US firms told to be on guard against Chinese IP theft
The Trump Administration has released documents to help firms protect themselves against potential attacks
US-based companies have been warned by the government to protect themselves against hackers - particularly those originating from China after a spate of attacks on big businesses including HPE and IBM.
The National Counter-Intelligence and Security Center has been contacting security personnel within firms to beef up security on any trade secrets and other confidential intel to ensure if they are hacked criminals can't access sensitive information.
Specifically, the governmental department responsible for national security says it's worried about potential activity from state-supported hacker groups in China, Russia, North Korea and Iran.
National Counter-Intelligence and Security Center boss William Evanina said businesses should "know the intent of our adversaries and what they are trying to do economically to gain the upper hand. We are not saying don't invest in China or with China, but know the risk."
The security organisation has created a range of materials to support its campaign to knuckle down on attacks, including brochures detailing the types of attacks criminals are likely to launch (such as using fake social media accounts) and how to protect information. Some of the suggestions are to research apps before downloading them to make sure they're legitimate.
The National Counter-Intelligence and Security Center revealed there were nine high-profile attacks between July 2018 and December 2018 and at least two of these were traced back to China's main spy agency.
Russia also presents a pretty big risk to businesses and Evanina referenced evidence that the state had tried to infiltrate the country's power grids and communications, financial and transportation systems.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now