As cyber espionage continues to garner much recent attention, it is important not to divorce it from the larger field of economic espionage. Stratfor Vice President of Tactical Analysis Scott Stewart will place cyber espionage in context during a November keynote presentation and roundtable discussion at the Global Cyber Security Leaders 2016 Summit in Berlin.
The summit will focus on how current and emerging technologies allow threats and capabilities to change the way cyber defenses are designed, implemented and presented to businesses. Cyber security leaders from around the world will come together to better understand the complex trends and underlying dynamics shaping the future of their sector.
Cyber Espionage In Context
“Whether committed by criminals or state actors, cyber espionage instantly reaches across oceans and borders,” says Stewart. “Still, the dramatic rise in cyber espionage has not diminished the threat presented by other more traditional forms of tradecraft. In fact, cyber attacks are often paired with traditional espionage to more effectively steal trade secrets.”
Cyber is just one of many tools in the economic espionage tool kit. During the Nov. 7 keynote presentation, Stewart will examine various techniques where cyber espionage may be paired with other forms of tradecraft, to include:
- Contacts from another country or company in the form of sales calls, research proposals, solicitations of service, traditional information requests, etc.
- Malware infected files sent by a contact or in a gift, including free USB drives or rechargeable USB devices and toys.
- The use of intelligence from your or your company’s contacts to facilitate spear phishing attacks.
- The use of a spotter who can help recruit insiders.
The Insider Threat Goes Beyond Snowden-type Mass Dumps
In the second day of the summit, Stewart will join Think Tank Academy for a roundtable discussion on insider threats to businesses and governments. While governments are obviously very adept at traditional espionage tradecraft, it is important not to overlook the capabilities of criminal organizations motivated by insider trading and information brokering. The discussion will include how insider threats:
- Do not need to hold a technical role, although a system administrator is the holy grail.
- May engage in a massive document dump, but not necessary other inside cyber threats.
- Can pose a persistent threat that remains for years and operates without detection.
- Intentionally opens phishing email or otherwise injects malware.
- Helps outsiders craft spear phishing that will convince company insiders.
- Places malware in co-workers’ media.
- Sells/trades log in credentials.
- Acts as an access agent, spotting other employees, to include system administrators, who are vulnerable to MICE (money, ideology, compromise, ego) approaches.
Intended to encourage participants to explore the current challenges and ideas shaping tomorrow’s global cyber threat landscape, the Global Cyber Security Leaders 2016 summit is specifically designed for leaders, visionaries and decision makers across all geographies.