Mandiant, one of the most respected information security consultancies, released a groundbreaking report that “named and shamed” the Chinese military (PLA) over a campaign of widespread intrusions in the US companies for the purpose of stealing intellectual property. It is probably one of the most important reports of its kind ever released and well worth your time to read. It’s been said that this group probably wasn’t responsible for the NightDragon, Aurora, or ShadyRAT (the case studies we read earlier).
As much as a state-sponsored “cyber army” (cue lightning and thunder) should be intimidating to us information security professionals, the techniques and tools used by 95% of these groups are fairly unsophisticated. They target out of date MS Office applications, unpatched Adobe Reader, and less than secure internet browsers. Please read the report (APT1: Exposing One of China’s Cyber Espionage Units) . In light of this report, what type of controls might contribute to a defensive network?
Your answer in your own words 250 words or 1/2 page
Full Report – http://intelreport.mandiant.com/