Goes waaaaaaay beyond tariffs and currency manipulation.
Has anyone else read about this yet? When I'm talking to friends and colleagues, clients or potential clients, I always bring up theft of intellectual property (IP from here on out) as a critical but rarely spoken of cybersecurity threat.
It's not just secret plans for nuclear weapons we're talking about.
Think on this: according to the article here, state-run hackers contracted freelance hackers. They created specialized malware. They hired internal actors. They were running this multi-vector hacking machine for six years. Dozens of aerospace companies were compromised in order for a state-owned Chinese firm to build a version of an airplane that's unashamedly a Frankenstein's monster of stolen technologies.
If you were a paranoid person, you could ask yourself the ramifications of this happening to sensitive defense and infrastructure technologies. It's not just the re-manufacturing, it's the fact that stealing critical technologies could be used to weaken the defenses of any perceived competitor or enemy of these aggressive nation-state actors.
The aerospace industry has been under threat for quite a long time but, as I've quoted, no one with intellectual property is safe. Not having operations in China doesn't mean your IP is safe either.
How do you stop this from happening? Visualization, segmentation, and zero trust are a key part of an overall holistic security posture to prevent the compromise of PII or IP.
Off the soapbox. Now go read this article!
Chinese hackers often helped with "forced technology transfer," breaching business partners and stealing their intellectual property, allowing the Chinese state-owned companies to put out high-end competing products in record time and at very low prices.