China Resumes Cyber-Attacks on U.S. Corporate, Government Networks
First, it's essential that you perform an inventory of critical information that resides on your computer systems, including anything that could help a competitor. This could include trade secrets, supply-chain data, manufacturing data, customer information, materials lists or anything else that could hurt you even if it's incomplete. Second, once you've found what's out there on your network, you need to protect it. This may include encrypting data and designs that must be available on a routine basis, limiting access to those who must use the data and then tracking their use. It may even include removing data from the network if loss of the information could be damaging to your company and that information does not need to be accessed frequently. Removing data from the network means moving it either to a computer that isn't connected to the Internet in any way or it could mean writing your trade secrets file to a CD-ROM and stashing it in a safe that nobody but a few people can open and then tracking who opens the safe. This is not to say that even those steps are perfect. After all, a Stuxnet-style attack can still get to even well-protected information, but it does reduce the risk. Meanwhile, maybe it's time to think of an up-to-date next-generation firewall that's smart enough to see when specific types of data are moving out of the company network and then preventing it. Of course, even next-generation firewalls can be subverted, but it's hard to do and if hackers are looking for targets of opportunity, such protection may encourage them to move on to easier targets.
But if your company's information is vital, then maybe it's time to engage professional help. Yes, it will be expensive. But how much would it cost your company if the Chinese passed the information along to a Chinese company that wanted to take your business away?