Center for Security Research Articles Cyber Espionage and its Impacts

Cyber Espionage and its Impacts

Blagoja Janakievski

In the newest operational warfare domain, cyberspace, there are armies of nefarious hackers from around the globe who use cyber warfare for economic, political, or military gain. One aspect of cyber warfare that needs to be looked upon more closely is cyber espionage. Cyber spying is the act of engaging in an attack or series of attacks that let an unauthorized user or users view classified of sensitive material. These attacks are often subtle, amounting to nothing more than an unnoticed bit of code or process running in the background of a mainframe or personal workstation, and the target is usually a corporate or government entity. The goal is typically to acquire intellectual property or government secrets. Attacks can be motivated by greed or profit, and can be used in conjunction with a military operation or as an act of terrorism. Consequences can range from loss of competitive advantage to loss of materials, data, infrastructure, or loss of life.

Headlines about cyber espionage usually focus on China, Russia, North Korea, and the United States, whether as the attacking state or the victim of attack. However, the truth is that it is to be expected that most of the world’s developed countries are using cyber espionage units. These state-based threat actor teams are comprised of computer programmers, engineers, and scientists that form military and intelligence agency hacking clusters. They have tremendous financial backing and unlimited technological resources that help them evolve their techniques rapidly. I will briefly mention several cyber-espionage incidents, which will make you believe in the colossal capabilities of cyber warfare.

  1. Chinese Hacking Group’s Cyber-Espionage Campaign – Symantec revealed in June 2018 that a group of Chinese-linked hackers was targeting two United States-based satellite firms. Other than that, the sophisticated hacking group also targeted defense contractors and telecommunications companies in the United States and Southeast Asia. The efforts of the group were believed to be carried out in the interest of the nation. The primary drive for this cyber-espionage campaign was to intercept the military and civilian communications of the victim nations. Hacking with the purpose to intercept is rare but it exists. But in this case, the hacking group deliberately infected the systems controlling the satellites. The motive of their act was to change the positions of the orbiting devices and disrupt data traffic
  2. Vietnamese Campaign Against ASEAN 2017 An APT group, APT32 (also known as OceanLotus Group), allegedly linked to the Vietnamese government, started attacking the Association of Southeast Asian Nations (ASEAN) as part of its cyber-espionage campaign. The incident response firm Volexity, in 2017, identified and uncovered the widespread mass digital surveillance and the attack campaign of the group. It also targeted the media, human rights, and civil society organizations.
  3. Intensive Cyber-Espionage Campaign of APT28 Against Montenegro’s GovernmentBefore Montenegro joined NATO in 2017, APT28 (also popularly known as “Fancy Bear”), a malicious hacking group linked to the Russian intelligence, actively participated in a cyber-espionage campaign against the Montenegrin government. The campaign depicts Russia’s desire to intrude in the political affairs of foreign nations. Two booby-trapped attachments had been sent to Montenegrin government officials over the email to load a flash exploit framework through a command-and-control infrastructure.
  4. GhostNet – In 2009, Canadian researchers revealed a large spy network called GhostNet that arranged an intrusion into more than one thousand computers in 103 countries. Perpetrators got unauthorized access to the network of the Dalai Lama offices and used it for compromising other computers. Besides, the attacks were also performed on the foreign ministers and embassies of Germany, Pakistan, India, Iran, South Korea, and Thailand. The Chinese government denied any involvement in the attacks.

This kind of examples show that cyber warfare should be taken seriously, and that cyber espionage has deeply impacted modern war and international relations and will likely continue to do so in the future.

Related Post

When an order endsWhen an order ends

By Alessandro Politi, Director of the NATO Defense College Foundation

This article intends to discuss three points: the quest for a new world order, echoing the one established in 1945, is pointless; what should be done when an existing order cannot be adapted, and how the transition to a different order should be presently governed, taking into account also the new US administration.

The solutions proposed are to: adopt a flexible globalisation model where shared responsibilities and decision-making are realistically rebalanced; to refuse a fragmenting multipolarism; to relaunch global sustainability by redressing social imbalances at home and abroad in order to tackle climate change and to phase out an outdated model of consumerist capitalism. The overarching global priorities are essentially two: ensuring human security vis-à-vis climate change (and attendant pandemics) and favouring shared prosperity, which means the transition to a fairer hybrid economic system where economic policies are fully accountable to the taxpayer.

Will the Biden presidency understand these two strategic priorities? In short, the answer is: in word yes, in deed yo, with a strong tendency towards a no. Political handicaps in Congress and American socio-cultural conditions may significantly limit the President’s concrete choices, reducing complex decisions to a zero-sum game with China and risking an economic stalemate that could turn into hot confrontation. (more…)

How do terrorist groups exploit the corona pandemic?How do terrorist groups exploit the corona pandemic?

Rabie W. Sedrak

The spread of the Corona pandemic has changed the dynamics of most political processes at the local, regional, and international levels. However, it is remarkable that actors of current terrorist groups from various ideologies have demonstrated significant abilities to adapt rapidly to those changes caused by the spread of Corona virus. Indeed, some terrorist groups have tended to use the virus as a tool to achieve their goals, such as the attempt of some terrorists in Tunisia to spread the virus among security personnel earlier this month. Through monitoring the behavior of violent extremist groups worldwide during the past weeks, it was possible to identify a number of paths through which Corona virus have influenced the movement of such extremist groups, or rather the paths that these groups are employing, to serve their purposes.
(more…)

War in the Caucasus threatens Europe’s gas lifelineWar in the Caucasus threatens Europe’s gas lifeline

Aleksandar Nacev

International concern is growing over the rapidly escalating turmoil in the South Caucasus, as fighting between Armenia and Azerbaijan continues and is threatening to draw regional powers directly into the conflict, destabilising an area that serves as an important energy corridor for global markets.

The clashes that erupted on the Armenia-Azerbaijan border are threatening to push the countries back to another prolonged war 26 years after the last ceasefire was reached. The last Nagorno-Karabakh War took place from February 1988 to May 1994, in the Nagorno-Karabakh enclave in southwestern Azerbaijan, between the majority ethnic Armenians of Nagorno-Karabakh backed by Armenia, and the Republic of Azerbaijan.

(more…)