Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Why China Wants Your Sensitive Data
Oldest First  |  Newest First  |  Threaded View
Page 1 / 2   >   >>
smb2015
smb2015,
 User Rank: Apprentice
6/24/2015 | 1:16:18 PM
Have you considered....
That a reason China is collecting medical data is to be 1st to market with potential Pharma drugs. The Pharma industry is huge as we all know. China can compete better in this space if they can predict through data analytics what kinds of medical treatments and medicines are going to be in need for US citizens. The amount of data they have collected can easily show trends. The data can also provide China with insight into what Pharma's are doing in the US to treat illnesses (conventional and test treatments). This would given China a bit of a leap in its research efforts.
Kevin Runners
Kevin Runners,
 User Rank: Apprentice
6/25/2015 | 8:36:59 AM
Re: Have you considered....
smb2015 is totally right in my opinion. China always wanted to be first to market with Pharma drugs.
jries921
jries921,
 User Rank: Ninja
6/25/2015 | 3:44:53 PM
That follows my own thinking as well
But it could and probably will be used to recruit agents of influence as well as spies; and I'm guessing that it will also be used to dig up dirt on or otherwise punish persons deemed to be enemies residing in the US.
Adam Meyers
Adam Meyers,
 User Rank: Apprentice
6/25/2015 | 3:59:31 PM
Re: Have you considered....
Absolutely - in fact the Chinese agenda for healthcare is well documented in the 12th Five Year Plan. The Chinese have interest in not just pharmaceutical drugs, but also medical technology ranging from advanced diagnostics to simple stints and tubing. As China continues to mature they are increasingly facing a huge issue in terms of preventable and treatable disease.  In the current 5 yearplan, they also outline the need to improve domestic hostpital systems, and other medical related infrastructure. First to market is one possible outcome, however, there is also a huge potential market domestically in China that can be served through Chinese enterprises. First to market may not be as important as fullfilling the domestic market.

One must also consider multiple intelligence requirements being filled by targeting health insurance companies. This could faciliate future targeting of pharma and medical victims, it could provide insight into how the US Healthcare System works to aid Chinese healthcare systems, and it could be used to facilitate and corroborate information on specific individuals for human intelligence collection. I imagine the answer is all that and more, the Chinese have a lot of work to do as the endeavor to increase their position on the world stage.

 
Dr.T
Dr.T,
 User Rank: Ninja
6/26/2015 | 9:20:55 AM
intelligence-driven security
I agree with the article. We are going beyond protecting ourselves from malware or DDOS attacks to your network infrastructure or systems. It is becoming more about protecting overall business and customer and employee private information. As recent attacks, such as Sonny Pictures and Federal Employees, show it is becoming very costly to lose any employees' personal information.
Dr.T
Dr.T,
 User Rank: Ninja
6/26/2015 | 9:23:08 AM
Re: Have you considered....
I hear you. Or the reason as simple as if you know more information about the public you can adjust, control and do better in sating in power. It may be as simple as that.  :--))
Dr.T
Dr.T,
 User Rank: Ninja
6/26/2015 | 9:26:02 AM
Re: That follows my own thinking as well
Interesting... There is always some type of related undercover operation when we think China, they are just doing what all other countries have been doing for long time. :--))
Dr.T
Dr.T,
 User Rank: Ninja
6/26/2015 | 9:31:47 AM
Re: Have you considered....
It makes sense. In US we have been already experiencing those types of analytics driven targeting individuals. That is what Google, Facebook, Amazon, ... and other social media networks are all bout. Knowing what you do, what you buy and target you based on the knowledge gain from it. This includes medications and other health related products.
Enrico Fontan
Enrico Fontan,
 User Rank: Strategist
6/27/2015 | 5:51:12 AM
Define the boundaries
I agree, Intelligence needs to be properly "tuned" to focus on business relevant data.

It's nearly impossible to look at everything, companies have to protect their critical data and feed attackers with public or "bogus" information.

To reach this goal SOCs needs a direct connection to the Board to define the proper boundaries.
Joe Stanganelli
Joe Stanganelli,
 User Rank: Ninja
6/29/2015 | 11:54:00 PM
Re: Have you considered....
This reminds me of how I like to play Civilization II... use spies to steal technology until I'm the most advanced civilization in the world.

Of course, by that point, the rest of the world hates me and distrusts me, but who cares; I have way better military technology than they do and my spies can subvert their cities.  :p
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-1172
PUBLISHED: 2023-03-17
The Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the full name value in versions up to, and including, 21.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that w...
CVE-2023-1469
PUBLISHED: 2023-03-17
The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenti...
CVE-2023-1466
PUBLISHED: 2023-03-17
A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0. It has been rated as critical. This issue affects the function view_student of the file admin/?page=students/view_student. The manipulation of the argument id with the input 3' AND (SELECT 2100 FROM (SELECT(...
CVE-2023-1467
PUBLISHED: 2023-03-17
A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file Master.php?f=delete_img of the component POST Parameter Handler. The manipulation of the argument path with the input C%3A%2Ffoo.txt le...
CVE-2023-1468
PUBLISHED: 2023-03-17
A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=reports&date_from=2023-02-17&date_to=2023-03-17 of the component Report Handler. The manipula...