Will China execute and/or sponsor a low or higher level cyber attack against networks owned by a US entity between 19 September 2017 and 30 November 2017?
At least part of the attack must occur during the question's open period. The question will be suspended on 30 November 2017 and resolved on 31 January 2018 to allow for delayed reporting. The following levels of cyber attack will all count: Low-Level Cyber Attacks create temporary and/or localized disruption of services that are dependent on networked infrastructure but do not threaten the core functionality of critical infrastructure targets. For example, a series of distributed denial of service (DDoS) attacks against banking websites--while widespread--would cause only temporary disruption of Internet access to customer's bank accounts. They would not affect customer account balances or other banking services such as ATM withdrawals, nor would they disrupt the larger financial system, although the affected banks would incur losses because of the mitigation and other costs. Moderate-Level Cyber Attacks create localized, nonpersistent disruption to core functionality of critical services and functions but do not generate substantive systemic or national-level effects. For example, a cyber-attack that disrupted a single power plant for a couple of hours-equivalent to a temporary local power outage from a snow storm-would qualify as a moderate-level cyber attack. High-Level Cyber Attacks disrupt critical infrastructure services and generate substantive systemic or national-level effects over an extended period of time. For example, a cyber attack that reduced oil pipeline transport across a key region and resulted in a spike in national oil prices over the course of a month would qualify as a high-level cyber attack. Catastrophic Cyber Attacks affect the fundamental viability of core government, military, or economic services or functions; or cause significant loss of life or widespread property damage. For example, a cyber attack against critical infrastructures that caused an economic depression would qualify as a catastrophic cyber attack. A US entity can be governmental, commercial, academic, nonprofit or an individual. For the question to resolve as 'yes', the government of China must sponsor or execute the attack.Outcome will be determined by credible open source cybersecurity industry analysis or media reporting (e.g., Crowdstrike, FireEye, ThreatConnect, Symantec, McAfee, Reuters, BBC, AP). Confused? Check our FAQ or ask us for help. This IFP has been voided due to conflicting evidence about the cyber attack on the Hudson Institute. Some reports suggest the criteria for this question had been met, meanwhile others indicate that China was not involved and/or that the attack did not cause the website disruption (The Washington Free Beacon, Security Week, The Hill, Reuters, The Wall Street Journal). Without corroborated, credible, open-source evidence on these two issues, the outcome cannot be determined.