Cyber espionage – something to worry about?
McAfee released their “Virtual Criminology Report” earlier this year and warned that there is a growing threat to national security, as cyber espionage becomes increasingly sophisticated, moving from simple network probes to well-funded, well-organized, and possibly government backed operations. The intent is not only financial gain, but also political or competitive gain.
Some other interesting news items have appeared in the recent past.
1. Germany’s respected weekly, Der Spiegel, reported that China was thought to have hacked into the computer systems of Germany’s chancellery, as well as systems at three ministries, infecting the networks with spy programs. The alleged attacks occurred just before Chancellor, Angela Merkel, visited Beijing. Computers in the chancellery and the foreign, economics, and research ministries were targeted. The German Federal Office for the Protection of the Constitution (BfV) conducted a comprehensive search of government IT installations, and prevented a further 160 giga-bytes of information from being transferred to China. The scale and nature of the stolen data suggested that the operation could have been steered by the state.
2. Australian IT reported that Chinese hackers had allegedly tried to hack into highly classified government computer networks in Australia and New Zealand as part of a broader international operation to glean military secrets from Western nations. New Zealand Prime, Minister Helen Clark, confirmed that foreign intelligence agencies had tried to hack into government computer networks, but had not compromised top-secret data banks. The Chinese government has denied any involvement.
3. In its annual report to Congress, The U.S.-China Economic And Security Review Commission said, “Among the disruptive capabilities China is fielding is the ability to conduct cyber attacks. General James Cartwright, then Commander of the U.S. Strategic Command (USSTRATCOM) and currently Vice Chairman of the Joint Chiefs of Staff, testified before The Commission that China is actively engaging in cyber reconnaissance by probing the computer networks of U.S.government agencies as well as private companies. The data collected from these computer reconnaissance campaigns can be used for myriad purposes, including identifying weak points in the networks; understanding how leaders in the United States think; discovering the communication patterns of American government agencies and private companies; and obtaining valuable information stored throughout the networks."
Today, cyber espionage enables you to get information that may have taken years to collect through human intelligence, only in a matter of minutes, in a single download session. So it’s a no-brainer for many, the McAfee report estimates 120 countries engaged in web espionage operations, but most of these operations are not very sophisticated. But the Chinese approach of targeting key industries and economic sectors, placing Trojans in those systems to be activated if/when necessary, is like having a sleeper cells that get activated on demand. This should serve as a wake-up call to governments and businesses around the globe that in today’s competitive environments, spending the time, effort, and money to protect your sensitive information assets is the key to keeping your competitive advantage.