Chinese hacking continues to build anger in American business and government circles. As a result, private companies may be encouraged to do more than passively defend their networks as evidenced by the recent report of a commission headed by two Obama appointees, former US Ambassador to China (and minor GOP Presidential candidate) Jon Huntsman and

In response to some of the privacy criticisms of the Cyber Intelligence Sharing and Protection Act (CISPA), the House Intelligence Committee is proposing amendments to the bill.  Politico’s Tony Romm reports on some of the likely amendments:

Still another amendment specifies clearly that CISPA won’t allow companies to “hack back” their hackers in pursuit of

Will international law and diplomacy limit cyberwar? Those who believe in international “norms” for cyberwar usually argue that cyberattacks on financial institutions are beyond the pale.

For example, Harold Koh has declared the State Department’s view that cyberwarriors “must distinguish military objectives … from civilian objects, which under international law are generally protected from attack.”

Bloomberg Businessweek has a remarkable story about the identification of another Chinese hacker. It’s a long, tangled, and fascinating tale of good sleuthing by several researchers, but the trail ends with Zhang Changhe, a digital entrepreneur and teacher — at a People’s Liberation Army school that is suspected of training PLA hackers.

In the denouement,

Once again, Ellen Nakashima of The Washington Post has broken a cybersecurity story:

A new intelligence assessment has concluded that the United States is the target of a massive, sustained cyber-espionage campaign that is threatening the country’s economic competitiveness, according to individuals familiar with the report.

The National Intelligence Estimate identifies China as the

The Washington Post’s Ellen Nakashima wrote another cutting-edge article on innovative approaches to network defense.  I’ve blogged before about honeytokens, deceptive files that leave hackers with false data while flagging the intrusion to defenders.  The article suggests that their use is growing, as other defensive techniques prove ineffective:

Brown Printing Co…began planting fake data