If you are a Japanese conglomerate, you\u2019ve no doubt been made aware of the threat of cyber espionage and the level of effort that is being expended to compromise the trade secrets and intellectual property of your company.This multifaceted effort is being launched from within China and is part of a far larger dynamic, which is China\u2019s projection of power within the Indo-Pacific region.In 2017, the Rand Corporation issued a comprehensive report on China\u2019s efforts to adjust the status quo in the region\u00a0(pdf) without firing a shot through the use of \u201cgray zone\u201d coercion focused on three domains: maritime, cyber and space. They asked two hard questions:How can Washington and Tokyo counteract a determined adversary, such as China, when it is seeking to undermine Japanese control over the Senkakus, intrude into computer networks for the purposes of industrial espionage and national security, and potentially cripple allied space assets in a time of crisis?How can the allies deter China's gray zone coercion in situations where tit-for-tat strategies are either unavailable or unappealing due to the medium (such as a counterstrike in space)?The report notes how attribution enables China to operate within the gray zone, which makes deterrence challenging. The Japanese government recognizes that cyber groups within China \u2014 acting independently or with the covert support of China \u2014are working on an \u201cas needed basis at the behest of the Chinese government\u201d to attack Japanese websites and conglomerates. As long as the efforts do not create a national emergency, they will continue to fall within the area of criminal activity.Japanese media notes how China, using their long-range planning, is driving toward being the global superpower by the year 2050. To achieve that, they must continue to adopt \u201ctransformative technologies.\u201d One way to achieve such knowledge is through espionage and cyber espionage.Tracking Chinese cyber espionageTo that end, security researchers at Secure Works have conducted a deep dive into Bronze Butler threat group, which they assess has been operating out of China since at least 2012. The group\u2019s primary focus has been on attacking Japanese companies and stealing their intellectual property and any other confidential data of interest. The primary focus appears to be companies involved in support or supply of critical infrastructure.How Japanese firms are being infiltratedThe Bronze Butler team uses all the arrows in their quiver to gain access to Japanese intellectual property, not relying on just one avenue of approach. They have been successful in the use of spearphishing, website compromises and exploitation of zero-day vulnerabilities. Interestingly, they used steganography to mask the malware payload delivery by embedding the payload within animated images.These efforts place the results of the Bronze Butler efforts firmly within the gray zone discussed by Rand, as the information being exfiltrated and collected are germane to national infrastructure, policy, and planning and sustainability of industry. They are not specifically targeting the national infrastructure. One might say the Chinese are collecting this information to create their playbook for when they do wish to attack Japan\u2019s national infrastructure.The takeaway for those engaged in industry-supporting national infrastructure in any nation: Protect your intellectual property and your customers' data because the Chinese and others want to collect the information for their strategic playbook.