Espionage and industry in the internet era
 |
| Eye spy: nation states do not have a monopoly on espionage |
“By no means do nation states have a monopoly on espionage,” says Ed Parsons, a senior manager in the UK cyber security practice at KPMG. “We are seeing for-profit and mercenary groups, stealing information and trying to sell it, including to governments.”
Mr Parsons says that one reason cyber espionage is growing is because blame is hard to apportion. Unlike the characters of John Le Carre’s cold war-era novels, who risked arrest or worse, today’s cyber spies are hard to trace and easy for governments and others to deny knowledge of.
Steve Durbin, international vice-president of the Information Security Forum, a not-for-profit trade association, adds that agents no longer have to go out into the cold. Instead of laborious and sometimes dangerous fieldwork, spies can work in comfort from offices far away from their targets, and often well away from their own sponsors.
There may be clues that point to a hacker’s identity or country of origin, including the timing of an attack, which may suggest where they were operating from, and pointers to the keyboard layouts and characters used. But these can be faked.
A surer way of spotting an online spy is to follow the information a hacker tries to extract, say experts. Credit card and financial data theft points to a criminal gang, while personnel, security records and intellectual property are a more likely to be a sign of spies.
High-profile
incidents indicate that spying on companies by states may be common.
Documents leaked by the former US National Security Agency contractor Edward Snowdon
seemingly show that the communications of Petrobras, the Brazilian
state oil company, were intercepted by the intelligence agency.
Meanwhile, the US has blamed the regime in North Korea for an attack on Sony Pictures. The loss of data on 21.5m federal employees in the US from the Office of Personnel Management’s database is suspected to be the work of Chinese hackers.
Brian Honan, founder of Dublin-based BH Consulting and an adviser to
various governments’ information security teams, says: “A government
might keep its top spies close, but there will be others they want to
keep some distance away, to ensure plausible deniability. In some cases,
governments have hired criminal gangs to attack targets on their
behalf.”The lines between government hacking and industrial espionage are increasingly becoming blurred, especially in countries with significant state-controlled industries. Even in free-market economies, the distinction between “economic intelligence” and industrial espionage can be a fine one.
By no means are all spies government agents —
companies spying on each other is also on the rise, driven by the same
ease of access to data exploited by government spy agencies, say
experts. According to the Data Breach Investigations Report from Verizon,
a telecoms company, more than two-thirds of “phishing” incidents — the
sending of fraudulent emails asking individuals to provide personal or
professional data — are probably linked to some form of online
espionage.
For companies, hacking or buying information from a hacker poses far fewer risks than paying someone to steal physical blueprints
or files. Industries such as pharmaceuticals and technology, as well as
defence, have seen products emerge that seem to draw heavily on stolen
intellectual property.
Hackers are also targeting businesses’ advisers, including law firms. According to Laurance Dine, managing principal at Verizon’s investigative response division, professional services firms are the third most targeted type of organisation.
One area where the actions of government and industrial spies will differ, however, is when cyber espionage turns to remote-control sabotage. Spy agencies have long considered physical disruption of an enemy’s infrastructure to be part of their role, although most refrain from such attacks in peacetime.
Cyber
spies can plant “malware” — malicious software — on adversaries’
computer systems and activate it months or even years later. However,
high-profile malware attacks, such as the Stuxnet virus
— widely blamed on the US and Israeli security agencies — that
reportedly damaged a fifth of Iranian nuclear centrifuges, seem rare.
However, they can also use the web’s dark arts to probe for electronic
or physical weak points, and to capture data they may be able to exploit
later.
“It is easier to access secure systems through third parties, or third parties’ third parties,” he says. “The further away you are from the centre, the more security diminishes. Spies and hackers know this . . . it is easier to go in that way, than to try to hit the Pentagon.”
Governments, however, are realising that their
commercial contractors can pose a security threat. In the UK, the
security services increasingly give advice directly to businesses. In the US, the National Institute of Standards and Technology also provides cyber security guidance for organisations.
However, some boards and chief information officers
still believe there is little that can be done to protect against a
well-resourced, determined hacking attack. But Mr Parsons at KPMG says
this is not the case. Even national spy agencies rely heavily on basic
online vulnerabilities that companies should have fixed.
“Some attacks are depressingly low in sophistication,” he says. “This is certainly not a counsel of despair.”Source : - ft
We Are Fossasia Stay Connected With Us On Twitter . . . ! ! !
No comments:
Post a Comment