recommended reading

Congressional commission to look closer at China cloud computing

Borislav Bajkic/

The U.S.-China Economic and Security Review Commission, an advisory group to Congress, is putting more scrutiny on national security threats posed to American businesses by Chinese cloud computing companies.

The group, tasked by Congress to monitor the risks of trade with China, is commissioning a report on the ties of state enterprises to the Chinese cloud computing industry and potential espionage risks from cloud infrastructure situated in the country, according to government officials.

Cloud computing generally refers to the delivery of a variety of computing resources – from Web-based services to storage space -- over the Internet. The commission is interested in “how information stored by Chinese cloud computing services might be susceptible to theft or exploitation, or how cloud computing infrastructure might be used to launch or enable cyberattacks,” according to a solicitation for proposals that closed earlier this month. The group is looking into how many people in the U.S. are using cloud infrastructure owned or operated by Chinese entities, as well as “Chinese-developed, owned, or operated cloud infrastructure outside of China.” The report is likely to be available to Congress by the middle of the year, according to the  officials, who spoke on condition of anonymity because they weren't authorized to discuss it.

Any findings could potentially direct further congressional scrutiny over manufacturers such as Huawei and ZTE that sell technology and infrastructure that support cloud computing. The advisory commission has previously enlisted defense contractor Northrop Grumman for a report on the impact of the rise of offensive computer abilities by Chinese entities. The commission, in its 2012 report to Congress, suggested that the rise of cloud computing in China could facilitate government surveillance and censorship.

Chinese cloud computing is still in infancy but is a fast-growing industry that has been slated for government venture capital. The size of China’s public cloud services market – which generally targets individual consumers -- is expected to reach over $2 billion in 2015 from roughly $1.25 billion in 2013; while private cloud-related spending – which generally caters to enterprises -- is expected to hit over $1.2 billion in 2015 from just south of $800 million in 2013, according to research analyst group IDC.

U.S. companies have begun to jump to capture a slice of this growth. IBM has partnered with Chinese tech firm Range Technology Development Co. to build by 2016 what is slated to be Asia’s largest cloud computing data center. Microsoft planned in 2011 to develop cloud enterprise products in China alongside local partner China Standard Software Co.  

(Image via

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.