“The threat of espionage (spying) did not end with the collapse of Soviet communism in the early 1990s. Espionage against UK interests still continues and is potentially very damaging” (MI5, 2016)
We have seen a continual rise in the threat to global business from state-sponsored, commercial and organised criminal espionage, writes Emma Shaw. In recent years, Government security and intelligence agencies have stressed that old-fashioned spying has continued to thrive. Indeed, national media attention on prominent incidents has served as a powerful reminder of this on several occasions.
Investigators from Verizon, Intel Corp’s McAfee and Kaspersky Labs along with other private companies and public agencies have collectively ascribed 87% of espionage attacks to state-sponsored origins.
When a high-profile global interest event such as the 2015 Iran nuclear talks in Switzerland come to the stage, it’s expected that they’ll be a magnet for the worldwide intelligence agencies. For this particular gathering, Swiss prosecutors (OAD) voiced suspicions of illegal intelligence services operating and launched two investigations into potential espionage. This followed on from a significant number of computers being infected with data-gathering malware, bugging devices reportedly being discovered at one of the venues for the talks and surveillance signals so prevalent that diplomats vacated the venues to make phone calls in an attempt to avoid interference.
That degree of international interest goes further than sensitive regions and situations of global concern. Where we see commonality is in the perpetrating state. International spying intrusions back in 2013 were blamed on residents of China and other East Asian nations 49% of the time, but Eastern European countries – and especially Russian-speaking nations – were the suspected launch sites for 21% of breaches.
In March this year, the Canadian Security Intelligence Service (CSIS) openly warned that “[it] remains a target for the traditional espionage activities of a number of foreign states”. The CSIS’ concerns over state-sponsored threats were highlighted as “Russia and China, in particular, continue to target Canada’s classified information and advanced technology”. Canadian officials are right to be concerned following the 2014 Chinese attack on the National Research Council’s (NRC) network, which duly caused the agency’s IT system to shut down.
This openness from Canada, a nation known for its diplomacy, may have caused a backlash. In suspected response to accusations about the NRC episode, China detained two Canadian nationals for two counts of allegedly stealing military secrets under assignment by CSIS, which the CSIS’ director Michel Coulombe refuted.
Although the two Canadian nationals were subsequently convicted and deported, no evidence has been provided to the Canadian Government to back the claims made against its citizens.
Situation for corporations
While Government agencies are prepared for the state-sponsored intelligence gathering of their counterparts, corporations are somewhat less knowledgeable and equipped.
During 2011, laptops were stolen from a Scottish renewable energy manufacturer following a visit by a 60-strong delegation including China’s then vice-premier. The group was shown around the key stages of development for an innovative new wave technology. The link to possible espionage was only made three years later when pictures emerged demonstrating the remarkable similarities between a Chinese project and the Scottish Pelamis technology.
Max Carcas, business development director at Pelamis, explained: “Some of the details may be different, but they are clearly testing a Pelamis concept.”
The suspicions are that Pelamis was targeted by China who have been repeatedly accused of an aggressive industrial espionage strategy.
Questions were raised as to the avoidance by the perpetrators of Siemens, the German engineering giant located in the same premises (the concerns being that this is a sign of insider knowledge and evidence of a targeted attack, particularly as no other equipment or Intellectual Property was appropriated).
In 2014, following years of Chinese espionage activity, the US indicted five Chinese military hackers, threatened sanctions and applied much diplomatic pressure. To that end, the Chinese-linked hacking activity declined substantially and top officials in both countries began a regime of sharing cyber crime leads. There was obvious doubt on both sides that ‘shenanigans’ would cease completely and, later that year, a Chinese national admitted the theft of military fighter jet plans and was later convicted of acquiring trade secrets from US defence contractors.
Espionage doesn’t stop at our border. Indeed, we see the conflict this presents on the psyche of our own Government. When the China General Nuclear Power Corporation (CGNPC), the company with a one third stake in Hinkley Point, was charged with nuclear espionage by the US Government, this didn’t deter the UK Government who, after stalling the Hinkley Point project over fears around national security, agreed “significant new safeguards” to allow the go-ahead for the scheme and put the Britain-China relationship back on track.
Contradicting this partnership stance followed warnings from the Prime Minister’s office that Theresa May’s aides at the G20 should be aware of potential ‘honey traps’ and suspect gifts from Chinese lures. Officials were advised to expect their hotel rooms to be bugged for audio and video. As such, calculated and frequent illegal fishing for data from lower profile officials is reported to be a preferred method of China’s intelligence gathering community.
It seems that China has taken up the mantle where the Cold War concerns over Russia once stood. This open and often brazen approach towards acts of espionage continues to be showcased week in, week out in our national media. That being so, the potential corporate target needs to be both prepared and vigilant.
Emma Shaw MBA CSyP FSyI FCMI is Managing Director of Esoteric Ltd
*Office of the National Counterintelligence Executive: Report to Congress on Foreign Economic Collection and Industrial Espionage (October 2011)
*Verizon: Data Breach Investigations Reports (2013 and 2015)
*PricewaterhouseCoopers: Global Economic Crime Survey (2014)
*BDO LLP: Global Risk Landscape (2016)