Thursday, July 28, 2011

EMC and AmCham-China: A Perfect Recipe For A Network Breach

Here is a classic scenario for how critical technology gets stolen. Take a C-level executive of a company whose focus is high value technology (like Cloud computing) and send him to a country who is spending millions of their currency to acquire that technology (like China) to speak at an event organized by an association that has itself been compromised (like the American Chamber of Commerce in China). 

The event I'm writing about is coming up on August 9 in Beijing: USITO/AmCham-China's ICT Breakfast Series: Cloud Meets Big Data

China is heavily investing in Cloud Computing, having set up its own Cloud Valley located in the Beijing Economic Technological Development Area for RMB 500 million.

One of AmCham-China's employees was sending out email messages with malicious attachments in January, 2011. These were not spoofed emails, which means that the entire organization's network had been compromised and probably still is.

The speaker for the event is the CTO of EMC Jeffrey Nick, whose RSA security division suffered a massive breach last March and whose company offers Cloud computing solutions.

This is a textbook case for how executives may be targeted and compromised by a nation state who's interested in their technology. And if this year has taught us anything, it's that everyone is vulnerable - even a top executive at one of the world's largest information security companies. 

No comments:

Post a Comment