Thursday, November 17, 2011

U.S.-China Economic and Security Review Commission Annual Report 2011

http://www.uscc.gov/annual_report/2011/annual_report_full_11.pdf

On behalf of the U.S.-China Economic and Security Review Commission, we are pleased to transmit the Commission’s 2011 Annual Report to the Congress—the ninth major Report presented to Congress by the Commission—pursuant to Public Law 106–398 (October 30, 2000), as amended by Public Law No. 109–108 (November 22, 2005). This report responds to the mandate for the Commission "to monitor, investigate, and report to Congress on the national security implications of the bilateral trade and economic relationship between the United States and the People’s Republic of China." In this Report, the Commission reached a broad and bipartisan consensus; it approved the Report unanimously, with all 12 members voting to approve and submit it.

---------------------------------------------------------------------------------

The "Computer Network Exploitation" section starting on Page 182 discusses the RSA SecurID attack, Operation Shady RAT, Night Dragon, and Targeted Gmail attacks. Here is a little gem from the top of Page 183....
The perpetrators then used information about the compromised RSA security product in order to target a number of the firm’s customers, including at least three prominent entities within the U.S. defense industrial base. Those intrusions and intrusion attempts, according to some reports, also originated in China and appeared to be state sponsored.

No comments:

Post a Comment