Industrial espionage, also known as economic espionage, corporate spying, or corporate espionage, is a form of espionage conducted for commercial purposes instead of purely national security. [1]
While political espionage is conducted or orchestrated by governments and is international in scope, industrial or corporate espionage is more often national and occurs between companies or corporations. [2]
Economic or industrial espionage takes place in two main forms. In short, the purpose of espionage is to gather knowledge about one or more organizations. It may include the acquisition of intellectual property, such as information on industrial manufacture, ideas, techniques and processes, recipes and formulas. Or it could include sequestration of proprietary or operational information, such as that on customer datasets, pricing, sales, marketing, research and development, policies, prospective bids, planning or marketing strategies or the changing compositions and locations of production. [3] It may describe activities such as theft of trade secrets, bribery, blackmail and technological surveillance. As well as orchestrating espionage on commercial organizations, governments can also be targets – for example, to determine the terms of a tender for a government contract.
Economic and industrial espionage is most commonly associated with technology-heavy industries, including computer software and hardware, biotechnology, aerospace, telecommunications, transportation and engine technology, automobiles, machine tools, energy, materials and coatings and so on. Silicon Valley is known to be one of the world's most targeted areas for espionage, though any industry with information of use to competitors may be a target. [4]
Information can make the difference between success and failure; if a trade secret is stolen, the competitive playing field is leveled or even tipped in favor of a competitor. Although a lot of information-gathering is accomplished legally through competitive intelligence, at times corporations feel the best way to get information is to take it. [5] Economic or industrial espionage is a threat to any business whose livelihood depends on information.
In recent years, economic or industrial espionage has taken on an expanded definition. For instance, attempts to sabotage a corporation may be considered industrial espionage; in this sense, the term takes on the wider connotations of its parent word. That espionage and sabotage (corporate or otherwise) have become more clearly associated with each other is also demonstrated by a number of profiling studies, some government, some corporate. The United States government currently has a polygraph examination entitled the "Test of Espionage and Sabotage" (TES), contributing to the notion of the interrelationship between espionage and sabotage countermeasures. [6] In practice, particularly by "trusted insiders", they are generally considered functionally identical for the purpose of informing countermeasures.
Economic or industrial espionage commonly occurs in one of two ways. Firstly, a dissatisfied employee appropriates information to advance interests or to damage the company. Secondly, a competitor or foreign government seeks information to advance its own technological or financial interest. [7] "Moles", or trusted insiders, are generally considered the best sources for economic or industrial espionage. [8] Historically known as a "patsy", an insider can be induced, willingly or under duress, to provide information. A patsy may be initially asked to hand over inconsequential information and, once compromised by committing a crime, blackmailed into handing over more sensitive material. [9] Individuals may leave one company to take up employment with another and take sensitive information with them. [10] Such apparent behavior has been the focus of numerous industrial espionage cases that have resulted in legal battles. [10] Some countries hire individuals to do spying rather than the use of their own intelligence agencies. [11] Academics, business delegates, and students are often thought to be used by governments in gathering information. [12] Some countries, such as Japan, have been reported to expect students to be debriefed on returning home. [12] A spy may follow a guided tour of a factory and then get "lost". [9] A spy could be an engineer, a maintenance man, a cleaner, an insurance salesman, or an inspector: anyone who has legitimate access to the premises. [9]
A spy may break into the premises to steal data and may search through waste paper and refuse, known as "dumpster diving". [13] Information may be compromised via unsolicited requests for information, marketing surveys, or use of technical support or research or software facilities. Outsourced industrial producers may ask for information outside the agreed-upon contract. [14]
Computers have facilitated the process of collecting information because of the ease of access to large amounts of information through physical contact or the Internet. [15]
Economic and industrial espionage has a long history. Father Francois Xavier d'Entrecolles, who visited Jingdezhen, China in 1712 and later used this visit to reveal the manufacturing methods of Chinese porcelain to Europe, is sometimes considered to have conducted an early case of industrial espionage. [16]
Historical accounts have been written of industrial espionage between Britain and France. [17] Attributed to Britain's emergence as an "industrial creditor", the second decade of the 18th century saw the emergence of a large-scale state-sponsored effort to surreptitiously take British industrial technology to France. [17] Witnesses confirmed both the inveigling of tradespersons abroad and the placing of apprentices in England. [18] Protests by those such as ironworkers in Sheffield and steelworkers in Newcastle,[ clarification needed ] about skilled industrial workers being enticed abroad, led to the first English legislation aimed at preventing this method of economic and industrial espionage. [19] [18] This did not prevent Samuel Slater from bringing British textile technology to the United States in 1789. In order to catch up with technological advances of European powers, the US government in the eighteenth and nineteenth centuries actively encouraged intellectual piracy. [20] [21]
American founding father and first U.S. Treasury Secretary Alexander Hamilton advocated rewarding those bringing "improvements and secrets of extraordinary value" [22] into the United States. This was instrumental in making the United States a haven for industrial spies.
East-West commercial development opportunities after World War I saw a rise in Soviet interest in American and European manufacturing know-how, exploited by Amtorg Corporation. [23] Later, with Western restrictions on the export of items thought likely to increase military capabilities to the USSR, Soviet industrial espionage was a well known adjunct to other spying activities up until the 1980s. [24] BYTE reported in April 1984, for example, that although the Soviets sought to develop their own microelectronics, their technology appeared to be several years behind the West's. Soviet CPUs required multiple chips and appeared to be close or exact copies of American products such as the Intel 3000 and DEC LSI-11/2. [25] [lower-alpha 1]
Some of these activities were directed via the East German Stasi (Ministry for State Security). One such operation, "Operation Brunnhilde," operated from the mid-1950s until early 1966 and made use of spies from many Communist Bloc countries. Through at least 20 forays, many western European industrial secrets were compromised. [26] One member of the "Brunnhilde" ring was a Swiss chemical engineer, Dr. Jean Paul Soupert (also known as "Air Bubble"), living in Brussels. He was described by Peter Wright in Spycatcher as having been "doubled" by the Belgian Sûreté de l'État. [26] [27] He revealed information about industrial espionage conducted by the ring, including the fact that Russian agents had obtained details of Concorde's advanced electronics system. [28] He testified against two Kodak employees, living and working in Britain, during a trial in which they were accused of passing information on industrial processes to him, though they were eventually acquitted. [26]
According to a 2020 American Economic Review study, East German industrial espionage in West Germany significantly reduced the gap in total factor productivity between the two countries. [29]
A secret report from the Military-Industrial Commission of the USSR (VPK), from 1979–80, detailed how spetsinformatsiya (Russian : специнформация, "special records") could be utilised in twelve different military industrial areas. Writing in the Bulletin of the Atomic Scientists, Philip Hanson detailed a spetsinformatsiya system in which 12 industrial branch ministries formulated requests for information to aid technological development in their military programs. Acquisition plans were described as operating on 2-year and 5-year cycles with about 3000 tasks underway each year. Efforts were aimed at civilian and military industrial targets, such as in the petrochemical industries. Some information was gathered to compare Soviet technological advancement with that of their competitors. Much unclassified information was also gathered, blurring the boundary with "competitive intelligence". [24]
The Soviet military was recognised as making much better use of acquired information than civilian industries, where their record in replicating and developing industrial technology was poor. [lower-alpha 2] [24]
Following the demise of the Soviet Union and the end of the Cold War, commentators, including the US Congressional Intelligence Committee, noted a redirection amongst the espionage community from military to industrial targets, with Western and former communist countries making use of "underemployed" spies and expanding programs directed at stealing information. [30] [31]
The legacy of Cold War spying included not just the redirection of personnel but the use of spying apparatus such as computer databases, scanners for eavesdropping, spy satellites, bugs and wires. [32]
Former CIA Director Stansfield Turner stated in 1991, "as we increase emphasis on securing economic intelligence, we will have to spy on the more developed countries-our allies and friends with whom we compete economically-but to whom we turn first for political and military assistance in a crisis. This means that rather than instinctively reaching for human, on-site spying, the United States will want to look to those impersonal technical systems, primarily satellite photography and intercepts". [33]
Former CIA Director James Woolsey acknowledged in 2000 that the United States steals economic secrets from foreign firms and their governments "with espionage, with communications, with reconnaissance satellites". He listed the three reasons as understanding whether sanctions are functioning for countries under sanction, monitoring dual-use technology that could be used to produce or develop weapons, and to spy on bribery. [34]
