LAGUNA BEACH, Calif. -- After the publication of the Mandiant report earlier in the year linking China's People's Liberation Army to ongoing and massive cyberattacks against U.S. corporations, government agencies, universities, and other organizations, policy makers and industry experts have been trying to figure out how to better secure their intellectual property against cyberattacks.

Call it a work in progress.

There is no question that regardless of the computing platform you use, malware happens. To help prevent these and other unwanted programs from running, Apple includes a data execution prevention routine called GateKeeper, which offers three layers of protection. The first allows everything to run, the second allows only applications signed with a valid Apple Developer ID to run, and the third allows only programs distributed through the Mac App Store to run.

Apple provides the Developer ID option with the assumption that most who use its Developer program create legitimate and trustworthy code, since their works will be easily tracked through the required signature in their programs. Recently, though, this was shown not to be the case.

China has been cited as allegedly hacking into U.S. government and corporate networks for years now. Generally, the thinking has been that the government is the only entity in the country actively hacking. But a new report seems to indicate that's not even close to the truth.

The News York Times on Thursday released a report on hacking across China. The Times found that not only does hacking occur at the highest levels of the government, but that everyone on down from local law enforcement officials to company owners to criminals are using their hacking techniques to take aim at citizens. Companies have even sprung up with the sole purpose of locating "anyone who spreads a rumor on the Internet."

Surprised? Here are just a few of the ways hacking has unfolded in China:

Kim Dotcom says he doesn't really want to sue Google, Facebook, Twitter, and other companies, but he really needs some help funding his defense.

The eclectic and controversial MegaUpload founder today said he invented two-factor authentication, which is being used by more and more companies to secure access to their sites. The verification steps aim to reduce the likelihood of online identity theft, phishing, and other scams because the victim's password would no longer be enough to give a thief access to their information.

Along with Twitter's recent introduction, Microsoft, Apple, Google, Facebook, PayPal, and countless other companies use the technology. It's also popular with banks and various other organizations.

Dotcom said on his Twitter page that he has never sued companies over the patent -- which he provides a link to -- because he believes "in sharing knowledge & ideas for the good of society." Later on, he noted that "people used to imagine that 2013 would be full of flying cars & a cure for every sickness, but then patents happened."

Verizon Wireless already sells its customers' mobile data to marketers. Now European enterprise-software giant SAP is taking things a step further by testing a service that will sell data collected by a number of wireless providers.

SAP announced its Consumer Insight 365 mobile service this week at the CTIA 2013 wireless show in Las Vegas. The service will, the company said in a release, pull data from SAP's "extensive partner network" including "over 990 mobile operators;" aggregate and analyze it "without drilling down into user-specific information;" and make results available to subscribers through a Web portal.

The data could, for example, combine information on where mobile users are, with info on what links they're clicking in those places.

Power utilities in the U.S. are constantly under daily cyberattacks, according to report (pdf) released Tuesday by Congressmen Ed Markey and Henry Waxman. Out of about 160 utilities surveyed in the 35-page report, more than a dozen reported "daily," "constant," or "frequent" attempted cyberattacks on their computer systems.

"Grid operations and control systems are increasingly automated, incorporate two-way communications, and are connected to the Internet or other computer networks," the report says. "While these improvements have allowed for critical modernization of the grid, this increased interconnectivity has made the grid more vulnerable to remote cyber attacks."

U.S. lawmakers have been ramping up public attention over the past few months about to the need to protect the country's power grid from hackers. If power utilities, water infrastructure, or transportation networks were taken down in a cyberattack, the country's day-today operations could be crippled.

After the hacking collective Anonymous launched a Twitter campaign pledging to go after the Guantanamo Bay Naval Base in Cuba, the U.S. military barred all Wi-Fi access on the base, according to the Associated Press. All social media, including Facebook and Twitter, also has been banned.

Army Lt. Col. Samuel House told the Associated Press that the shuttering of the base's Wi-Fi was because of Anonymous' public plans to "disrupt activities" at the military prison.

While no disruptions have yet been reported, according to the Associated Press, Anonymous has promised to make good on its threats.

SAN FRANCISCO -- Two of Google's top Chrome and Google Apps security experts confessed that the problem of passwords will continue to plague the people who use them and computer security for the foreseeable future.

On the second day of the company's I/O conference here on Thursday, Eran Feigenbaum, the director of security for Google Apps, suggested that people follow three recommendations to stay safer online.

Several members of Congress sent a letter to Google to ask about privacy concerns related to Google Glass, including how the company will prevent Glass from unintentionally collecting data without user consent. "Because Google Glass has not yet been released and we are uncertain of Google's plans to incorporate privacy protections into the device, there are still a number of unanswered questions that we share," the Bi-Partisan Privacy Caucus, led by Rep. Joe Barton (R-Texas) wrote in a letter to Google CEO Larry Page.

Eight members of Congress signed the letter, and they want information from Google by June 14. They cited specific examples of privacy issues in Google's history to support the concerns about privacy.

One question the group wants answered is how Google plans to prevent Glass for unintentionally collecting data about users without their consent. They also want to know what proactive steps Google is taking to protect the privacy of non-users when Glass is in use, as well as whether Google has considered refining its privacy policy. And they're curious to find out how Glass will use facial-recognition technology and how much privacy is considered when approving new apps.

F-secure is reporting on new malware found for OS X, which appears to be a backdoor application that so far is known to take screenshots of the user's computer and then attempt to upload them to remote servers. The malware is being called OSX/KitM.A.

It's a small application called macs.app and was found on the Mac of an African activist who was a member of of the Oslo Freedom Forum. When installed, the application is appended to the current Mac user's log-in items so it runs whenever the affected user account is logged in. It then takes regular screenshots that it places in a visible folder in the user's home directory called MacApp. It then tries to upload them to the URLs "securitytable.org" and "docsforum.info," which either are not working or are issuing "public access forbidden" error messages.

This bit of malware is somewhat unique in that it is signed with what appears to be a valid Apple Developer ID associated with the name Rajender Kumar. Though not an uncommon name, this may be a reference to the late Bollywood actor of a similar name. Regardless, the use of the ID appears to be an attempt to bypass Apple's Gatekeeper execution prevention technology.