The attention paid to Chinese cyberwarfare may be increasing, and warnings of doomsday from the government correspond to the new attention, but a new report from Mandiant, the company hired

by _The New York Times_ to cleanse their servers after a Chinese attack, suggests that, at long last, private companies are beginning to devote the resources required to fend off these

deaths by a thousand cuts. In the past, embarrassment, risk aversion, and a sense that if a state does it, our state has to respond to it, has prevented the development of cyber-defense best

practices, even for companies that control big systems that touch our lives daily. In 2011, only 6 percent of Mandiant clients discovered a cyber intrusion on their own. In 2012, 37 percent

attacking techniques are getting more efficient. It's easier for attackers to map networks now. And it's easier to identify meaty morsels to steal or compromise. SUBSCRIBE TO THE

WEEK Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives. SUBSCRIBE & SAVE SIGN UP FOR THE WEEK'S FREE NEWSLETTERS From our morning

news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox. From our morning news briefing to a weekly Good News Newsletter, get the best of

The Week delivered directly to your inbox. Mandiant says that, according to its research, defense companies are the most frequent targets of APT1 — "Advanced Persistent Threat 1,"

which refers to a specific and controlled campaign of cyber espionage by a single military entity in China. Oil and gas and other energy companies are next, followed by financial

institutions. The targeting of media has increased threefold, from 2 percent to 7 percent. China has figured out that small companies with expensive secrets often outsource their information

technology services to larger defense companies, and often will use the outsourced firm as a mechanism to get to their real target. General IT service providers are also used as a mechanism

to infiltrate real targets. Indeed, Chinese hackers will often implant malware on the network and wait until a chance comes to compromise the intended target. This suggests a very high

degree of coordination and planning. Intelligence gathering is a hallmark of sophisticated Chinese hacking; the idea of network reconnaissance in the cyber world is analogous to what the CIA

does in mapping out a terrorist network. Before acting, they spend months, if not years, figuring out the organizational chart, figuring out the vulnerabilities, looking for couriers and

points of connection, and then attacking when their picture is of a high enough fidelity. Additionally, the correspondence between the technology stolen and the needs of Chinese industry is

very close. Even when companies detect and rid themselves of the threat, Chinese hackers are likely to re-attack the same enterprise 40 percent of the time. The most interesting part of

Mandiant's report is what they have to say about the PLA unit that is likely responsible for the largest and most damaging cyber-intrusions: Unit 61398, which is organized as a discrete

intelligence unit under the PLA's General Staff Department's 3rd Department, which is responsible for military intelligence. _The New York Times_ has reported some of it, but

Mandiant goes into more detail in their new report. A free daily email with the biggest news stories of the day – and the best features from TheWeek.com Mandiant has also decided to be

helpful to companies it does not do business with. It's releasing what it knows about the Unit's techniques, which will give U.S. companies a better sense of how to defend against

them. China will come up with new techniques, and the old ones will still work for a while, but the open-sourcing of this information will benefit everyone. It hardens the target, assuming

that Americans take it seriously.