Highlights
– Incidents of cyber espionage currently outnumber incidents of cyber attacks on critical infrastructure
– Cyber espionage is extremely dangerous because an adversary can steal state secrets and valuable intellectual property
– Skills required to conduct cyber espionage can also be used to launch cyber attacks against critical infrastructure
Conventional wisdom frames the danger of cyber warfare as the threat of a hostile nation-state or non-state actor executing an attack on our nation’s critical infrastructure via the Internet. While the possibility of a cyber attack against critical infrastructure assets (Previous Report), such as the power grid, has been demonstrated, another type of cyber attack is of more immediate concern.
The more serious and ongoing threat from cyber warfare exists in the form of cyber espionage. Cyber espionage does not involve attacks with physical effects – such as turning off a power grid. Instead, cyber espionage involves the theft of state secrets and valuable intellectual property.
According to Richard Clarke, former National Coordinator for Security and Counterterrorism, “What’s happening every day is that all of our information is being stolen. So, we pay billions of dollars for research and development, both in the government and the private sector, for engineering, for pharmaceuticals, for bioengineering, genetic stuff—all sorts of proprietary, valuable information that is the result of spending a lot of money on R&D—and all that information gets stolen for one one-thousandth of the cost that it took to develop it,” (Source)
While public companies are reticent to publicly confirm instances of cyber espionage for fear of shaking investor and consumer confidence, ancillary evidence reported in the mainstream media indicates that public companies suffer theft of intellectual property on a routine basis.
Previous Thefts
According to British media reports, Rolls Royce, Britain’s largest engineering firm was penetrated by a custom Trojan horse– a malicious software program used to surreptitiously gain access to a computer network. The Trojan was likely downloaded onto Rolls Royce’s network via a phishing email attack (Source). A phishing email attack is a social engineering tactic in which an email is designed to fool its recipient into downloading and installing malicious code – such as a Trojan horse.
Further validating the threat of cyber espionage, in 2007 MI5 Director-General Jonathan Evans, sent a confidential letter in to 300 British firms warning them that they were under constant cyber attack from “Chinese state organizations,” (Source)
Finally, cyber security experts have long understood that US businesses are also under increasing cyber attack from other nation-states. For example, it has been reported that suspected hackers from China have repeatedly stolen data from various US businesses and US government contractors.
Outlook
While cyber espionage represents the existing face of the threat from cyber warfare, it must be noted that the same skills required to steal data can also be used to launch attacks on critical infrastructure targets by manipulating and destroying data. Simply stated, the skills needed to steal data from Rolls Royce could also be applied to disrupting a local power grid. Therefore, the threat of devastating cyber attacks on critical infrastructure should not be discounted.