Harding said that should not be a problem. "Our analysts are smart enough to use other indicators to tell the script kiddies from 61398," he said.
How should the U.S. respond?
Still, the debate rages on over how the U.S. should respond. U.S. Rep. Mike Rogers (R-Mich.) chairman of the House Intelligence Committee, told the New York Times that, "right now there is no incentive for the Chinese to stop doing this. If we don't create a high price, it's only going to keep accelerating."
Gary McGraw agrees that there should be a high price, but said it should be done through what he calls "proactive defense."
"If we in the U.S. build our systems better so these sorts of attacks don't work very well, or people get caught, then that can be a deterrent," he said. "But it involves heavy lifting security engineering. We need to spend the money and time to harden our systems -- build them right."
Aaron Higbee, CTO of PhishMe, said companies that try to counterattack might be inviting retaliation themselves. "The worry is there are attackers in our most trusted networks right now," he said. "This is the persistent part of APT. We do not know what offensive retaliation will do."
Arlen said there is yet another reason the U.S. should be careful about counter attacks: The U.S. itself does not have entirely clean hands. He and others note that the U.S. and Israel were behind the Stuxnet worm used to attack Iranian nuclear facilities.
"What Mandiant does not say, and which I think is important for readers to remember, is that APT0 is the United States of America," he said.
Sign up for Computerworld eNewsletters.