In 2013 The United States was accused of spying on Brazilian oil company Petrobras. Brazil's President Dilma Rousseff stated that it was tantamount to industrial espionage and had no security justification. [35]
In 2014 former US intelligence officer Edward Snowden stated that America's National Security Agency was engaged in industrial espionage and that they spied on German companies that compete with US firms. He also highlighted the fact the NSA uses mobile phone apps such as Angry Birds to gather personal data. [36]
According to a 2014 Glenn Greenwald article, "potentially sabotaging another country's hi-tech industries and their top companies has long been a sanctioned American strategy." The article was based on a leaked report issued from former U.S. Director of National Intelligence James R. Clapper's office that evaluated how intelligence could be used to overcome a loss of the United States' technological and innovative edge. When contacted, the Director of National Intelligence office responded, "the United States—unlike our adversaries—does not steal proprietary corporate information", and insisted that "the Intelligence Community regularly engages in analytic exercises". The report, he said, "is not intended to be, and is not, a reflection of current policy or operations". [37]
In September 2019, security firm Qi An Xin published report linking the CIA to a series of attacks targeting Chinese aviation agencies between 2012 and 2017. [38] [39]
Israel has an active program to gather proprietary information within the United States. These collection activities are primarily directed at obtaining information on military systems and advanced computing applications that can be used in Israel's sizable armaments industry. [40] [41]
Israel was accused by the US government of selling US military technology and secrets to China in 1993. [42]
In 2014 American counter-intelligence officials told members of the House Judiciary and Foreign Affairs committees that Israel's current espionage activities in America are "unrivaled". [43]
Computers have become key in exercising industrial espionage due to the enormous amount of information they contain and the ease at which it can be copied and transmitted. The use of computers for espionage increased rapidly in the 1990s. Information has commonly been stolen by individuals posing as subsidiary workers, such as cleaners or repairmen, gaining access to unattended computers and copying information from them. Laptops were, and still are, a prime target, with those traveling abroad on business being warned not to leave them for any period of time. Perpetrators of espionage have been known to find many ways of conning unsuspecting individuals into parting, often only temporarily, from their possessions, enabling others to access and steal information. [44] A "bag-op" refers to the use of hotel staff to access data, such as through laptops, in hotel rooms. Information may be stolen in transit, in taxis, at airport baggage counters, baggage carousels, on trains and so on. [13]
The rise of the Internet and computer networks has expanded the range and detail of information available and the ease of access for the purpose of industrial espionage. [45] This type of operation is generally identified as state backed or sponsored, because the "access to personal, financial or analytic resources" identified exceed that which could be accessed by cyber criminals or individual hackers. Sensitive military or defense engineering or other industrial information may not have immediate monetary value to criminals, compared with, say, bank details. Analysis of cyberattacks suggests deep knowledge of networks, with targeted attacks, obtained by numerous individuals operating in a sustained organized way. [45]
The rising use of the internet has also extended opportunities for industrial espionage with the aim of sabotage. In the early 2000s, energy companies were increasingly coming under attack from hackers. Energy power systems, doing jobs like monitoring power grids or water flow, once isolated from the other computer networks, were now being connected to the internet, leaving them more vulnerable, having historically few built-in security features. [46] The use of these methods of industrial espionage have increasingly become a concern for governments, due to potential attacks by hostile foreign governments or terrorist groups.
