A story in yesterday's London Sunday Times that will not amuse the Chinese government says that the UK security service MI5 is claiming that undercover intelligence officers from the Chinese People’s Liberation Army and the Ministry of Public Security have approached UK businessmen at trade fairs and exhibitions with the offer of "lavish gifts" such as cameras and not so lavish gifts such as memory sticks that contain malware meant to remotely access their computers.
The Times says that the information is in a 14-page MI5 document it has seen. According to the Times, the document states that the Chinese government "represents one of the most significant espionage threats to the UK," and that, "Any UK company might be at risk if it holds information which would benefit the Chinese."
The Times also says that the Chinese are also targeting UK businessmen the good old fashion way as well - i.e., through offers of sex and money.
Accepting free memory sticks at trade fairs - international or otherwise - is pretty dumb, and I am surprised that companies at trade fairs even offer them any more because of the obvious risk. You may recall that a few years ago, thumb drives with malicious code were found lying around the US Department of Justice just waiting for some curious person to plug them into the DOJ's network.
I suppose that some people just can't pass up something that is "free."
Contributing Editor Robert N. Charette is an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Along with being editor for IEEE Spectrum’s Risk Factor blog, Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.