Photo - Zahri Yunos, COO, CyberSecurity Malaysia
Rapid advancement of technology in the digital world has opened up many opportunities in our daily life such as inspired creativities, increased the quality of life and improved relationships in all aspects of human society.
However, digital technologies are similar to a double-edged sword. If it is put in the best uses, it further inspires development which benefits to all nations to progress and prosper but at the same time, it can also be turned to negative activities such as cyber espionage, malicious software (malware) infection and system intrusion to high-scale cyber attacks conducted with technical complexity and sophistication.
Cyber espionage has been the hot topic ever discussed worldwide, even since the leaks of Wikileaks by Julian Assange in 2011 and the revealing of PRISM program by Edward Snowden in June 2013. Government and corporate information as well as personal data were intercepted and became the centre of cyber espionage activity.
Wikipedia defined cyber espionage as the act or practice of obtaining secrets without permission from the holder of the information (en.wikipedia.org). Cyber espionage involves the unauthorized probing of a target computer's configuration or attempts to evaluate its system defenses, or the unauthorized viewing and copying of data files by using computer or related systems to collect information.
Similarly, cyber espionage is described as stealing of secrets stored in digital formats or on computers and IT networks (http://lexicon.ft.com). On another hand, Brandon and Ryan of University of Glasgow and University of Illinois at Chicago (2013) respectively defined cyber espionage as the use of 'dangerous and offensive intelligence measures in the cyber space of interactions.'
As defined by Wikipedia, the methods of cyber espionage could be "through the use of cracking techniques and malicious software including Trojan horses and spyware. It may wholly be perpetrated online from computer desks of professionals on bases in far away countries or may involve infiltration at home by computer trained conventional spies and moles or in other cases may be the criminal handiwork of amateur malicious hackers and software programmers."
According to Mark Russinovich (RSA Conference 2013), author of zero day and Trojan horse, there are several reasons for States to maintain and utilize an aggressive cyber capability:
- to deter other Sates by infiltrating their critical infrastructure;
- to gain knowledge, which makes it possible for State to advance more quickly in their military development;
- to make economic gains where technological progress has been achieved;
- to be able to paralyze an adversary's capability or the adversary's ability to control its own forces in a conflict.
Cyber espionage also has been used by some States before conduct cyber operation. In the case of cyber attacks against Estonia in 2007 and Georgia in 2008, it was reported that the Russian utilized cyber espionage before conducting the cyber attacks.
During the cyber espionage interactions, the actors launched a series of denial of service attacks against the Critical National Information Infrastructure organisations that provide critical services to the country. Government employees' computers, passwords and email accounts were infiltrated. They disrupted, destroyed and stole information of the Critical National Information Infrastructure organisations. This demonstrates that some actors will use cyber espionage in the future before embarking into cyber attacks.