One of the means of perpetrators conducting industrial espionage is by exploiting vulnerabilities in computer software. Malware and spyware are "tool[s] for industrial espionage", in "transmitting digital copies of trade secrets, customer plans, future plans and contacts". Newer forms of malware include devices which surreptitiously switch on mobile phones camera and recording devices. In attempts to tackle such attacks on their intellectual property, companies are increasingly keeping important information "off network," leaving an "air gap", with some companies building Faraday cages to shield from electromagnetic or cellphone transmissions. [47]
The distributed denial of service (DDoS) attack uses compromised computer systems to orchestrate a flood of requests on the target system, causing it to shut down and deny service to other users. [48] It could potentially be used for economic or industrial espionage with the purpose of sabotage. This method was allegedly utilized by Russian secret services, over a period of two weeks on a cyberattack on Estonia in May 2007, in response to the removal of a Soviet era war memorial. [49]
In 1848, the British East India Company broke Qing China's global near-monopoly on tea production by smuggling Chinese tea out of the nation and copying Chinese tea-making processes. [50] The British Empire had previously run a considerable trade deficit with China by importing the nation's tea and other goods. The British attempted to rectify the deficit by trading opium to the Chinese, but encountered difficulties after the Daoguang Emperor banned the opium trade and the First Opium War broke out. To avoid further issues in trading tea with China, the East India Company hired Scottish botanist Robert Fortune to travel to China under the guise of a Chinese nobleman and obtain Chinese trade secrets and tea plants for replanting. Infiltrating Chinese tea-making facilities, Fortune recorded the Chinese process for creating tea and smuggled tea leaves and seeds back to the East India Company. [51] The East India Company later introduced these methods to company-ruled India, using India to compete and surpass China in tea production. [52]
Between 1987 and 1989, IBM and Texas Instruments were thought to have been targeted by French DGSE with the intention of helping France's Groupe Bull. [53] In 1993, U.S. aerospace companies were also thought to have been targeted by French interests. [54] During the early 1990s, France was described as one of the most aggressive pursuers of espionage to garner foreign industrial and technological secrets. [53] France accused the U.S. of attempting to sabotage its high tech industrial base. [53] The government of France allegedly continues to conduct ongoing industrial espionage against American aerodynamics and satellite companies. [55]
In 1993, car manufacturer Opel, the German division of General Motors, accused Volkswagen of industrial espionage after Opel's chief of production, Jose Ignacio Lopez, and seven other executives moved to Volkswagen. [10] Volkswagen subsequently threatened to sue for defamation, resulting in a four-year legal battle. [10] The case, which was finally settled in 1997, resulted in one of the largest settlements in the history of industrial espionage, with Volkswagen agreeing to pay General Motors $100 million and to buy at least $1 billion of car parts from the company over 7 years, although it did not explicitly apologize for Lopez's behavior. [56]
In April 2009, Starwood accused its rival Hilton Worldwide of a "massive" case of industrial espionage. After being acquired by The Blackstone Group, Hilton employed 10 managers and executives from Starwood. Starwood accused Hilton of stealing corporate information relating to its luxury brand concepts, used in setting up its Denizen hotels. Specifically, former head of its luxury brands group, Ron Klein, was accused of downloading "truckloads of documents" from a laptop to his personal email account. [57]
On 13 January 2010, Google announced that operators, from within China, had hacked into their Google China operation, stealing intellectual property and, in particular, accessing the email accounts of human rights activists. [58] [59] The attack was thought to have been part of a more widespread cyber attack on companies within China which has become known as Operation Aurora. [59] Intruders were thought to have launched a zero-day attack, exploiting a weakness in the Microsoft Internet Explorer browser, the malware used being a modification of the trojan "Hydraq". [47] Concerned about the possibility of hackers taking advantage of this previously unknown weakness in Internet Explorer, the governments of Germany and, subsequently France, issued warnings not to use the browser. [60]
There was speculation that "insiders" had been involved in the attack, with some Google China employees being denied access to the company's internal networks after the company's announcement. [61] [62] In February 2010, computer experts from the U.S. National Security Agency claimed that the attacks on Google probably originated from two Chinese universities associated with expertise in computer science, Shanghai Jiao Tong University and the Shandong Lanxiang Vocational School, the latter having close links to the Chinese military. [63]
Google claimed at least 20 other companies had also been targeted in the cyber attack, said by the London Times , to have been part of an "ambitious and sophisticated attempt to steal secrets from unwitting corporate victims" including "defence contractors, finance and technology companies". [59] [58] [60] Rather than being the work of individuals or organised criminals, the level of sophistication of the attack was thought to have been "more typical of a nation state". [58] Some commentators speculated as to whether the attack was part of what is thought to be a concerted Chinese industrial espionage operation aimed at getting "high-tech information to jump-start China's economy". [64] Critics pointed to what was alleged to be a lax attitude to the intellectual property of foreign businesses in China, letting them operate but then seeking to copy or reverse engineer their technology for the benefit of Chinese "national champions". [65] In Google's case, they may have (also) been concerned about the possible misappropriation of source code or other technology for the benefit of Chinese rival Baidu. In March 2010 Google subsequently decided to cease offering censored results in China, leading to the closing of its Chinese operation.
