An interesting report from Mandiant on APT1: http://intelreport.mandiant.com/

An interesting counter to this report:
http://www.businessinsider.com/mandiant-china-report-questioned-2013-2

My point being, why is that China is pushed into the lime light when ever it comes to any incident involving cyber espionage? I mean they are not the only actors involved, there are other actors like Israel, Russia and USA itself doing the same stuff(allegedly).

Like anything, it's about the money. China is about to overtake the US as the largest economy in the world. The have been doing it by stealing, manipulating currency, horrible labor practices as well as cyber warfare... you name it, China is doing it. This is why it always goes back to China.

<rant>I just wish we had the balls in the US to not only fight back but also call a spade a spade. China would not be in the position they're in without the US. So what are we so afraid of and why can't our leaders not only take action but also speak it outloud? Instead we get a bunch of wimps talking about trying to emulate China's economic model. Why? Because they say it's been successful. So are we willing to go down that path just to beat China at it's own game? That's so far beneath us and what we stand for as a freedom loving republic. We were number one by a long shot without having to emulate a Socialist country. If we just stand up and fight back, we can be again.</rant>

I'm just going to stop there before I get too heated.

Don

My only fear about all this is that we suck at defense. I'm not sure we (USA)  could withstand a serious attack...

I think the large difference (besides the population ) is that China is filling the seats and training the people.  We are hung up on buying the next magic box rather than concentrating on building the skill pool up.  Where are the incentives to push future college students toward building their skills in the field?  I am not talking strictly the offensive, but we need skilled architects, sys admins, and developers who know how to properly build and manage their environments.

We are so focused looking out over the wall trying to find the next attack.  How do you prepare for an attack that could come from anywhere?  The energy is best spent ensuring that if an attack occurs the damage is kept to a minimum.  Stop buying more hardware and software and start using all the features of the stuff you already own!  Most of the major AV products have a number of features that are rarely used fully (app whitelisting, configured client firewalls, IPS etc..).  Segment the networks, not just to organize, but to limit unnecessary traffic from hopping across the network.  Not everyone needs to RDP into a file server, that can be limited through at least 3 different ways depending on the setups.  Ok I am starting to rant now...

As for the report, I will not deny that the information in the report is valuable to the defenders.  But obviously, at this point in time, the group has now changed it's tactics.  I suppose it will help find systems that have yet to be discovered.

Source: https://www.mandiant.com/blog/threat-actors-mandiant-apt1-report-spear-phishing-lure/

I think (and this is just my personal opinion) is that China's goal, at this time, is to grab data.  Get IP from our defense contractors that can be used in two ways.  To boost their own economic strength by reproducing our products and/or sell the data to an allied country. In the future that could change.  Countries like Iran and North Korea would certainly be higher on the list of suspects if an attack on the infrastructure occurred.  There is also nothing to say that China would not provide such services if the price is right but that may be more along the lines of what the RBN provides.  Granted in this example, the source appears to be Chinese in origin, it doesn't necessarily mean the job originated there.