Mandiant's report bolsters a long-held view within the U.S that entities based out of China are working on behalf of, or with the knowledge of, the Chinese government to steal U.S. intellectual property and trade secrets.
"Chinese actors are the world's most active and persistent perpetrators of economic espionage," a report by the Office of the National Counterintelligence Executive (NCIX) had noted back in October 2011. "U.S. private sector firms and cybersecurity specialists have reported an onslaught of computer network intrusions that have originated in China," the NCIX said.
The report pointed to a Chinese government initiative called Project 863, which provides funding and guidance for efforts to steal sensitive U.S. economic information and technology. "China will continue to be driven by its longstanding policy of 'catching up fast and surpassing' Western powers," it noted.
But China is not alone. Several intelligence reports, some dating back to 2005, have consistently warned about the U.S. being a target of economic espionage from state-sponsored entities around the world.
A 2012 report from the U.S. Department of Defense's Defense Security Service (DSS) says entities linked to East Asia, where China is located, and the Pacific region, accounted for 42% of all attempts to collect sensitive U.S. data illegally. The report considered a range of espionage activities, and not just cyberespionage.
The second most active region, with 18% of all reported attempts, was the Near East, which is identified in the report as a region comprising of countries like Iran, Israel, Libya and Saudi Arabia. Entities based in Europe accounted for about 15% of the attempted attacks since 2007, the report said.
DSS said there is a moderate likelihood of increased exploitation attempts from cyber actors from South and Central Asian countries such as India, Pakistan and Bangladesh over the next few years. "The region's active and growing IT sector produces and employs individuals capable of hacking computer systems," the report noted.
"While no reporting indicates these South and Central Asia IT companies are acting as intelligence collection sources at this time, their capabilities are likely advanced enough for them to be exploited as a collection tool," the report cautioned.
In its 2011 report, the NCIX noted that many countries view economic espionage as vital to their national security and economic prosperity. Several of those countries are engaged in programs that combine collection of information from open sources, human intelligence and cyber operations that include network intrusions and insider access to corporate and proprietary networks.