Indeed, according to another report, released earlier this year by Cybereason, monitoring compliance (as in, “trust but verify”) is, if anything, more difficult now due to what the company says is a trend toward nation states “outsourcing” cyber espionage to private firms.
According to the report, most countries, including US allies, do it, but in a more limited way than China and Russia, which, “outsource wholesale hacking operations to individual groups and companies.”
The use of what are called, “cutouts and sympathetic agents to collect information on their behalf,” makes attribution of the attackers more difficult and also gives the governments “plausible deniability,” the report said.
That trend, said Israel Barak, CISO of Cybereason, means the conclusion that economic espionage has decreased is “problematic.”
“Fewer attempts might mean they already have access,” he said. “The amount attributed to cyber crime in manufacturing, health care and other industries is constantly on the rise.”
Barak said the trend is worrisome on another level as well, since these private hacking operations are expanding their attacks well beyond what they do for government. “We’re starting to see a tipping point here,” he said. “Hackers who contract with the government are making (through other “freelance” cyber attacks) four to five times what those working for the government make.
“The only thing that restrains them is the fear that they will be caught and punished for using their skills outside government. If that fear is lessened, it will expand exponentially,” he said.
All of this has some experts suspecting that cyber espionage hasn’t decreased in any meaningful way – that it has just become less visible and more targeted.
As Kevin Murray, director at Murray Associates, put it, “once someone starts closely watching the cookie jar, the thief is forced to become more crafty.”
That would align with what former Department of Homeland Security secretary Michael Chertoff, now chairman of the security consultancy Chertoff Group, reportedly said at last summer’s Aspen Security Forum – that the word from the Chinese government to hackers was likely along the lines of, “If there’s something worth stealing, do it, but do it in a way that’s not so obvious.”
Quinn added that, “it would be naïve to expect the PRC to abandon economic espionage efforts entirely. The Chinese have engaged in espionage for more than 2,000 years, dating back to the time of Sun Tzu,” who lived from 544–496 BC.
While he doesn’t think it will become “quieter,” Quinn said he thinks it will be, “more advanced and low key.”
He said the relatively open nature of American society is a major reason US corporations are vulnerable to theft of their IP. “Much of the intelligence collection is still open source (OSINT),” he said, “and comes from visiting academics, students, scientific gatherings and commercial trade fairs. When analyzed properly the OSINT is used to develop a more target list for further exploitation. This is where the more clandestine methods begin.”
Sign up for Computerworld eNewsletters.