Login Signup
Verified Document

Cyber Espionage As An Emerging Threat Term Paper

Related Topics:
Cyber Security Cybersecurity Cyber Crime Ip Address
Open Document Cite Document

Cyber Espionage Over the last several years, cyber espionage has become a major problem that is impacting a variety of organizations. This is because hackers and other groups are actively seeking to exploit vulnerabilities in security networks. Evidence of this can be seen by looking no further than the below tables (which are illustrating the motivations and targets of attacks).

Motivations behind Attacks on Computer Networks

Percentage

Cyber Crime

Hactivism

Cyber Warfare / Espionage

("Cyber Attack Statistics," 2012)

Distribution of Targets

Percentage

Government / Infrastructure / Defense / Law Enforcement / Economic

E Commerce / Sports / Political / News Media

31%

Industry

21%

("Cyber Attack Statistics," 2012)

These figures are showing how cybercrime and espionage are areas that are continually being exploited by hackers. What makes this troubling is the fact that organized groups could target specific infrastructure projects that are vulnerable. When this happens, classified information is stolen that could be used to shut down entire networks and infrastructure. The close relationship between private contractors and governmental entities is only increasing these risks further. ("Cyber Attack Statistics," 2012)

In the case of China, they have been aggressively involved in a number of cyber-attacks against the military, public and civilian targets. One of the most damaging is the case called Titan Rain. To fully understand what is happening there will be a focus on: the different aspects, how it was conducted and an examination as to how the attack could have been prevented. Together, these different elements will highlight the way these issues are a threat to national security and possible strategies for mitigating them.

Background

The threat of cyber espionage is increasing exponentially. This is because technology and coding techniques have improved dramatically. Over the course of time, this has been used as tool by nation states to steal illicit information from military, government and private contractors' computers. Recent evidence of this can be seen with comments from Jonathan Evans (the Direction General of Britain's MI5) who said, "The amount of hostile activity being generated by foreign states in cyberspace is astonishing. We have investigated threats across the Internet; our personnel are discovering industrial-scale processes involving many thousands of people lying behind both state-sponsored cyber espionage and organized cybercrime." Moreover, the Pentagon recently observed in a report that this threat is becoming more challenging (especially since one of the primary countries conducting these activities is China). Commenting about these issues the report observed, "China will continue to be an aggressive and capable collector of sensitive U.S. technological information, including that owned by defense-related companies, and represented a growing and persistent threat to U.S. national security." This is showing how the threat of cyber espionage is increasing exponentially every day. (Blitz, 2012)

The case involving Titan Rain started in 2003. What happens is the Chinese government has formed tens of thousands of cyber militias around the country. This is where the Peoples' Liberation Army (PLA) will seek out part time civilian hackers to identify vulnerabilities in U.S. And European networks. The basic idea is to use these individuals to continually target a number of different security flaws, exploit them and steal classified information undetected. (Witman, 2011)

The way Titan Rain worked was to seek out vulnerabilities using a scanner program that searched for weaknesses inside the Department of Defense (DOD) systems. This was accomplished by identifying single computers that were most vulnerable. After the scan was completed, is when a list of targets was selected and the hackers returned to steal information without being detected. This process was repeated over and over again (by going after any computer that they felt was vulnerable). Over the course of the night and early morning hours, is when these attacks were conducted. This is because the operator would more than likely be off the machine (which allowed hackers several hours to go through the files). Below is a list of a few of the most significant targets attacked on November 21, 2004. (Thornburgh, 2005)

10:23 PM: The U.S. Army Information Systems Engineering Command at Fort Huachuca, Arizona.

1:19 AM: Defense Information Systems Agency in Arlington, Virginia.

3:25 AM: Naval Ocean Systems Center (a defense department installation in San Diego, California).

4:46 AM: United States Army Space and Strategic Defense installation in Huntsville, Alabama. (Thornburgh, 2005)

For nearly two years, this group was able to anonymously attack hundreds of DOD computers. This gave them access to select...

Once this occurs, is when the data could be used to exploit future vulnerabilities or to completely shut down entire networks. (Thornburgh, 2005)
The reason why these attacks were conducted was to provide the PLA with information about DOD operating procedures. Single computers had limited amounts of security blocks and they could provide access to a range of documents. When this happens, these individuals can use the information to conduct more coordinated attacks in the future.