The United States charged two former NetLogic Inc. engineers, Lan Lee and Yuefei Ge, of committing economic espionage against TSMC and NetLogic, Inc. A jury acquitted the defendants of the charges with regard to TSMC and deadlocked on the charges with regard to NetLogic. In May 2010, a federal judge dismissed all the espionage charges against the two defendants. The judge ruled that the U.S. government presented no evidence of espionage. [66]
In May 2010, the federal jury convicted Chordiant Software, Inc., a U.S. corporation, of stealing Dongxiao Yue's JRPC technologies and used them in a product called Chordiant Marketing Director. Yue previously filed lawsuits against Symantec Corporation for a similar theft. [67]
Revelations from the Snowden documents have provided information to the effect that the United States, notably vis-à-vis the NSA, has been conducting aggressive economic espionage against Brazil. [68] Canadian intelligence has apparently supported U.S. economic espionage efforts. [69]
The Chinese cybersecurity company Qihoo 360 accused the Central Intelligence Agency of the United States of an 11-year-long hacking campaign [70] that targeted several industries including aviation organizations, scientific research institutions, petroleum firms, internet companies, and government agencies. [71]
A 2009 report to the US government, by aerospace and defense company Northrop Grumman, describes Chinese economic espionage as comprising "the single greatest threat to U.S. technology". [45] Blogging on the 2009 cyber attack on Google, Joe Stewart of SecureWorks referred to a "persistent campaign of 'espionage-by-malware' emanating from the People's Republic of China (PRC)" with both corporate and state secrets being "Shanghaied". [72] The Northrop Grumman report states that the collection of US defense engineering data stolen through cyberattacks is regarded as having "saved the recipient of the information years of R&D and significant amounts of funding". [45] Concerns about the extent of cyberattacks has led to the situation being described as the dawn of a "new cold cyberwar". [73]
According to Edward Snowden, the National Security Agency spies on foreign companies. [74] In June 2015 Wikileaks published documents about the National Security Agency spying on French companies. [75]
During December 2007, this was suddenly revealed that Jonathan Evans, head of the United Kingdom's MI5, had sent out confidential letters to 300 chief executives and security chiefs at the country's banks, accountants and legal firms warning of attacks from Chinese 'state organisations'. [76] A summary was also posted on the secure website of the Centre for the Protection of the National Infrastructure, accessed by some of the nation's 'critical infrastructure' companies, including 'telecoms firms, banks and water and electricity companies'. [77] One security expert warned about the use of 'custom trojans,' software specifically designed to hack into a particular firm and feed back data. [77] Whilst China was identified as the country most active in the use of internet spying, up to 120 other countries were said to be using similar techniques. [77] The Chinese government responded to UK accusations of economic espionage by saying that the report of such activities was 'slanderous' and that the government opposed hacking which is prohibited by law. [78]
German counter-intelligence experts have maintained the German economy is losing around €53 billion or the equivalent of 30,000 jobs to economic espionage yearly. [79]
In Operation Eikonal, German BND agents received "selector lists" from the NSA – search terms for their dragnet surveillance. They contain IP addresses, mobile phone numbers and email accounts with the BND surveillance system containing hundreds of thousands and possibly more than a million such targets. [80] These lists have been subject of controversy as in 2008 it was revealed that they contained some terms targeting the European Aeronautic Defence and Space Company (EADS), the Eurocopter project [81] as well as French administration, [82] [80] which were first noticed by BND employees in 2005. [81] After the revelations made by whistleblower Edward Snowden, the BND decided to investigate the issue whose October 2013 conclusion was that at least 2,000 of these selectors were aimed at Western European or even German interests which has been a violation of the Memorandum of Agreement that the US and Germany signed in 2002 in the wake of the 9/11 terror attacks. [80] After reports emerged in 2014 that EADS and Eurocopter had been surveillance targets the Left Party and the Greens filed an official request to obtain evidence of the violations. [80] [83]
The BND's project group charged with supporting the NSA investigative committee in German parliament set up in spring 2014, reviewed the selectors and discovered 40,000 suspicious search parameters, including espionage targets in Western European governments and numerous companies. The group also confirmed suspicions that the NSA had systematically violated German interests and concluded that the Americans could have perpetrated economic espionage directly under the Germans' noses. [80] [84] The investigative parliamentary committee was not granted access to the NSA's selectors list as an appeal led by opposition politicians failed at Germany's top court. Instead the ruling coalition appointed an administrative judge, Kurt Graulich , as a "person of trust" who was granted access to the list and briefed the investigative commission on its contents after analyzing the 40,000 parameters. [85] [86] In his almost 300-paged report [87] Graulich concluded that European government agencies were targeted massively and that Americans hence broke contractual agreements. He also found that German targets which received special protection from surveillance of domestic intelligence agencies by Germany's Basic Law (Grundgesetz) − including numerous enterprises based in Germany – were featured in the NSA's wishlist in a surprising plenitude. [88]
"Competitive intelligence" involves the legal and ethical activity of systematically gathering, analyzing and managing information on industrial competitors. [89] It may include activities such as examining newspaper articles, corporate publications, websites, patent filings, specialised databases, information at trade shows and the like to determine information on a corporation. [90] The compilation of these crucial elements is sometimes termed[ by whom? ] CIS or CRS, a Competitive Intelligence Solution or Competitive Response Solution, with its roots in market research. Douglas Bernhardt has characterised "competitive intelligence" as involving "the application of principles and practices from military and national intelligence to the domain of global business"; [91] it is the commercial equivalent of open-source intelligence.
