Just below the fold of Sep­tem­ber 24th’s Wall Street Jour­nal is an arti­cle that sum­ma­rizes an 86-page report joint­ly recent­ly released by Threat­Con­nect and Defense Group Inc. Any­one respon­si­ble for man­ag­ing cyber risks for their orga­ni­za­tion needs to read the news arti­cle at the very least. Read on to learn why.

The report is enti­tled Project Cam­eraShy: Clos­ing the Aper­ture on Chi­na’s Unit 78020. Here’s an excerpt of the exec­u­tive sum­ma­ry:

[We have] attrib­uted tar­get­ed cyber espi­onage activ­i­ty asso­ci­at­ed with the “Naikon” Advanced Per­sis­tent Threat (APT) group to the Chi­nese People’s Lib­er­a­tion Army’s (PLA). This assess­ment is based on tech­ni­cal analy­sis of Naikon threat activ­i­ty and native lan­guage research on a PLA offi­cer with­in Unit 78020 named Ge Xing.

The moti­va­tion for the cyber espi­onage appears to be Chi­na’s increas­ing­ly aggres­sive claims on ter­ri­to­ry deep into the South Chi­na Sea, which is threat­en­ing eco­nom­ic and polit­i­cal sta­bil­i­ty in the region. So why is this impor­tant to you and me?

1. Read­ing the news sto­ry, you can real­ly see how far the pro­fes­sion­al­iza­tion of hack­ing has come. Although the sub­ject of the report is Chi­nese, you should assume the pro­file is the same (or more advanced) for hack­ers else­where in the world. That includes cyber­crime gangs, such as those in Rus­sia, and oth­er nation-state cyber armies.
2. What­ev­er image you have of hack­ers should resem­ble Ge Xing rather than the stereo­types per­son­i­fied by David Light­man in the 1983 movie War Games or Gavin Orsay from House of Cards.
3. You will see how many dig­i­tal foot­prints some peo­ple, even pro­fes­sion­al hack­ers, leave online. And how they can be col­lect­ed and ana­lyzed to re-con­struct a per­son­’s iden­ti­ty, in mul­ti­ple dimen­sions.
4. While the need for attri­bu­tion is great when some­one com­mits a com­put­er crime, even with all this evi­dence, it can be impos­si­ble in today’s world to hold peo­ple account­able for their ille­gal online actions.

As I think about Inter­net-depen­dent orga­ni­za­tions in the West, the most sig­nif­i­cant take­aways for me from this report are:

1. As defend­ers, we have to real­ize that online attack­ers have amaz­ing advan­tages as com­pared to tra­di­tion­al crim­i­nals.
2. Hold­ing the biggest and most capa­ble online crim­i­nals account­able often isn’t pos­si­ble.
3. In the face of inevitable and unre­lent­ing cyber attacks, we need to become great at detect­ing them and recov­er­ing quick­ly.

What do you think?