Importantly, it's not just state-sponsored entities that are launching cyberespionage campaigns.
In January, the security firm Kaspersky Labs released details of a massive cyberespionage campaign, dubbed Red October, that has been targeting companies in Western Europe and North America for at least the past five years. The attacks, which targeted companies from a total fo 69 countries were not state-sponsored, but rather the work of sophisticated hackers operating out Russia.
"Signs point to Chinese actors most often when attacks or compromises are discovered," said Dale Peterson, CEO of Digital Bond, a consulting company that specializes in control system security. That doesn't mean that other nations are not active as well, especially in the area of industrial control systems (ICS), he said.
"I'd imagine every major country in the world, including the U.S. and non-governmental entities, are learning what control systems run their potential adversaries critical infrastructure, getting detailed design information on those systems, developing offensive weapons, and in some cases pre-staging those weapons," Peterson said.
Sign up for Computerworld eNewsletters.