The difference between competitive intelligence and economic or industrial espionage is not clear; one needs to understand the legal basics to recognize how to draw the line between the two. [92] [93]
The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collection, and processing of information and data for foreign intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT). The NSA is also tasked with the protection of U.S. communications networks and information systems. The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine. The NSA has roughly 32,000 employees.
The Government of China is engaged in espionage overseas, directed through diverse methods via the Ministry of State Security (MSS), the Ministry of Public Security (MPS), the United Front Work Department (UFWD), People's Liberation Army (PLA) via its Intelligence Bureau of the Joint Staff Department, and numerous front organizations and state-owned enterprises. It employs a variety of tactics including cyber espionage to gain access to sensitive information remotely, signals intelligence, human intelligence as well as influence operations through united front activity targeting overseas Chinese communities and associations. The Chinese government is also engaged in industrial espionage aimed at gathering information and technology to bolster its economy, as well as transnational repression of dissidents abroad such as supporters of the Tibetan independence movement and Uyghurs as well as the Taiwan independence movement, the Hong Kong independence movement, Falun Gong, pro-democracy activists, and other critics of the Chinese Communist Party (CCP). The United States alleges that the degree of intelligence activity is unprecedented in its assertiveness and engagement in multiple host countries, particularly the United States, with economic damages estimated to run into the hundreds of billions according to the Center for Strategic and International Studies.
Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.
Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky and Alexey De-Monderik. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.
GhostNet is the name given by researchers at the Information Warfare Monitor to a large-scale cyber spying operation discovered in March 2009. The operation is likely associated with an advanced persistent threat, or a network actor that spies undetected. Its command and control infrastructure is based mainly in the People's Republic of China and GhostNet has infiltrated high-value political, economic and media locations in 103 countries. Computer systems belonging to embassies, foreign ministries and other government offices, and the Dalai Lama's Tibetan exile centers in India, London and New York City were compromised.
Cyber spying, cyber espionage, or cyber-collection is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information using methods on the Internet, networks or individual computers through the use of proxy servers, cracking techniques and malicious software including Trojan horses and spyware. Cyber espionage can be used to target various actors- individuals, competitors, rivals, groups, governments, and others- in order to obtain personal, economic, political or military advantages. It may wholly be perpetrated online from computer desks of professionals on bases in far away countries or may involve infiltration at home by computer trained conventional spies and moles or in other cases may be the criminal handiwork of amateur malicious hackers and software programmers.
Operation Aurora was a series of cyber attacks performed by advanced persistent threats such as the Elderwood Group based in Beijing, China, with associations with the People's Liberation Army. First disclosed publicly by Google on January 12, 2010, by a weblog post, the attacks began in mid-2009 and continued through December 2009.
An advanced persistent threat (APT) is a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals.
The United States has often accused the People's Republic of China of attempting to unlawfully acquire U.S. military technology and classified information as well as trade secrets of U.S. companies in order to support China's long-term military and commercial development. Chinese government agencies and affiliated personnel have been accused of using a number of methods to obtain U.S. technology, including espionage, exploitation of commercial entities, and a network of scientific, academic and business contacts. Prominent espionage cases include Larry Wu-tai Chin, Katrina Leung, Gwo-Bao Min, Chi Mak, Peter Lee, and Shujun Wang. The Ministry of State Security (MSS) maintains a bureau dedicated to espionage against the United States, the United States Bureau.
