Defense Report Reveals Spike in State Sponsored Cyber Espionage

Anthony Freed
By | December 20, 2012

Posted in: Network Security Trends

It's no secret that foreign countries seek to take developmental shortcuts by stealing technologies that would otherwise take decades to develop, a circumstance which significantly undermines the nation's security posture and overall economic stability. But how prevalent is the problem? According to a new report published by the Defense Security Service Counterintelligence Directorate, state-sponsored cyber espionage operations aimed at pilfering American technology, proprietary information, and enterprise trade secrets has increased an estimated 75% during the fiscal years spanning 2010 to 2011, and the escalation of such operations is predicted to continue.

A pattern of "persistent, pervasive, and insidious" threats became more pronounced during fiscal year 2011, as foreign operatives developed more sophisticated methods to evade countermeasures by increasingly concealing their illicit activities through the abuse of front companies, third-party nations, and the use of fraudulent digital identities.

The report indicates that while the origin of espionage activities varied little between 2010 and 2011, the overall number of espionage events detected sharply increased in all regions, with attacks emanating from Central/South Asia surging by 129%, the Far/Near East up 75%, and Europe/Eurasia increasing by more than 60%.

"In fiscal year 2011, our combined efforts produced 485 operations or investigations based on information that industry provided. Over three-quarters of these are still undergoing significant action, with many foreign collectors already identified, isolated, diverted, or otherwise thwarted," Sims continued.

Complicating the investigations is the convoluted nature of the interactions between various countries, who may engage in the trade of exfiltrated data or seek to exploit shortcomings in attribution efforts with attempts to implicate rival nations through the use of multiple proxies, routing tricks, employing compromised systems belonging to a third-party, or the use of spoofed IP addresses. If an attacker is highly skilled, it is nearly impossible to clearly determine the origin of an event.

The most commonly targeted technologies continued to be information systems (IS), followed by lasers, optics and sensors (LO&S), aeronautics systems and electronics, and armaments. The report also noted an increase in operations targeting technology related to space systems, processing and manufacturing, and directed energy systems.

"Increased awareness of the U.S. technologies being targeted by foreign entities and the methods of operation they use in their efforts to acquire those technologies can only make us better at identifying and thwarting illicit collection attempts," said DSS Director Stanley L. Sims in the report.

The extensive information provided in the DSS report is intended to help intelligence agencies, law enforcement, and at-risk organizations better understand the dynamic nature of the threats both government and industry are facing, as well as fostering increased collaboration where information sharing is concerned.

"Preventing such losses takes a team effort," Sims said. "Like any analysis, this one is only as good as the information that goes into it. Timely and accurate initial reports of illicit collection attempts are the foundation upon which this process rests."

To combat the increase in operations designed to glean sensitive trade secrets, an FBI-supported program called RED DART has been created to better educate the private sector on counterintelligence techniques to stem the tide of intellectual property theft through educational briefings which are being provided to defense contractors and other strategic technology producers.

“A big part of our program is putting information out there about the threat so that people understand just how serious it is. When a company’s trade secrets are compromised, it can threaten national security, but it can also hurt that company’s bottom line and its ability to keep people employed,” said FBI Special Agent Lou Velasco, RED DART’s coordinator.

RED DART programs are now available in Virginia, South Carolina, and Mississippi, and the program is expected to be expanded to other regions.

You May Also Be Interested In: