New Opportunities for Cyber Espionage and Cyber Crime

Thursday, March 08, 2012

Pierluigi Paganini

03b2ceb73723f8b53cd533e4fba898ee

(Translated from the original Italian)

The continued technology push that is shaping our society during the last decade has brought an exponential increase in computer related crimes, as every technological innovation has presented an opportunity for the cybercrime industry to make a profit.

Cybercrime has many facets, manifests itself in countless forms, and is contextualized in relation to the scope that it uses computer techniques to perform criminal acts.

Computer fraud, phishing, and malware development designed to steal sensitive information from users (i.e. banking credentials), the use of advanced persistent threats (APTs), ramsonware, and cyberespionage are all activities united by the intent to profit from the improper use of technology.

Cyberespionage is one of the most common forms of cybercrime today, and is of great concern to both private industry and the military. According Uri Rivner, head of new technologies at RSA, one of the most common dangerous cybercrime centers is the  Asia-Pacific region.

A growing number of companies around the world are finding themselves victims of computer attacks for the purpose of stealing corporate secrets and intellectual property with the intent being for the perpetrators to benefit in economic terms. The information acquired is often being sold by criminals to competitors and governments.

The line between cybercrime and cyber warfare is fine, and we now understand that one of the main strategies pursued by governments around the world is to develop intelligence operations through technology in order to gather sensitive information related to private industry and the military sector.

Cyberespionage is a serious threat which can have a devastating effect on the social fabric of a nation, as well as the viability of any private company. It is difficult to detect, and for this reason - unlike other crimes - it may be conducted for years without the victim being aware of it, as happened in the case of Nortel.

Some months ago the Office of the National Counterintelligence Executive published a report for Congress that presents a frightening picture of the degree to which other countries use cyberespionage to obtain industrial secrets from US companies.

The biggest threat in terms of cyberespionage against American business emanate from China and Russia. The report projects that China and Russia will “remain aggressive and capable collectors of sensitive US economic information and technologies, particularly in cyberspace.”

“National boundaries will deter economic espionage less than ever as more business is conducted from wherever workers can access the Internet,” the report states. “The globalization of the supply chain for new—and increasingly interconnected—IT products will offer more opportunities for malicious actors to compromise the integrity and security of
these devices.”

The report went so far as to classify the Chinese government as a “persistent collector,” and noted that Russia’s intelligence services are conducting a range of activities to collect economic information and technology from US targets.

Uri Rivner is convinced that we are in an age of cyberespionage were criminals are actively engaged in stealing trade secrets from other nations and companies for their own benefit. Consider also another phenomenon, the impressive growth of internet availability in the Asia-Pacific region, an event that has allowed this part of the world to increase cybercrime activities, in particular of cyber espionage.

In this area we have a growing demand for information which corresponds to an infrastructure often vulnerable to all sorts of cyber attacks, and these conditions make the market attractive to criminal organizations which, in the absence of effective regulations, often see their crimes go unpunished.

Rivner also declared that in 2012 we will see a merging of nation-sponsored attacks, cybercrime syndicates and hacktivism. Let me add that the evolution of the mobile marketplace will contribute significantly to the explosion of cybercrime.

Countries all over the world should seriously consider the threat of cyberespionage, and for that very reason they should be developing and implementing effective cyber strategies to protect those infrastructures considered most critical.

Asia more than anywhere else in the world is adopting a very profitable approach to cyber security through the involvement of young people who can bring innovation, a strategic contribution to a sector that is continuously changing .

In my opinion, cybercrime must be fought on many fronts, from the government side through appropriate strategies for defense to the private front with targeted campaigns awareness on the issue... Else no one is safe.

Cross-posted from Security Affairs

Possibly Related Articles:
15913
Security Awareness
Information Security
Enterprise Security China Security Strategies Cyberwar Intellectual Property Cyber Crime Information Technology Espionage Russia
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.