You have curiously took it a step further than the security experts I have talked to, who were involved in the case. They are saying alleged yet. You spake as if it is for sure. 

There is no way to positively tell who leads these attacks. Just because the incriminating server resides in China does not mean they were they ones controlling it. Until that can be proven, one had better not forget to use alleged.

Well, they say there are three sidestoa story: Your side, My side and thenthe truth. Here is China's response to the allegations:

"Even those with little understanding of the internet know that hacking attacks are transnational and concealable," said the signed Chinese-language commentary, which could not be found on the paper's English website.

"IP addresses simply do not constitute sufficient evidence to confirm the origins of hackers," it added.

The People's Daily accused the United States of fanning "fear of China" out of self-interest, saying that it has invoked national security as a justification for trade protectionism and economic sanctions.

The 'China threat'
"America keeps labelling China as hackers, simply playing up the rhetoric of the 'China threat' in cyberspace, providing new justification for America's strategy of containing China," it said.

The article repeated the Beijing government's position that China is also a victim of hacking, saying that there were more attacks from US-based IP addresses on Chinese websites in December than from any other country.

Despite this, it said, "China did not draw simple inferences or hasty conclusions about the attack source".

There were attacks from 3 000 foreign IP addresses in the month, it added."

"That's not the case in most companies. And, unless sensitive data is stolen, like credit card or Social Security numbers, companies have no obligation to tell anyone that they were hacked.

In fact, going public would only hurt a company's brand image and stock price. Plus, other hackers might read about the infiltration and get the idea that the company has weak security and is a prime target for their own efforts."

Hi Maria,

I thought companies have an imposed federal obligation to report all cases of cyber attacks? While companies's may have a legitimate reason(s) not to disclosed cyber attacks, Ithink that such an attitude will undermine the overally fight against cyber crimes. Don't you think there are many important things we could learn from these disclosures andthen use to develop strategies to combat cyber attacks?

=MH : "These attackers are extremely sophisticated."

I see that all the time

and then when we get to the core of the matter the hack turns of to be basic and commonly used .

e.g. the RSA hack -- which was just a phish message using an infected flash object .

or as for the case of the wired editor -- someone pulls a Kevin Mitnick and just smooth talks the help desk out of the key information . That happened to Gregg Hoglund too as I recall .

=MK: "that heavily relies on standard business productivity and layout software, which traditionally isn't available for Linux."

i will have to conceede that to you for now: documents produced by LibreOffice (3.5) under Linux are being rejected by MSFT/Office (2010).

I have some dialogs going on this. It will probably resolve as MSFT had agreed to the ISO standards

certain software is only available for Windows . If I recall in the Google switch employees had to get special permission for a Windows system after the policy change . 

the thing to do then would be to make sure any Windows system still running was not public facing .

I guess I'm not surprised a legal argument can be made out for the President having that power.  Ironically, less than two years ago, the Pentagon made out an argument that cuberwar was the same as conventional war.  Of course, that was to justify retaliation.

These attackers are extremely sophisticated. Do you think this attack will be linked th attacks to China? Any reports of where the attacks originated from?

I don't know which is a more terrifying scenario: That terrorist hackers destroy us or that our government destroys us in an effort to "save" us. Surely the same countries that, during times of traditional warfare, came up with, for example, the bouncing bomb (Britain) and the atomic bomb (US) when they felt this was what was absolutely needed, can develop a more secure network -- while simultaneously not stripping law-abiding citizens (and residents of allied nations) of their rights.

And what about the Twitter outage last week? Do we know whether that was the result of an attack?

Legal advisors, working in secret, say that the President has broad powers for a preemptive strike in case of cyber-attack. Apparently, here in the 21st Century, we've left the Constitution behind us.

fonstruistra - And the US's broad claims of surveillance problems make foreign businesses concerned about using American cloud service providers.