‘Cyberspace’ is the electronic medium of digital networks used to store, modify and communicate information. It includes the Internet and other information systems that support businesses, infrastructure and services. However, some individuals and groups use cyberspace for malicious purposes are known as ‘hostile actors’ and they exploit cyberspace to conduct espionage operations or launch damaging computer network attacks. The hostile actors include foreign states, criminals, ‘hacktivist’ groups and terrorists who use cyberspace to target various countries. The resources and capabilities of hostile actors vary. Hostile actors conducting cyber

espionage can target government, military, business and individuals. The foreign states are generally equipped to conduct the most damaging cyber espionage and computer network attacks. The cyber espionage is an extension of traditional espionage. They use computer networks to steal large volumes of sensitive data undetected over a prolonged period of time remotely, cheaply and on an industrial scale with relatively little risk to a hostile actor’s intelligence officers or agents overseas exploiting the Computer Network.
They also use malicious software to disrupt and damage cyber infrastructure. This includes taking a website offline to manipulate the industrial process command and control systems which is known as a Computer Network Attack. These collectively present a real risk to the economic well-being of the countries and pose a direct threat to national security as well. Advanced Persistent Threats (ATPs) affect all types of sectors where the hostile actors maintain a foothold in corporate and governmental networks for months or years, smuggling out terabytes of sensitive and indiscriminate information in a more automated fashion and did not always bother to wipe away their fingerprints. Espionage activity carried out in cyberspace by a small group of criminal hackers for hire began in 2011 and has expanded in scope and size over the last few years. They sometimes do this on behalf of state-owned or sponsored companies in their own countries. Recently, the security researchers found malicious software ‘Icefog’ infecting targets via emails with malicious links or attachments. Once a victim clicked the link or opened the attachment, the ‘Icefog’ programme displayed a decoy document as it inserted a “backdoor” into the system, through which the hostile actors processed victims one-by-one and manually stole specific files that it seemed to know about in advance such as company plans, address books, account passwords and other material that were not easily monetized. These attacks usually lasted for a few days or weeks, the hostile actors cleaned up and left after collecting the information they were looking for. Many countries have become victims of ‘Icefog’ and the target also includes governmental institutions, military contractors, maritime and ship-building groups, telecom and satellite operators, industrial and high technology companies and mass media.

Espionage against a country’s interests continues and is widespread, insidious and potentially very damaging. In the past, espionage activity was typically directed towards obtaining political and military intelligence. These targets remain of high value but in today’s technology-driven world, the intelligence requirements of a number of countries are wider than before. They now include communications technologies, IT, genetics, defense, aviation, electronics and many other fields. Intelligence services, therefore, are targeting commercial as well as government – related organizations. Foreign intelligence services increasingly use the Internet and cyber techniques to conduct espionage against a country’s interests. As we become more reliant on the Internet in our everyday lives the threat from cyber espionage will only increase.

There are many simple steps that business and the public can take to improve their cyber security. Good cyber security depends on a combination of both technical measures and human behaviour. For example, an anti-virus system will prevent malicious activity on computer networks but will become ineffective if the user does not ensure signatures are not kept up to date. Similarly, if staff in an organization is educated not to open suspicious emails, this can help to minimize the risk of their organization becoming a victim of cyber espionage. However, the governmental and commercial organizations should invest in situational awareness technologies to monitor the network and security infrastructure in real-time and adopt intelligence driven security – a new capability to defend against the unknown.

(The writer is a Governance, Risk and Compliance professional. He is the founding member and charter secretary of the (ISC)2 Chennai Chapter and founder/President of Information Security Professional Associates (iSPA) and a board member of the (ISC)2 Colombo Chapter. He can be emailed at sujit@layers-7.com)

comments powered by Disqus

CHOGM not just expensive risk, but rare opportunity – former Foreign Secretary

BUDGET: Sri Lanka faces fiscal crisis of its own

Duminda and Dad advisors to Touchwood board

Krrish project now confronted with environmental issues

Designer clothes, designer shoes … what next? Why not designer eggs!

Questioning the role of finance and state authorities

Trade union calls for radical change in taxation policy in 2014 budget

CHOGM: A dignified welcome

SLIC unions resort to strikes, protest to the President over irregularities

Bharti Airtel Lanka, Principal sponsor of the CHOGM Business Forum

Revived GKCC makes third phase repayment to over 1200 depositors

Pan Asia Bank raises $20 mln in foreign funds

Hemas appoints Anura Ekanayake, Dinesh Weerakkody as independent directors

Skills required for sustainable employment

Colombo Stock Exchange to attract new listings

The IMF cautions Sri Lanka on foreign borrowings at high rates

Maruti Suzuki India to take a final decision soon on Sri Lanka assembly unit

Rajeeva new CEO at CSE

China assures assistance to develop tourism

Sri Lanka joins amended IATA Billing and Settlement scheme

New privilege card for apparel sector employees

Top cyber security conference highlights more advanced threats

MS Dynamics provides support to Tropicoir

Commercial Bank’s CSR trust donates landmark 100th IT Laboratory to Mirihanegama Kanista Vidyalaya

Local IT future is in products, not consulting : Leapset CEO

Oracle Database 12c now in SL

Brandix to launch innovation ‘incubator’

Jaffna next Silicon Valley, eventually: IT industry leader

PIM gets a new Director

Entrepreneurial operating system – winner for Bren Security

Bharthi Airtel says no plan to sell Sri Lanka operations

China now the focus of many global travellers, UNWTO chief says

SL-based Pyxle outlines South America, China and Africa growth plans

Sri Lanka’s Supreme SAT to use Afghanistan slot for another satellite launch

M. D. Gunasena partners Colleen Pencil Thailand

Lanka companies buoyant at EDB’s first ever China-Lanka direct B2B

“High level probe into contract of specially – designed brooches for CHOGM first ladies”

Singapore firm to set up dialysis hospital in Sri Lanka

‘Dawn Princess’ docks in Colombo after 10 years

ADB continues assistance to improve water and wastewater management in Colombo

JKH in talks with two international operators to run casino

Harnessing tourism potential through targeted strategies