Chinese attackers have extracted sensitive data from Google, Adobe, Yahoo, Dow Chemical, Symantec and the US Chamber of Commerce. The PRC, of course, denies its involvement. But with improvements in detection, tracking and occasional slip ups on their end, we'll know where they've been, or better yet, when they are in the act. Yet, even with these improvements we've found that many organizations are compromised for 6--12 months and even longer without detecting it.