Menu
Navigation

Global articles on espionage, spying, bugs, and other interesting topics.

Cyber Espionage Case Study Released

Cyber Squared Inc. has released the results of a six month investigation “Project Enlightenment: An Overview of Modern Cyber Espionage in a Global Economy”. This project demonstrated how Cyber Squared’s response to a single incident uncovered a sustained espionage campaign against dozens of U.S. and international private sector companies and organizations across a variety of business verticals. The motivation behind the attack of these particular victims was likely to gain tactical and strategic advantage over large commercial transactions, and to collect information on issues such as international trade, commerce, legislation and human rights.

“This story is unique, because of the diversity of the victim types all being compromised by the same adversary,” said Adam Vincent, Cyber Squared’s CEO. “When considering the significance of the observed victims and their role within their respective industries, the compromises are especially worrisome.”

What initially appeared to be an isolated cyber-attack possibly associated with the Taiwan Airpower Modernization Act (TAMA) S.1539, unraveled the thread of a pervasive and coordinated military grade cyber espionage campaign. During the course of the investigation, technical intricacies emerged, such as how the attack was carried out and who the likely perpetrator was.

By applying real-time Security Intelligence, which required both a bottom-up victim approach along with a top-down technical assessment of the adversarial capability surrounding this single incident, Cyber Squared was able to discover the following types of victims were compromised by the same threat:

  1. U.S. Public Policy Think Tanks and Research Organizations
  2. North American Technology Companies
  3. European Food Safety Organizations
  4. North American Immigration Organizations
  5. European Environmental Organizations
  6. Southern Pacific Agriculture & Fisheries Organizations
  7. European Maritime & Shipping Organizations
  8. International Steel, Gold and Copper Mining and Raw Materials Organizations
  9. International Law Firms & Public Relations Organizations
  10. East Asian Economic Policy and Diplomacy

”This case underscores that many business leaders and policy makers are failing to adequately address the reality of cyber espionage,” said Richard Barger, Cyber Squared’s Chief Intelligence Officer. “From a technical perspective, Project Enlightenment is another example of increasingly common cyber espionage activities. While the attack method was simple, it successfully compromised dozens of organizations and bypassed their existing security and detection measures. This project illustrates why better protection via real-time Security Intelligence is essential to protecting sensitive corporate information.”

By applying Security Intelligence to understand the adversary, what they are after, and how they get in, it is possible to proactively defend networks, protect the assets within, and maintain business continuity. It is Cyber Squared’s Security Intelligence that transitions our clients from a state of reactive security to a proactive one through an intelligence-led, threat-focused approach to cyber security – an essential tool against cyber espionage.

The Project Enlightenment Case Study is available for download, and a whitepaper that includes technical details of the compromise is available from Cyber Squared under NDA.

Note that Cyber Squared has notified all victims identified during the course of our investigation, as well as the proper authorities.