Cyberwarfare is the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. As a major developed economy, the United States is highly dependent on the Internet and therefore greatly exposed to cyber attacks. At the same time, the United States has substantial capabilities in both defense and offensive power projection thanks to comparatively advanced technology and a large military budget. Cyberwarfare presents a growing threat to physical systems and infrastructures that are linked to the internet. Malicious hacking from domestic or foreign enemies remains a constant threat to the United States. In response to these growing threats, the United States has developed significant cyber capabilities.
Cyberwarfare by China is the aggregate of cyberattacks attributed to the organs of the People's Republic of China and various related advanced persistent threat (APT) groups.
Cyberweapons are commonly defined as malware agents employed for military, paramilitary, or intelligence objectives as part of a cyberattack. This includes computer viruses, trojans, spyware, and worms that can introduce malicious code into existing software, causing a computer to perform actions or processes unintended by its operator.
PLA Unit 61398 is the Military Unit Cover Designator (MUCD) of a People's Liberation Army advanced persistent threat unit that has been alleged to be a source of Chinese computer hacking attacks. The unit is stationed in Pudong, Shanghai, and has been cited by US intelligence agencies since 2002.
The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997, but was not named or structured as TAO until "the last days of 2000," according to General Michael Hayden.
During the 2010s, international media reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked by ex-NSA contractor Edward Snowden. The documents consist of intelligence files relating to the U.S. and other Five Eyes countries. In June 2013, the first of Snowden's documents were published, with further selected documents released to various news outlets through the year.
PLA Unit 61486 is a People's Liberation Army unit dedicated to cyberattacks on American, Japanese, and European corporations focused on satellite and communications technology. It is a unit that takes part in China's campaign to steal trade and military secrets from foreign targets.
The United States is widely considered to have one of the most extensive and sophisticated intelligence network of any nation in the world, with organizations including the Central Intelligence Agency and the National Security Agency, amongst others. It has conducted numerous espionage operations against foreign countries, including both allies and rivals. Its operations have included the use of industrial espionage, cyber espionage. and mass surveillance.
The Shadow Network is a China-based computer espionage operation that stole classified documents and emails from the Indian government, the office of the Dalai Lama, and other high-level government networks. This incident is the second cyber espionage operation of this sort by China, discovered by researchers at the Information Warfare Monitor, following the discovery of GhostNet in March 2009. The Shadow Network report "Shadows in the Cloud: Investigating Cyber Espionage 2.0" was released on 6 April 2010, approximately one year after the publication of "Tracking GhostNet."
Regin is a sophisticated malware and hacking toolkit used by United States' National Security Agency (NSA) and its British counterpart, the Government Communications Headquarters (GCHQ). It was first publicly revealed by Kaspersky Lab, Symantec, and The Intercept in November 2014. The malware targets specific users of Microsoft Windows-based computers and has been linked to the US intelligence-gathering agency NSA and its British counterpart, the GCHQ. The Intercept provided samples of Regin for download, including malware discovered at a Belgian telecommunications provider, Belgacom. Kaspersky Lab says it first became aware of Regin in spring 2012, but some of the earliest samples date from 2003. Among computers infected worldwide by Regin, 28 percent were in Russia, 24 percent in Saudi Arabia, 9 percent each in Mexico and Ireland, and 5 percent in each of India, Afghanistan, Iran, Belgium, Austria, and Pakistan.
DarkMatter Group is a computer security company founded in the United Arab Emirates (UAE) in 2014 or 2015. The company has described itself as a purely defensive company, however in 2016, it became a contractor for Project Raven, to help the UAE surveil other governments, militants, and human rights activists. It has employed former U.S. intelligence operatives and graduates of the Israel Defense Force technology units.
'Competitive intelligence involves the application of principles and practices from military and national intelligence to the domain of global business. It is where the art and disciplines of both intelligence and strategic management converge. Competitive intelligence is the flip side of the strategy coin,' stresses Douglas Bernhardt, author of Perfectly Legal Competitor Intelligence.
{{cite web}}
: CS1 maint: multiple names: authors list (link)