Corporate espionage by which companies hack into the computers of their competitors and steal trade secrets is nothing new. This has been a particular problem for companies around the world that have been targeted by Chinese hackers often affiliated with the Chinese government. I reported to you two years ago when the United States Justice Department indicted five members of the Chinese military on charges related to cyberattacks against a number of American companies including US Steel, Allegheny Technologies and SolarWorld. Those indictments represented the first time that criminal charges of economic espionage were ever been brought against a foreign country. Now, for the first time, Su Bin, a Chinese businessman has pleaded guilty to assisting two Chinese military hackers in stealing trade secrets related to Boeing’s C-17 military transport plane as well as fighter jets. The hacking occurred between 2008 and 2014. Just this past Fall, China agreed with the United States government that it would not engage in economic cyberespionage, however, it remains to be seen whether China considers hacking of companies that are part of the military industrial complex subject to that agreement or whether they consider such hacking to be permissible hacking for matters of national security. Regardless, this legal action by the Justice Department is a further indication of its increased commitment to pursuing cybercriminals.
So what does this mean to you?
In so many major hacks and data breaches including many done by foreign hackers against American companies, the malware has been installed on the victim’s computers by the victim himself who in each case unknowingly downloaded an attachment containing malware or clicked on a link with malware. If these people had been regular readers of Scamicide they would have known that you should never click on a link or download an attachment unless you are absolutely sure that they are legitimate. Merely because an email, text message or other communication appears to come from someone you know and trust does not mean that it is legitimate. Never click on a link or download an attachment unless you have independently verified through a telephone call, text message or email with the person who it appears is sending you the communication with the attachment or link to be clicked on. Additionally, you should always make sure that your anti-malware software and anti-virus software is up to date although as I have often told you, even then your security software is only about 5% effective against the very latest malware programs.