Thought this was interesting...
"I run quite a few few websites and blogs and my solution to this problem was first to BLOCK all traffic from China, I allow nothing, nada, zip from China based IPs. From my personal experience 100% of China's internet traffic is hacking attempts, email SPAM and phishing. I have never encountered a single China access that could be considered positive.
Blocking China has solved about 80~90% of the problem. The second thing is to block specific domains and IPs from Russia, Romania, Brazil, Taiwan, Korea, Poland and may other ex Soviet Satellites. I can't block all access to these countries because there is about 90% of legitimate traffic and the 10% left are probably compromised computers being used as proxies/bots for China.
Third, log, log and log everything. Log every access, which page they visited, for how long, using which referrer. If you use forms log every parameter sent and be paranoid when sanitizing user input, if you expect a number get a number and nothing else. SANITIZE USER INPUT! temporarily or permanently block access on the first offense.
The companies that got hacked deserve it, they should be more selective when hiring good security IT guys. Brothers in law, cousins, sisters, brothers don't make good IT, security experts."