The aim of this report is to examine the topic of cyber espionage. Incidents and threats of espionage committed using software tools have become frequent headlines in news stories in recent years, thus the existence of cyber espionage is undeniable. This report begins with an introduction of the topic, followed by a literature review. Moving on, two case studies specifically involving the use of Trojans and sniffers to commit espionage will be discussed. The scope of these case studies includes the attack mechanisms used and the countermeasures that could plausibly be adopted, as well as a discussion of each case.
Cyber espionage is the use of software tools to obtain secret or private information about another government or business competitor. According to a study by research firm SANS Institute, cyber espionage is ranked Number 3 on its Top Five Menaces for 2008. Hence cyber espionage is an increasing concern in today’s society. Over the past decade, globalization has led to an increase in espionage activities. As businesses become global and competition intensifies, the tendency to steal information to gain a competitive edge increases. Another explanation for a rise in espionage levels is the growth of computer technologies. Computers have shortened the time spent to steal data as individuals can download information and save it in a few seconds, as opposed to spending hours secretly duplicating documents. Computers are interconnected via the company’s network, which is linked to an internet, thus increasing the points of entry through which hackers can gain access to information. Besides making confidential information easier to steal, the computer has enhanced the theft. A group of Russian hackers who stole US$10 million from the Citibank computer network commented “A computer is a much better tool than a handgun… it would take us a long time to get $10 million with a handgun.” In the remaining sections of our report, we will consider both categories of espionage, namely political and economic espionage, and the role of information technology (IT) and software tools used in cyber espionage.
2.0 LITERATURE REVIEW
Espionage is divided into two categories of economic and political, the distinction being the targets involved.
2.1 Economic Espionage
Economic espionage occurs when 1) a disgruntled employee misappropriates the company’s trade secrets for financial benefit or as an act of revenge against the company or 2) a competitor or foreign nation steals trade secrets to advance its financial interests. Studies reveal that most cyber crimes are committed by an insider. The tendency of insiders to steal confidential data means that it is crucial for corporations to protect their trade secrets from both external and internal attackers. Failing which, economic espionage usually results in the following consequences: -Loss of revenue
-Loss of market share
-Reduction in edge over competition
-Competing firms ride on proprietary techniques to develop superior products -Tarnished public image
-Wastage of R&D
-Negative reaction from investors
2.2 Political espionage
Political espionage differs from economic espionage in that it involves the government’s efforts to collect information about corporations and individuals. Governments engage in political espionage to acquire technology or advance a military program, to advance the economic competitiveness of the nation, or to spy on individuals. After the Cold War, the role of espionage has shifted from focusing on military and political targets to stealing proprietary information from other nations’ businesses. This is because economic superiority has become more important than military superiority.
2.3 Software tools
Common software tools used for conducting cyber espionage include Trojans, sniffers, spywares and keyloggers. Since our case studies involve the use of sniffers and Trojans...