Cyberspying Report: China, Russia Are Main Culprits

Yesterday, the Office of the National Counterintelligence Executive released a report to Congress entitled, Foreign Spies Stealing US Economic Secrets In Cyberspace.  The report paints a disturbing picture:

US Technologies and Trade Secrets at Risk in Cyberspace

Foreign collectors of sensitive economic information are able to operate in cyberspace with relatively little risk of detection by their private sector targets. The proliferation of malicious software, prevalence of cyber tool sharing, use of hackers as proxies, and routing of operations through third countries make it difficult to attribute responsibility for computer network intrusions. Cyber tools have enhanced the economic espionage threat, and the Intelligence Community (IC) judges the use of such tools is already a larger threat than more traditional
espionage methods.

Economic espionage inflicts costs on companies that range from loss of unique intellectual property to outlays for remediation, but no reliable estimates of the monetary value of these costs exist. Many companies are unaware when their sensitive data is pilfered, and those that find out are often reluctant to report the loss, fearing potential damage to their reputation with investors, customers, and employees. Moreover, victims of trade secret theft use different methods to estimate their losses; some base estimates on the actual costs of developing the stolen information, while others project the loss of future revenues and profits.

Pervasive Threat from Adversaries and Partners

Sensitive US economic information and technology are targeted by the intelligence services, private sector companies, academic and research institutions, and citizens of dozens of countries.

• Chinese actors are the world’s most active and persistent perpetrators of economic espionage. US private sector firms and cybersecurity specialists have reported an onslaught of computer network intrusions that have originated in China, but the IC cannot confirm who was responsible.
• Russia’s intelligence services are conducting a range of activities to collect economic information and technology from US targets.
• Some US allies and partners use their broad access to US institutions to acquire sensitive US economic and technology information, primarily through aggressive elicitation and other human intelligence (HUMINT) tactics. Some of these states have advanced cyber capabilities.

The report recites many techniques that are used by cyberspies to gain access to technology.  One of these techniques is spearphishing. The report makes specific reference to McAfee’s Night Dragon study. The report also discloses hackers for hire who are expert in the methods of cyberdeception  — citing the example of the Iranian government employing hackers for hire to deploy social engineering schemes.

The report said that pace of industrial espionage activities is accelerating. According to the report, foreign intelligence agencies, corporations and individual hackers increased their efforts to steal proprietary technology between 2009 and 2011.


Comments are closed.