Cyber espionage is one of the most important sources of intelligence for any government and Verizon’s latest findings will help defend you and your company against cyber espionage attacks. Defined as any form of cyberattack that steals classified or sensitive data as well as intellectual property, cyber espionage is useful for any government or private company that wants to gain a competitive advantage over a competitor. The first publicized case of cyber espionage was moonlight maze, which was also the first documented case of cyber warfare between the United States and Russia. Moonlight maze was a series of cyberattacks that began in 1998 and resulted in the theft of confidential information about American military technology. The attack was attributed to Russia but there wasn’t any hard evidence, which is often the case when dealing with skilled computer hackers. Moonlight maze continues to have an impact on the United States’ national security as it’s still widely used for modern-day cyber-attacks. 

Attacks like this have triggered an ongoing sequence of nation-state cyber espionage, where different governments spy on one another over the internet. The biggest players in nation-state cyber espionage include the United States, China, and Russia and are considered the most advanced in their cyber espionage programs. However, espionage doesn’t just include governments and organizations; There are also programs in place for governments to share information regarding their own citizens. One example of this is the fourteen eyes surveillance alliance, which includes countries in North America, Europe, Asia, and Australia.

Given the importance of cyber espionage on governments and private institutions, Verizon has created a report dedicated to cyber espionage. It highlights the latest trends in the threat landscape of Cybersecurity. You can see some of their key findings below and a full summary here:

Top Tactics, Techniques, and Procedures (TTPs) in 2014.

Top Tactics, Techniques, and Procedures (TTPs) from 2014 -2020.

The Verizon report shows that phishing campaigns have greatly increased in popularity and should be a primary focus when it comes to planning a company’s cybersecurity strategy. Best practices for preventing phishing emails include having good filtering software that can detect phishing emails and block them before they reach employees. Also, you should enable Two-Factor Authentication (2FA) wherever possible so that even if an employee gives up their password, an attacker won’t be able to login to their account and steal information. Thirdly, employee training on identifying phishing emails is an important investment to make.

Overall, the Verizon report speaks to two main points. Firstly, cyber espionage is becoming more advanced, effective and professional. By switching to phishing attacks as a primary attack vector, hackers can circumvent many of the security features that companies put in place by exploiting the human element of the company. Also, the amount of hacking tools sold online and hacking groups for hire have now increased, meaning that organizations now have more options for cyber espionage than ever before. Secondly, cyber espionage has become a preferred means of espionage because of its global reach, quick speed and it’s stealth capabilities. The time-to-discover within a cyber espionage breach is very long with 30% of breaches taking months to be discovered while 39% take years.

Cyber Espionage vs Common Breaches: Time to Discovery

Even when companies/governments are able to detect a breach, it’s very difficult to prove who was behind the attack. For the attacker this makes it a very attractive form of stealing information because most of the time there are no repercussions for the hacker themselves. This has contributed to what is considered a cybercrime epidemic, because less than 1% of cybercrime results in any law enforcement action against the attacker.

Cyber espionage is the preferred method of spying in the 21st century. Hackers can exfiltrate information from the target’s system without leaving a trail back to themselves and they can do this from anywhere in the world. The trends in cyber espionage indicate that hackers are focusing less on technical attacks and are moving more towards using phishing campaigns to compromise organizations. The solution to this is to use 2FA, invest in good email security, and train employees to recognize phishing emails. By implementing these controls you significantly reduce your exposure to phishing attacks.

Do you want to learn more about cybersecurity? Please subscribe to our newsletter.