Computer Sciences and Information Technology
Nations and states engage in espionage attacks against each other, resulting in devastating political and economic impacts between the victims; thus, respective nations need to have sufficient and relevant preventive strategies and measures to secure their cyber resources against such related attacks. Espionage takes the act of engaging in a coordinated attack that enables an unauthorized user to view classified material of another party (Lewis, 2013). The attack takes a process or code operating in the background of a mainframe or personal workstation targeted at a corporate or government entity. The attacks aim to access internal data, intellectual property, client and customer information, and marketing and competitive intelligence.
The access of classified documents damages the competitive advantage or operations of the affected party. The attackers access government secrets and intellectual property intending to use them at the owner’s expense (Lewis, 2013). The attacks are motivated by profit, greed, terrorism, or military operations. The access to the information of a party perceived to be a rival makes one party gain a competitive advantage over the other, leading to loss of materials, loss of lives, loss of data, or infrastructure. Cyber espionage has a devastating impact, thus inclining the potential victims to adopt counter-preventive solutions, measures, and approaches or even have measures to handle such attacks, thus reducing the attacks’ impacts. Cyber-espionage attacks are implemented by attackers or cybercriminals to access unauthorized information against the owner; thus, nations and states need to adopt preventive strategies to deter such attacks.
Types of cyber espionage attack techniques
Cybercriminals and attackers use different techniques and strategies to access government or corporate bodies’ computer and network system. In this case, offensive actions targeting computer information systems, computer networks, infrastructures, personal computer devices intending to steal, destroy, alter data, and information systems. In this regard, a man-in-the-middle attack is launched on the systems where the attacker intercepts communication and operations between an organization and its servers (Weissbrodt, 2013). The attacking computer substitutes its IP address for a trusted client while the server proceeds with the sessions believing it’s interacting with the clients. The attack enables the attackers to gather relevant information and use it against the users.
The attacker uses phishing and spear-phishing attacks to launch cyber espionage attacks. Phishing takes the act of sending emails that appear to originate from trusted sources to gain personal information or influence people to do something (Weissbrodt, 2013). The attackers use both technical trickery and social engineering and technical trickery to launch attacks. The emails sent contain attachments or links that, when followed or clicked, introduce malware or programs used to access the user’s system and programs, thus making them vulnerable.
Drive-by attacks are used in implementing espionage attacks on the system. In this case, attackers use malicious plant script into HTTP or PHP code on a genuine organization page. The script is used in installing malware directly to computers of parties that visit the site (Wangen, 2015). When the user opens malicious emails, the attackers are able to access the operating system or web browser with security flaws, thus accessing the system and launching their different attacks.
Additionally, cyber espionage can be launched using malware attacks where unwanted software is attached to legitimate code and propagate and replicate itself on the internet. The attackers exploit the malware to gain access to other parties’ computer systems (Wangen, 2015). The different malware attacks used to access other systems’ systems include macro viruses, file infectors, Trojans, worms, ransomware, adware, and spyware.
Recent cyber-espionage attacks
In 2010 the Stuxnet virus was used to target the Iranian nuclear facilities. Stuxnet was designed to take over computer systems used in controlling and monitoring physical hardware in the facilities. The Stuxnet virus was highly sophisticated since its attack would effectively damage the physical and digital world (Rubenstein, 2017). The tools adopted in the implementation of espionage included gauss that steals passwords and other data, a flame that takes over drivers, Skype, screenshot, Bluetooth function, and can monitor computer keyboard and network traffic and the DuQu too that runs in the background in the collecting of data. The virus was created in the same world power as United stated=s or Israel.
Russia has consistently launched cyber-espionage attacks on other nations such as Estonia. In 2007 Russia launched a DDoS attack on Estonia, thus shutting down services to major websites and disrupted communications across the nation (Rubenstein, 2017). The attack by Russia was in response to Estonia removing the pro-Soviet Union statue. Moreover, In 2008 Russia used DDoS attacks to shut down communication systems before sending their soldiers to Georgia. The espionage attack effectively cut Georgia from the rest of the world. Additionally, in 2014 Russia used cyber-espionage attacks and traditional warfare to disable Ukraine mobile phone communications before using traditional methods.
Cyber espionage regulation under international laws
The increased cases and negative impact of cyber espionage have resulted in adopting a law for both defense and offense purposes. The world powers have begun to define the operations and acts that constitute cyber-attack and countermeasures legally acceptable (Rubenstein, 2017). Nations across the globe have come together to create guidelines to govern cyberspace operations. For instance, countries have developed the Tallinn manual that defines rules determining attacks that define cyber wars, regulation, and relevant counter-attacks under international law.
International laws regulating cyberspace provided victims with paths to seek justice and reparation after the attacks. The laws state that nation’s cyber states are sovereign territories just as the physical territories (Rubenstein, 2017). The international law allows retaliation between one state to another when the attack was unlawful. It is vital to note that propaganda, political coercion, economic coercion, and psychological warfare are not considered illegal in cyberspace.
Impact of cyber espionage
The cyber espionage between the nation-state has a wide range of impacts ranging from loss of money, physical infrastructure damage, and loss of lives. Espionage events have different costs to nations and people (Fitzpatrick and Dilullo, 2015). Espionage results in loss of communication, thus restricting the victim’s capability to defend itself and the citizens; this makes the victim vulnerable and insecure. Consequently, espionage results in loss of property, infrastructure, and lives since communication and interactions are affected, seeking internal and external help.
There are different costs involved in launching attacks or defending oneself. In defending, the countries are involved in protecting the possible vulnerabilities, thus spending a lot of money (Fitzpatrick and Dilullo, 2015). On the other hand, the countries that go on the offensive have to invest in military and technology to launch a successful attack. The offensive is less costly than the defensive aspect of cyber-espionage.
Cyber espionage has significant economic costs to nations and its citizens. The economic cost is evaluated from the high value of information compromised due to international hacking. The information value is in the billions’ tunes, thus making espionage costly (Fitzpatrick and Dilullo, 2015). In this regard, Nation and state launch attacks on each other to gain competitive economic advantages from the value of data retrieved from each other’s computer or network systems.
Countermeasures and solutions for espionage
Nations that are potential victims of espionage need to adopt the relevant solutions and measures to protect themselves. In this regard, countries need to create a deterrence effect that convinces other nations that it has an equal and capable military force of retaliating to cyber intrusions (Pun, 2017). This approach scares other nation-states from launching espionage attacks. Therefore, countries need to invest in research and innovations that prove that their retaliation attack can be worse than the original attack consistently.
The international laws, international cooperation, and treaties serve positive results in countering cyber-espionage attacks by ensuring that nations adhere to guidelines preventing them from engaging in such and related attacks (Pun, 2017). For instance, the Tallinn Manual ensures that cyber espionage guidelines are addressed, such as settling of cyber disputes or regulation of cyberwar between nations.
Additionally, there is the option of nations launching retaliatory attacks to a nation that uses cyber-espionage attacks on them. It is important to note that being offensive on cyber wars creates a sense of fear such that nations fear engaging in such wars since they are costly (Pun, 2017). This fact ensures that nations maintain cordial relationships leading to cooperation, thus preventing cyber wars between them.
Cyber espionage attacks have been launched on nation-states leading to costly outcomes that need to be addressed by adopting relevant countermeasures. Cyber espionage continues to persist as nations try to have economic and political competitive advantages over the others. Cybercriminals and attackers adopt different techniques and strategies to gain unauthorized access to computer and network systems of other nations. The espionage attacks are costly, and thus they need to be countered through the adoption of the law, deterrence effect, or launching retaliatory attacks.
Pun, D. (2017). Rethinking espionage in the modern era. Chi. J. Int’l L., 18, 353.
Rubenstein, D. (2017). Nation State Cyber Espionage and its Impacts. Washington University in St. Louis. Internet: http://www. cse. wustl. edu/~ jain/cse571-14/ftp/cyber_espionage. pdf. Access, 6.
Wangen, G. (2015). The role of malware in reported cyber espionage: a review of the impact and mechanism. Information, 6(2), 183-211.
Lewis, J., & Baker, S. (2013). The economic impact of cybercrime and cyber espionage. McAfee.
Weissbrodt, D. (2013). Cyber-conflict, Cyber-crime, and Cyber-espionage. Minn. J. Int’l L., 22, 347.
Fitzpatrick, W. M., & Dilullo, S. A. (2015, July). Cyber espionage and the SPIES taxonomy. In Competition Forum (Vol. 13, No. 2, p. 307). American Society for Competitiveness.