4 Targets of Foreign E-SpyingIt's Not Just China, Russia Eying U.S. Intellectual Property
"China and Russia view themselves as strategic competitors of the United States and are the most aggressive collectors of U.S. economic information and technology," says the report, Foreign Spies Stealing U.S. Economic Secrets in Cyberspace.
The report from the Office of the National Counterintelligence Executive, foresees virtual spying from those nations, as well as others, intensifying in the coming years. "Cyberspace provides relatively small-scale actors an opportunity to become players in economic espionage," the annual report to Congress says.
What will they target? The report identifies four major areas of interest among foreign spies:
- Information and communications technology that forms the backbone of nearly every other technology.
- Business information pertaining to supplies of scarce natural resources that could provide foreign actors an edge in negotiations with the American government and businesses.
- Military technologies, particularly marine systems, unmanned aerial vehicles and other aerospace/aeronautic technologies.
- Civilian and dual-use technologies in sectors likely to experience fast growth, such as clean energy and healthcare/pharmaceuticals.
It's not only America's traditional adversaries employing the means to spy through cyberspace but U.S. allies and partners that use their broad access to American institutions to acquire sensitive economic and technology information, primarily through "aggressive elicitation and other human-intelligence tactics."
"Foreign economic collection and industrial espionage against the United States represent significant and growing threats to the nation's prosperity and security," the report says. "Cyberspace - where most business activity and development of new ideas now takes place - amplifies these threats by making it possible for malicious actors, whether they are corrupted insiders or foreign intelligence services, to quickly steal and transfer massive quantities of data while remaining anonymous and hard to detect."
Many companies remain unaware when their sensitive information is pilfered, and those that find out often show reluctance to report the data loss, fearing potential damage to their reputation with investors, customers and employees, the report says.
Identifying the Culprits
Attribution - knowing specifically who is stealing valuable information - is difficult to determine. Though U.S. cyber intelligence analysts identify Russia's intelligence services as conducting a range of activities to collect economic information and technology from American targets, they aren't sure who's behind the intrusions coming from China.
"Chinese actors are the world's most active and persistent perpetrators of economic espionage," the report says. "U.S. private-sector firms and cybersecurity specialists have reported an onslaught of computer network intrusions that have originated in China, but the IC (intelligence community) cannot confirm who was responsible."
Spying in cyberspace presents relatively little risk of detection by the corporate targets. The explosion of malicious software, popularity of cyber tool sharing, use of hackers as proxies and routing of operations through third countries make it difficult to attribute responsibility for computer network intrusions. "Cyber tools have enhanced the economic espionage threat, and the intelligence community judges the use of such tools is already a larger threat than more traditional espionage methods," the report says.
Such cyber spying will evolve with continued advancements in technology, especially portable devices that connect to the Internet and other networks, which with their proliferation, will create new espionage opportunities for malicious actors, the report says.
The trend toward pooling of information processing and storage presents greater challenges to preserving the security and integrity of sensitive information. "Although cloud computing offers some security advantages, such as robust backup in the event of system disruption," the report say, "the movement of data among multiple locations will increase the opportunities for theft or manipulation by malicious actor."