Spies are thriving in recession – e-espionage becomes big business

30 Jul 2009

E-espionage now poses a threat not just to a business’s reputation, but to its very existence. And the onset of the global economic downturn is now magnifying this threat still further, a new PricewaterhouseCoopers report claims.

The report warns that the issue hasn’t permeated the mindsets of most boardrooms, while at the same time their firewalls are being pounded every minute by hackers and the ability for executives to walk out with entire database on USB keys remains unchecked.

The latest E-espionage report from PricewaterhouseCoopers argues that e-espionage should be on the strategic board agenda and embedded into decision-making and systems projects from the ground up.

“In today’s knowledge-driven marketplace, a company’s core intellectual property (IP) is often pivotal to the value of its business,” the report’s authors argue. “And increasingly this business-critical IP is stored and shared in digital form on enterprise-wide systems, meaning that E-espionage raises the risk of a company’s core assets and marketplace being literally stolen overnight. Preventing this from happening by ensuring IP is well-protected is clearly a board-level duty.

“If cybercriminals do gain access, the impact can be disastrous. For example, a company in a sector such as defence, electronics or pharmaceuticals might find its products have been reverse-engineered without its knowledge, and are now being counterfeited and sold at a fraction of the price. What is more, the damage from an incursion can extend beyond the potential loss of data, to encompass threats to data integrity. Consider the impact of financial, regulatory or safety-critical data being modified by a criminal seeking to undermine an organisation.”

Every minute of every day, a growing number of well-resourced and highly sophisticated cyber-criminals from across the world are seeking to gain unauthorised access to valuable data held by companies and governments. And the increasingly interconnected and open nature of today’s internet-enabled corporate systems is helping to boost their opportunities.

Put simply, e-Espionage is unauthorised and usually criminal access to confidential systems and information for the purposes of gaining a commercial or political advantage. The UK Centre for the Protection of National Infrastructure (CPNI), summarises the risk as follows: “The espionage, or spying, threat did not end with the collapse of Soviet communism in the early 1990s.”

In late 2007, Jonathan Evans – the Director-General of MI5, and to whom Centre for the Protection of National Infrastructure (CPNI) is accountable – sent a confidential letter to 300 UK business leaders at banks, accountants and legal firms, warning them of a coordinated, web-based E-espionage campaign against the UK economy. And, as MI5 points out on its website: “Intelligence services…are targeting commercial enterprises far more than in the past.”

As a result, the threat of electronic attacks is very real, both for individual companies and for critical national infrastructure such as power, water and financial institutions.

This trend was further underlined by the UK Cabinet Office when it published the first National Risk Register in November 2008, as part of the National Security Strategy.

According to a report entitled ‘The snooping dragon: social-malware surveillance of the Tibetan movement’ published by the University of Cambridge in March 2009: “Social malware is unlikely to remain a tool of governments. Certainly organisations of interest to governments should take proper precautions now, but other firms had better start to think about what it will mean for them when social malware attacks become widespread. What Chinese spooks did in 2008, Russian crooks will do in 2010, and even low-budget criminals from less developed countries will follow in due course.”

In early 2009, Canada-based Information Warfare Monitor (IWM) published a report called Tracking GhostNet: Investigating a Cyber Espionage Network, detailing the findings of a 10-month investigation into a global electronic spy network that has infiltrated computers in various government offices around the world. The report said the network had used malware (see information panel) to infiltrate 1,295 computers in 103 countries, including systems belonging to foreign ministries and embassies and those linked with the Dalai Lama.

“Traditionally, Boards have not even had this issue on their radar screens, and have tended to pigeonhole it as a matter only for IT,” PricewaterhouseCoopers warned. “The results of this mindset are that security against E-espionage attacks is often ‘bolted on’ as an after-thought rather than being built into the initial business decision, and that security teams are commonly not involved up front

“Experience shows that this approach is not just misguided, but positively dangerous for the organisation concerned. As the studies and media reports described above demonstrate, it is potentially easier today for criminals to steal information from a business – or even compromise a country’s national infrastructure – through hacking rather than mounting a physical attack,” the PricewaterhouseCoopers report said.

By John Kennedy

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years