Evidence of this can be seen with comments from Maj. Gen. William Lord (the Director of the Air Force's Office of Warfighting Integration and Chief Information) who said, "China has downloaded 10 to 20 terabytes of data from the NIPRNet (DOD's Non-Classified IP Router Network). They're looking for your identity so they can get into the network as you. Chinese hackers had yet to penetrate DOD's secret, classified network. This is a nation-state threat by the Chinese." (Onley, 2006) These comments are showing how there is a concentrated effort to steal the identity of U.S. military personnel and use this as way to access classified information. Although this has not been successful in accessing top secret information, the odds only increase that the group will be successful in achieving these objectives. (Onley, 2006)

How were the attacks conducted?

Like what was stated previously, these attacks were conducted using a single scanner program that targeted vulnerabilities of individual computers inside the DOD. This allowed the hackers to compile an updated list of computers that were the most susceptible. Moreover, the customized the program focused on specific IP addresses. This allowed the group to search specific categories when looking for vulnerabilities. Once a computer system has made the list, is when hackers will return within one to two days and begin quickly exploiting these weaknesses. Over course of several hours, is when they will steal as many documents as possible.

Since this time, these kinds of attacks have been increasing in frequency. A good example of this can be seen with an attack on Britain's Ministry of Defense computers in 2007 (which briefly shut down the House of Commons network). What made the situation worse is single computers were exploited for their vulnerabilities. The information that was collected was used to conduct future attacks that were more devastating. This is illustrating how Titan Rain is using a simple scanner program to identify and exploit potential weaknesses. Once this is discovered by hackers, is when they will return (during times where there is a low probability of being detected). (Taylor, 2007)

As result, these coordinated attacks are designed to steal information and identities (which can be used to gain access to more classified information). Over the course of time, this has led to a focus on improving these techniques. Once this took place, is when these attacks began to move beyond the DOD and focus on U.S. allies / contractors. In many ways, one could argue that the simplicity of the techniques and lack of system vulnerabilities are what is making them so successful.

How the attack could have been prevented?

To prevent these kinds of attacks there needs to be better amounts of coordination. The way that this can occur is to improve the security provisions on single computer systems. One possible approach is to integrate different security procedures together to increase the total amounts of protection against eternal threats. This would make it difficult for hackers to exploit these simple vulnerabilities. (Thornburgh, 2005) ("Federal Plan for Cyber Security," 2012) ("Improving Our Nation's Cyber Security," 2011)

Moreover, some kind of monitoring will need to take place. During these kinds of situations, some kind of software could be installed that will detect and report possible vulnerabilities to the user. This will make it more difficult for hackers to be able to quietly break into and exploit the vulnerabilities on individual computers. (Thornburgh, 2005) ("Federal Plan for Cyber Security," 2012) ("Improving Our Nation's Cyber Security," 2011)

Once this occurs, is when increased amounts of collaboration will need to take place. In the case of Titan Rain, what made it so successful is the lack of communication among DOD officials about potential problems. Evidence of this can be seen with Shawn Carpenter. He is a 36-year-old intelligence analyst that worked with Sandia National Laboratories. At the same time, was working as a confidential informant for the U.S. Army and the FBI. His assignment was to track down where this threat was coming from and the overall scope of the breach. In the beginning he thought that this would lead to series of isolated incidents. (Thornburgh, 2005)

However, after his employer was attacked, is when he began to compare notes with a friend who worked in military intelligence. What he determined is that there were…

Continue Reading...
Sources used in this document:
References

Cyber Attack Statistics. (2012). Hack Mageddon. Retrieved from: http://hackmageddon.com/2012/07/13/june-2012-cyber-attacks-statistics/

Federal Plan for Cyber Security. (2012). Australian Military. Retrieved from: http://www.au.af.mil/au/awc/awcgate/nitrd/fed_plan_csia_rese.pdf

Improving Our Nation's Cyber Security. (2011). NAM. Retrieved from: http://www.nam.org/~/media/4A5587017D164A2EBFC85367E662AF77/Association_Cybersecurity_White_Paper_final.pdf

Blitz, J. (2012). MI5 Chief Speaks Out. FT. Retrieved from: http://www.ft.com/cms/s/0/a970810c-bef2-11e1-8ccd-00144feabdc0.html#axzz22A6k0pZt
Onley, S. (2006). The Red Storm Rising. GCN. Retrieved from: http://gcn.com/articles/2006/08/17/red-storm-rising.aspx
Rogin, J. (2010). The Top Ten of Chinese Cyber Attacks. The Cable. Retrieved from: http://thecable.foreignpolicy.com/posts/2010/01/22/the_top_10_chinese_cyber_attacks_that_we_know_of
Taylor, R. (2007). Titan Rain. Guardian. Retrieved from: http://www.guardian.co.uk/technology/2007/sep/04/news.internet
Thornburgh, N. (2005). Inside the Chinese Hack Attack. Time. Retrieved from: http://www.time.com/time/nation/article/0,8599,1098371,00.html
Thornburgh, N. (2005). The Invasion of Chinese Spies. Time. Retrieved from: http://www.time.com/time/magazine/article/0,9171,1098961-3,00.html
Wittman, G. (2011). China's Cyber Militia. Spectator. Retrieved from: http://spectator.org/archives/2011/10/21/chinas-cyber-militia
Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
Cyber Espionage
Words: 4895 Length: 16 Document Type: Case Study

Abstract Cyber espionage has become a critical component of modern cyber warfare as nation-states increasingly rely on cyberspace. However, cyber espionage had generated concerns regarding its acceptability given its potential threats to national security. This qualitative case study research explores the proposition that cyber security should be deemed an acceptable state behavior while cyber attack is unacceptable. This study seeks to answer the question, “How is cyber espionage an acceptable state

Read More
Essay
Cyber Espionage
Words: 2040 Length: 7 Document Type: Research Paper

Abstract Cyber espionage has become a critical component of modern cyber warfare as nation-states increasingly rely on cyberspace. However, cyber espionage had generated concerns regarding its acceptability given its potential threats to national security. This study explores the proposition that cyber security should be deemed an acceptable state behavior while cyber attack is unacceptable. This study seeks to answer the question, “How is cyber espionage an acceptable state behavior for intelligence

Read More
Essay
Cyber Espionage
Words: 1662 Length: 6 Document Type: Research Paper

Abstract Cyber espionage has become a critical component of modern cyber warfare as nation-states increasingly rely on cyberspace. However, cyber espionage had generated concerns regarding its acceptability given its potential threats to national security. This study explores the proposition that cyber security should be deemed an acceptable state behavior while cyber attack is unacceptable. This study seeks to answer the question, “How is cyber espionage an acceptable state behavior for intelligence

Read More
Essay
Emerging and New Cybersecurity Technology
Words: 3562 Length: 12 Document Type: Research Paper

Cyber Security Technology Emerging Technology for Cyber Security Real-World Examples of the use of Emerging Cyber Security Technologies Government Efforts to enhance Cyber security Technologies Benefits and Drawbacks of Government Efforts for new Cyber-security Technologies Conclusion The development of internet and cyberspace represents of the most revolutionary technological advancement of humanity. Fewer countries and sectors are unaffected by the latest advancement of internet technologies. Although, recent technological phenomenon has influenced several areas, however, it

Read More
Essay
Human Aspects in Cyber and IT Security
Words: 1757 Length: 5 Document Type: Research Paper

Human Aspects in IT and Cybersecurity An innovation in IT (information Technology) has revolutionized the method organizations store, record and retrieve information. Moreover, a large percentage of business organizations has taken the advantages internet technology to offer their businesses online where customer's data such as credit cards, SSN (social security number), tax information, and other personal information are recorded in the organizational databases. A major benefit that internet technology offers to

Read More
Essay
Human Aspects in Cyber and IT Security
Words: 2582 Length: 7 Document Type: Research Paper

Human Aspects in IT and Cybersecurity Outline Government Justification of Informing Private industry to improve or Set up Cyber-security Methods of the Government Interventions Impacts of Government Regulation on National Security Failure to comply to related cyber regulations Meeting the minimum requirements. Exceeding the Minimum Requirements The economic and national security of the United States rely on the effective functioning of the country critical infrastructures. Recently, the U.S. government has issued an executive order to manage the

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now