Category Archives: Country Profile

Flames of the Dragon: A Profile of the PRC’s Cyber Situation

Leave a reply

Since February of last year when the Mandiant Report was released, China has been at the forefront of cyber security news. It has become apparent that the PRC is waging all-out economic warfare through the use of widespread cyber espionage, intellectual property theft and massive data-exfiltration operations. China has a long history of copy-cat behavior and convoluted laws regarding intellectual property rights which support their various motivations for engaging in cyber espionage. Although much of this activity has been attributed to the Comment Crew (also referred to as APT1 by Mandiant), there are several organizations within the PRC’s hierarchy that contribute to these cyber intelligence operations.

There is also a looming concern over the PRC’s rapid expansion of their cyber-warfare capabilities. China appears focused on using their advances in cyber to balance their disparity with the U.S.’s traditional military technology and to add an additional layer to their anti-access strategy. A more frightening prospect is a build-up of military strategy that supports preemptive cyber-attacks which could lead to a cyberwar between the U.S. and China. This scenario may seem unlikely, but the NSA claimes to have foiled several Chinese cyber-attack attempts and there are reports of other recent cyber-attacks against the U.S. power grid.

The U.S. is not the only country that is concerned with China’s cyber behavior. The U.K. has addressed the PRC’s cyber espionage and expressed concern over the intentions of China’s Huawei Telecommunications company. Other European countries have accused China of accessing their foreign ministries as well. Mongolia has managed to join China’s target list having received a recent barrage of attacks, most likely in response to Mongolia’s outreach to Western nations. However, China’s cyber-attacks are not focused entirely on foreign nations. One of China’s primary targets for offensive cyber action is it’s own Tibet Autonomous Region. Several reports state that Tibet has become ground-zero for Chinese hackers and cyber-attacks in the PRC’s hunt for political dissidents within the region.

The PRC is committed to denying allegations that their central government is behind these cyber-attack and cyber-espionage campaigns. Several authorities within the U.S. also have expressed doubts over the hype of cyber escalation between the U.S. and China. The Obama administration has taken steps to initiate talks between the U.S. and China for improving cyber security between the two nations. The mood remains tense, especially following the revelations of Edward Snowden, with China accusing the U.S. of maintaining a double-standard in its behavior. Despite a steep decline in Chinese cyber activity following the release of Mandiant Report, China is back on the offensive with a resurgence of cyber-espionage efforts. It will be interesting to see where things go from here.

– by Ben Volcsko, Research Assistant

Profile of Brazil’s Overall Cyber Security Situation

Leave a reply

Brazil is often known for its coastal beauty but sadly it should also be recognized for its prolific cyber security concerns. According to Symantec, Brazil is listed as number 7 on their list of countries with the biggest cybercrime problems. Despite investing significant amounts of money into cyber start-ups and establishing cooperative cyber security agreements with Argentina, India and Russia, Brazil is still struggling to overcome the persisting challenge that cyber-criminals present. On top of this, Brazil has recently taken a hardliner stance against the U.S. following the revelations of Edward Snowden. Brazil has actively supported the U.N.’s Cyberprivacy Agreement and begun taking steps to bypass the U.S.-operated underwater cable systems in order to reduce their dependence on who they now perceive to be false friends. It appears that Brazil, however, is focused on the wrong issues as they still need to overcome large numbers of internal banking Trojans and substantial gaps within their cyber security dynamics. Some experts even claim that Brazil’s current security posture is so poor that they are wide open to cyber-invasion. Brazil has also taken steps to introduce cloud technology into their government networks which could magnify problems in their current state. On a positive note, Brazil is now realizing that effective policy and law for responding to cybercrime is necessary. Hopefully Brazil will follow-up these legislative acts with improvements in their cyber security practices to provide some teeth for their new resolve.

For another recent summary of Brazil’s cyber security situation, check out the National Center for Digital Government’s whitepaper Brazil and the Fog of (Cyber) War.

– by Ben Volcsko, Research Assistant