Interesting article came out yesterday saying “hackers in China are believed responsible for four out of five major cyber attacks on government targets in 2007”.
Although, I’m in no place to confirm or deny this research my experience shows that the majority of actual incidents (The organization has been hacked) usually come from ASIA pacific (Korea, China) or from internal employees.
To protect from the ASIA pacific consider blocking the IP ranges listed in my IP Blacklist Post. Internal incidents are usually a result of too much trust of internal employees and lack of segregation of duties between functions.
InfoSecAlways.com 