by both news publications groundless. Speaking to the report from the Times, Foreign Ministry spokesman Hong Lei told reporters in Beijing “competent Chinese authorities have already issued a clear response to the groundless accusations made by the New York Times.”

“To arbitrarily assert and to conclude without hard evidence that China participated in such hacking attacks is totally irresponsible. China is also a victim of hacking attacks. Chinese laws clearly forbid hacking attacks, and we hope relevant parties takes a responsible attitude on this issue.”

In related news, Symantec reported on Thursday that they’ve discovered a targeted attack aimed at high-level employees in the defense and aerospace industries. There have also been reports of users in China being targeted by a Man-in-the-Middle attack on GitHub.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Threat Intelligence

How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.


The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...