Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Why China Wants Your Sensitive Data
Oldest First  |  Newest First  |  Threaded View
Page 1 / 2   >   >>
smb2015
100%
0%
smb2015,
User Rank: Apprentice
6/24/2015 | 1:16:18 PM
Have you considered....
That a reason China is collecting medical data is to be 1st to market with potential Pharma drugs. The Pharma industry is huge as we all know. China can compete better in this space if they can predict through data analytics what kinds of medical treatments and medicines are going to be in need for US citizens. The amount of data they have collected can easily show trends. The data can also provide China with insight into what Pharma's are doing in the US to treat illnesses (conventional and test treatments). This would given China a bit of a leap in its research efforts.
Kevin Runners
100%
0%
Kevin Runners,
User Rank: Apprentice
6/25/2015 | 8:36:59 AM
Re: Have you considered....
smb2015 is totally right in my opinion. China always wanted to be first to market with Pharma drugs.
jries921
50%
50%
jries921,
User Rank: Ninja
6/25/2015 | 3:44:53 PM
That follows my own thinking as well
But it could and probably will be used to recruit agents of influence as well as spies; and I'm guessing that it will also be used to dig up dirt on or otherwise punish persons deemed to be enemies residing in the US.
Adam Meyers
100%
0%
Adam Meyers,
User Rank: Apprentice
6/25/2015 | 3:59:31 PM
Re: Have you considered....
Absolutely - in fact the Chinese agenda for healthcare is well documented in the 12th Five Year Plan. The Chinese have interest in not just pharmaceutical drugs, but also medical technology ranging from advanced diagnostics to simple stints and tubing. As China continues to mature they are increasingly facing a huge issue in terms of preventable and treatable disease.  In the current 5 yearplan, they also outline the need to improve domestic hostpital systems, and other medical related infrastructure. First to market is one possible outcome, however, there is also a huge potential market domestically in China that can be served through Chinese enterprises. First to market may not be as important as fullfilling the domestic market.

One must also consider multiple intelligence requirements being filled by targeting health insurance companies. This could faciliate future targeting of pharma and medical victims, it could provide insight into how the US Healthcare System works to aid Chinese healthcare systems, and it could be used to facilitate and corroborate information on specific individuals for human intelligence collection. I imagine the answer is all that and more, the Chinese have a lot of work to do as the endeavor to increase their position on the world stage.

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/26/2015 | 9:20:55 AM
intelligence-driven security
I agree with the article. We are going beyond protecting ourselves from malware or DDOS attacks to your network infrastructure or systems. It is becoming more about protecting overall business and customer and employee private information. As recent attacks, such as Sonny Pictures and Federal Employees, show it is becoming very costly to lose any employees' personal information.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/26/2015 | 9:23:08 AM
Re: Have you considered....
I hear you. Or the reason as simple as if you know more information about the public you can adjust, control and do better in sating in power. It may be as simple as that.  :--))
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
6/26/2015 | 9:26:02 AM
Re: That follows my own thinking as well
Interesting... There is always some type of related undercover operation when we think China, they are just doing what all other countries have been doing for long time. :--))
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
6/26/2015 | 9:31:47 AM
Re: Have you considered....
It makes sense. In US we have been already experiencing those types of analytics driven targeting individuals. That is what Google, Facebook, Amazon, ... and other social media networks are all bout. Knowing what you do, what you buy and target you based on the knowledge gain from it. This includes medications and other health related products.
Enrico Fontan
50%
50%
Enrico Fontan,
User Rank: Strategist
6/27/2015 | 5:51:12 AM
Define the boundaries
I agree, Intelligence needs to be properly "tuned" to focus on business relevant data.

It's nearly impossible to look at everything, companies have to protect their critical data and feed attackers with public or "bogus" information.

To reach this goal SOCs needs a direct connection to the Board to define the proper boundaries.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
6/29/2015 | 11:54:00 PM
Re: Have you considered....
This reminds me of how I like to play Civilization II... use spies to steal technology until I'm the most advanced civilization in the world.

Of course, by that point, the rest of the world hates me and distrusts me, but who cares; I have way better military technology than they do and my spies can subvert their cities.  :p
Page 1 / 2   >   >>


Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
US Sets $5 Million Bounty For Russian Hacker Behind Zeus Banking Thefts
Jai Vijayan, Contributing Writer,  12/5/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Our Endpoint Protection system is a little outdated... 
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19604
PUBLISHED: 2019-12-11
Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository.
CVE-2019-14861
PUBLISHED: 2019-12-10
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permiss...
CVE-2019-14870
PUBLISHED: 2019-12-10
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authent...
CVE-2019-14889
PUBLISHED: 2019-12-10
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence...
CVE-2019-1484
PUBLISHED: 2019-12-10
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.