Management of Cyber-Espionage Intrusions
Keywords:information war; cyber-security; supply chain; cyber-espionage; SolarWinds
The soft side of Information War is called either Digital War or Cyber War, and gets larger use worldwide, due to the difficulty of proving the aggression culprit. The defensive posture of the Digital War, cybersecurity, is better developed, at least because everybody needs defense, while less global actors are hostile. However, while the focus is on protection against unexpected destructive actions, digital espionage keeps the victim system running, and uses concealed procedures meant to avoid security measures and continue the illegal exploitation of network data.
In cyber-espionage, the objective may be top-secret data, which are strongly protected, but it may also be apparently unimportant customer data, information such as e-mail addresses and credentials. The latter kind, which usually gets less protection, can be later used not for strategic hostile decisions, but for subsequent clandestine operations. Such information becomes of national security relevance for governmental institutions and critical infrastructure facilities. At that level, confidential data are better protected in local servers, but are available to scrutiny by system maintenance software. Therefore, specialized software trusted specifically for system security and technological upgrade can be used by hostile actors for penetrating various wide area networks. Such gateway is the logistic chain of IT companies, whose software products become a force multiplier for cyber-espionage by state organizations or hackers at large. This is the case for the recent SolarWinds cyber-espionage operation, which provides useful insight on clandestine activities, and prompts to the need for improving cyber-security in view of espionage threat.
Beyond software solutions meant to strengthen digital system protection, the overall problem requires macro-system solutions leading to better resilience of national information systems. Such requirement surely pushes national security institutions toward improving the organisational architecture of national cyber-security.
Copyright (c) 2021 EIRP Proceedings
This work is licensed under a Creative Commons Attribution 4.0 International License.
You are free to:
- Share — copy and redistribute the material in any medium or format
- Adapt — remix, transform, and build upon the material
- for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.