What does it mean?
Cyber espionage is one of the murkier aspects of cyber risk. Few organisations will admit to having been victim of cyber espionage, but many are concerned for a cyber attack that seeks to steal confidential information, like trade secrets or client data.
Cyber espionage topped the list of major threat concerns for global business, according to a survey by Trend Micro. One in five global organisations surveyed ranked cyber espionage as the most serious threat to their business while 20% of US companies were said to have suffered a cyber espionage related attack in the last year.
Cyber espionage is a broad term to describe the theft of information related to individuals, companies and governments, using hacking techniques. Foreign governments, state-affiliated hackers and even business rivals will all potentially have an interest in stealing valuable data, such as military secrets, technology or research.
In its broader sense, cyber espionage can also refer to attempts to disrupt critical infrastructure or services by foreign governments or state-backed hackers. For example, a cyber attack in Ukraine targeted power stations in December 2015, causing wide-spread outages.
Cyber security consultants have warned of the growing threat to multi-national businesses from Cyber espionage groups in China and Russia. Russian-backed cyber espionage group Fancy Bear (also known as Pawn Storm) is thought to be behind the theft of data from the US Democratic National Committee and World Anti-Doping Agency, as well as targeting Emmanuel Macron during the recent French election.
Last year, German steel maker ThyssenKrupp confirmed it had been the victim of cyber espionage, with the theft of project data from some of its engineering groups. Hackers are also believed to have stolen information on mergers and acquisitions from US law firms.
Why does it matter?
As more and more critical data and intellectual property moves online, cyber espionage is likely to become a more pressing issue. At the same time, nation states and state backed hacking groups tend to be better resourced and use more sophisticated methods than cyber criminals.
A recent report from Lloyd’s identified energy, telecommunications and the public sector as the three sectors most susceptible to cyber espionage, followed by manufacturing and professional services. Foreign governments and their agents target these sectors as they seek to steal sensitive information on politically exposed persons, intellectual property and key infrastructure, it said.
Lloyd’s also noted that cyber espionage techniques are also evolving, with traditional tactics now being repurposed by criminals to attack banks and financial infrastructure via Advanced Persistent Threats.
Cyber threat analysis can help companies better understand whether they are a likely target of cyber espionage and how best to defend against it. Cyber insurance can also help companies respond quickly and effectively to the consequences of a cyber espionage attack, limiting the commercial and reputational damage.