How to prevent cyber espionage

Security expert Gadi Evron has plenty of experience helping governments fight cyber attacks. In this column, he offers a roadmap companies can use to prevent computer espionage
Page:

This column is about computer-based espionage and how we can defend our organizations against it. But I'd like to start with a mood piece of sorts.

There has been too much noise about information warfare lately. Distributed denial of service and defacement attacks like what happened in Estonia and Georgia come to mind.

The following two stories give a better understanding of what it is really about, without resorting to more scary stories about what China is or isn't doing. We'll also touch on other interesting cases such as the Israeli Trojan horse case, when we talk about defensive measures against computer-based espionage and targeted attacks.

The first is a report (without much detail or proof) on North Korea being involved in operations against South Korea using Trojan horses for espionage. The second is a lesson from history called the Farewell Dossier - a collection of intelligence documents KGB defector Colonel Vladimir Vetrov (code-named Farewell) handed over to NATO during the Cold War.

This information led to a mass expulsion of Soviet technology spies. The CIA also mounted a counter-intelligence operation that transferred modified hardware and software designs over to the Soviets, resulting in the spectacular trans-Siberian incident of 1982, in which a huge explosion ripped apart a trans-Siberian pipeline. The resulting explosion was so big, it was supposedly confused for a nuclear explosion by American decision makers until the CIA said, "Oh, that's one of our operations."

It wasn't a bomb that destroyed the natural gas pipeline and sent shock waves through the economy of what was then the Soviet Union. Instead, it was a software virus created by the CIA, according to a book by Thomas Reed, a former US Air Force secretary and National Security Council member.

What does this mean? While destructive attacks are certainly of significance and important to defend against as they impact us directly, regardless of who the attacked party is or where in the world they are (DDoS attacks harm the Internet and its users), smarter, quieter attacks are all around us. How do we defend against them?

I expect most information warfare acts to be targeted, quiet, and covert. Espionage, or spying if you like, is not relevant to us unless we are the target. The diplomats and the intelligence communities of different countries can figure it out for us. It is an old occupation, and well covered by international law. Computers are simply another tool, or capability, to be used by these same people. There is nothing new here as far as how the game is played.

And yet, what if you are a target?

Page:
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: data protection, intrusion
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/171/gadwin-web-snapshot/

Gadwin Web Snapshot

Gadwin Web Snapshot will effectively capture the entire page including all design elements when capturing web pages. It makes an image of the browser’s content ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia