Increasing Digital Security Threats in China

Vigilinx Network Security Threat Assessment Identifies Increasing Digital Security Threats in People’s Republic of China


Espionage, sabotage, information warfare, and hacktivist groups

represent most severe threats to U.S. and Western firms

A three-year profile of network security threats in the People’s Republic of China (PRC) has identified a growing “threatscape” in a nation playing an ever-growing role in the world trade and economic development arena. The most severe threats exist in areas such as espionage, sabotage, information warfare, and groups & causes activities, suggests a new report by Vigilinx, Inc., the leading full service provider of digital security solutions.

The 101-page assessment, the latest in a series from Vigilinx, Inc., concludes that operating profitably and securely in China, now the world’s second largest economy, demands employing the most stringent security measures.

“From a network security perspective, the situation in China is especially complex. While the PRC government strongly encourages and promotes foreign businesses and investment, there exists political and economic conditions that translate into network security threat factors for U.S. firms,” said Bruce Murphy, Vigilinx CEO. “The political situation is marked by many well-organized activist groups that have adopted `hacktivism’ to promote their causes or attack their critics. Further complicating the situation is a stated government policy to gain total control over Internet activities.”

The report, which analyzes network security threats in the PRC from 1999 through 2001, uses the firm’s exclusive Threat Axis Analysis system to identify more than 25 major security threats within seven primary network security “threat axes.” These are Sensitive Intrusion; Information Warfare; Espionage & Sabotage; Groups & Causes; Malicious Codes & Their Application; Intellectual Property Theft & Infringement; and Computer Crime.

The Vigilinx report shows that three of these axes, Espionage & Sabotage, Information Warfare and Groups & Causes, pose especially severe threats toward U.S. and Western businesses. The findings include:

— Espionage & Sabotage. While it is much more difficult to

identify, isolate and confirm PRC espionage efforts in

cyberspace, there are numerous examples of hackers suspected

of having links to the PRC government breaking into government

and corporate networks and systems.

— Information Warfare. Perhaps the greatest potential threat to

U.S. firms operating within or near to the PRC is the prospect

of information warfare waged by the PRC military. The U.S.

Secretary of Defense recently stated that “China increasingly

is viewing information Operations/Information Warfare as a

strategic weapon to use outside traditional operational


— Groups & Causes. This includes organized bands or individuals

who espouse a particular criminal, political, religious, or

other cause, and that attack publicly accessible Web sites or

e-mail servers. While these attacks generally do not alter

operating systems or networks, they may shake foreign

investors’ confidence in e-commerce ventures in the PRC or


The report also cites recent events that have focused national attention on the threat posed by China to U.S. and Western firms. These include:

— On April 3-4, PRC Hacktivists began defacing U.S. government

and commercial sites;

— Between April 30-May 8, a U.S.-China Hacker War ensued;

— On June 11, the California Independent Systems Operator

admitted its electricity transmission grid control system was

attacked by possible PRC hackers during April/May; and;

— On June 22, Lawrence Gershwin, the National Intelligence

Officer for Science and Technology, testified before the Joint

Economic Committee, specifically cited the PRC as an

Information Warfare threat.

“Effectively addressing these concerns is critical for companies that hope to profit from the expanding economy in China, which enters the 21st Century as the world’s fastest rising power,” Vigilinx’ Murphy added.

In addition to the threatscape analysis, the Vigilinx report details China’s network infrastructure and the high government involvement in all aspects of it. It also provides a blueprint for planning and implementation of positive and resourceful security measures to successfully address critical network security issues.

The PRC report is one of a series of Vigilinx knowledge products that address the need for companies and institutions to adopt focused and preemptive digital security strategies. Developed by leading security and geopolitical analysts, the knowledge products promote development of effective technology solutions that can be put in place before potential threats become reality. Each of these products provides threat awareness at multiple levels: for the organization, the enterprise, and for current and future global e-commerce initiatives.


Vigilinx is the leading full service provider of digital security solutions, offering a complete line of security products and services including security intelligence, managed security services, knowledge products, security advisory consulting, integration services, investigation/forensics services, and training. The company has industry practices devoted to vertical markets including financial services, telecommunications, government, media and entertainment, and general services. The firm serves both mid-sized and Fortune 500 companies including Cablevision, New York Life Insurance Company, Saks, News Corporation, Cardinal Health, The Sony Corp. of America, and Viacom. Visit the company online at

Don't miss