In the newest operational warfare domain, cyberspace, there are armies of nefarious hackers from around the globe who use cyber warfare for economic, political, or military gain. One aspect of cyber warfare that needs to be looked upon more closely is cyber espionage. Cyber spying is the act of engaging in an attack or series of attacks that let an unauthorized user or users view classified of sensitive material. These attacks are often subtle, amounting to nothing more than an unnoticed bit of code or process running in the background of a mainframe or personal workstation, and the target is usually a corporate or government entity. The goal is typically to acquire intellectual property or government secrets. Attacks can be motivated by greed or profit, and can be used in conjunction with a military operation or as an act of terrorism. Consequences can range from loss of competitive advantage to loss of materials, data, infrastructure, or loss of life.
Headlines about cyber espionage usually focus on China, Russia, North Korea, and the United States, whether as the attacking state or the victim of attack. However, the truth is that it is to be expected that most of the world’s developed countries are using cyber espionage units. These state-based threat actor teams are comprised of computer programmers, engineers, and scientists that form military and intelligence agency hacking clusters. They have tremendous financial backing and unlimited technological resources that help them evolve their techniques rapidly. I will briefly mention several cyber-espionage incidents, which will make you believe in the colossal capabilities of cyber warfare.
- Chinese Hacking Group’s Cyber-Espionage Campaign – Symantec revealed in June 2018 that a group of Chinese-linked hackers was targeting two United States-based satellite firms. Other than that, the sophisticated hacking group also targeted defense contractors and telecommunications companies in the United States and Southeast Asia. The efforts of the group were believed to be carried out in the interest of the nation. The primary drive for this cyber-espionage campaign was to intercept the military and civilian communications of the victim nations. Hacking with the purpose to intercept is rare but it exists. But in this case, the hacking group deliberately infected the systems controlling the satellites. The motive of their act was to change the positions of the orbiting devices and disrupt data traffic
- Vietnamese Campaign Against ASEAN 2017 – An APT group, APT32 (also known as OceanLotus Group), allegedly linked to the Vietnamese government, started attacking the Association of Southeast Asian Nations (ASEAN) as part of its cyber-espionage campaign. The incident response firm Volexity, in 2017, identified and uncovered the widespread mass digital surveillance and the attack campaign of the group. It also targeted the media, human rights, and civil society organizations.
- Intensive Cyber-Espionage Campaign of APT28 Against Montenegro’s Government – Before Montenegro joined NATO in 2017, APT28 (also popularly known as “Fancy Bear”), a malicious hacking group linked to the Russian intelligence, actively participated in a cyber-espionage campaign against the Montenegrin government. The campaign depicts Russia’s desire to intrude in the political affairs of foreign nations. Two booby-trapped attachments had been sent to Montenegrin government officials over the email to load a flash exploit framework through a command-and-control infrastructure.
- GhostNet – In 2009, Canadian researchers revealed a large spy network called GhostNet that arranged an intrusion into more than one thousand computers in 103 countries. Perpetrators got unauthorized access to the network of the Dalai Lama offices and used it for compromising other computers. Besides, the attacks were also performed on the foreign ministers and embassies of Germany, Pakistan, India, Iran, South Korea, and Thailand. The Chinese government denied any involvement in the attacks.
This kind of examples show that cyber warfare should be taken seriously, and that cyber espionage has deeply impacted modern war and international relations and will likely continue to do so in the future.
