Text originally published by Samuel Gichichi on the Cyber Secure Central Forums.
Cyber espionage is a type of cyber attack that is executed to steal sensitive, classified information or intellectual property to get an advantage over an individual, a government entity or competitive company. These attacks are often subtle and amount to nothing more than an unnoticed process running on the background, a workstation or mainframe. The attacks are majorly motivated by profit or greed and can be used in conjunction with a military operation to assume a form of terrorism.
In the past, corporations sought to get a competitive advantage by sending a faux employee to gain access to projects or data of an opponent company. However, with advancement in technology, corporations got easier ways to spy on their competitors. Since business competition is on the rise, every business should consider protecting itself against cyber espionage. Although faux employees are still used to gather information from a competing company, a vulnerable workstation is more attractive. When the mainframe is attacked, it can be used to spy and obtain information for the attacker.
Let’s look at some of the biggest cyber espionage cases that affected organizations and governments.
Breach on the Office of Personnel Management (OPM) Data
In 2012, it was alleged that Chinese hackers attacked the US OPM and stole personal information of 21 million Americans. Due to this cyber espionage, the attackers gained access to critical data of people who worked for the federal government including the military. Although the attack was executed in 2012, the data leakage was detected in June 2015 when the department discovered a malware that had built a backdoor into the network. In 2017, a Chinese national suspected to have developed the malware was arrested. Although OPM assured the citizens that no one suffered as a result of the attack, there are long term implications of such an attack.
Spying on McCain and Obama computers
Obama and McCain were victims of cyber espionage during the 2008 presidential campaigns. Russian or Chinese hackers installed spyware on the two presidential candidates’ computers and took vital information regarding national policy. Initially, the cyber attacker was thought to be a computer virus, but specialists discovered a leakage on a significant amount of files. Though the malware was installed before or during the campaigns, it was detected after the presidential election.
From 2003 to 2005, the US government was experiencing frequent threats organized by Chinese military hackers. It also included attacks on UK foreign and defense ministries. This attacked continued up to 2007. Titan rain was the first case of cyber espionage supported by a State. The Chinese attackers gained access to network computers via different methods and took as much information as they could. Although the involvement of the Chinese government in the attack was not proven, governments became more cautious about cyber espionage attacks.
In 2009, Canadian researchers discovered an extensive spy network named GhostNet that planned intrusion into more than 1000 computers in 103 countries. The attackers gained unauthorized access to Dalai Lama offices network and used it to compromise other computers. The hackers also launched attacks on foreign ministries and embassies of Pakistan, India, Germany, Thailand, South Korea, and Iran.
Operation Shady RAT
This is one of the biggest cyber espionage cases in history. It affected more than 70 companies since 2006. Some of the victims of the attack include the International Olympic Committee, the World Anti-Doping Agency, and the United Nations. McAfee detected an unknown malware which was propagated through email with a link to a self-reloading RAT. Chinese hackers had allegedly executed the operation because they were the only Southeast Asia country that was not affected.
From the above examples, it is clear cyber espionage can target any organization, government or individual. It is essential to protect yourself against such attacks to prevent data loss to malicious people. The following are the various ways you can protect yourself against cyber espionage.
Malware often infiltrates your computer through software vulnerabilities. Software developers release updates that seal the loopholes in their applications. One of the effective ways to minimize the chances of cyber espionage is to have updated software on your computer.
Anti-malware programs can be great assets in mitigating the threat of cyber espionage. The use of external storage devices commonly replicates malware. If a device is affected by malware, it will be detected and deleted as soon as you inject it in your computer.
Look for unexpected behavior
Although this is a difficult way to detect malware, you should monitor your computer for abnormal behavior. Some of the factors to consider are speed, webpage redirects, and your device’s web camera.
The content of this article does not reflect the official opinion of Cyber Secure Central. Responsibility for the information and views expressed in the article lies entirely with the author(s).