Cyber Espionage: The Concern of Advanced Persistent Threats

Abstract

Espionage is defined as “the practice of spying or using spies to obtain information about the plans and activities especially of a foreign government or competing company.” So, what does cyber espionage mean? It is the same concept except that cyber espionage is a form of cyber-attack. The cyber-attack aims to steal classified, sensitive data, or intellectual property to gain an advantage over a government entity or another competitor. Many of these cyber espionage groups form advanced persistent threats or (APTs) as their weapon of choice to silently enter networks and systems to remain undetected. These advanced persisted threats are highly sophisticated and have the possibility to be long-running computer attacks that penetrate well-funded organizations like government entities. As time passes, the world has increasingly been more involved in cyber espionage in which economies and political relationships have been affected. With the rise of modern technology, a whole new set of problems have arisen for governments and corporations as they are vulnerable to cyber-attacks. As there are many different cyber-groups, this paper will cover the cyber-espionage groups that target English speaking countries, and the techniques used by the groups. In addition, who their targets are. In this paper, we will consider the actions, techniques, and the targets of cyber-espionage groups and why U.S. entities should be concerned with the threat of cyber-attacks on their networks. To protect against these malicious groups, As outlined by the NIST cybersecurity framework, organizations should limit employees access to data, patch their operating systems regularly, secure all network access points, set up web/email filter, use AES-256-bit encryption for sensitive information, and train employees to be cyber-vigilant.