loader image

State-sponsored Economic Cyber-espionage for Commercial Purposes on the Rise

by | Feb 8, 2023 | Cybersecurity

State-sponsored Economic Cyber-espionage for Commercial Purposes on the Rise

by | Feb 8, 2023 | Cybersecurity

Shutterstock

State-sponsored Economic Cyber-espionage for Commercial Purposes on the Rise

by | Feb 8, 2023 | Cybersecurity

State-sponsored and cyber-enabled theft of intellectual property is on the rise as countries employ all means at their disposal to gain advantages in a global environment increasingly shaped by strategic rivalry and political mistrust. This is a conclusion we reach in our new ASPI report, State-sponsored economic cyber-espionage for commercial purposes: tackling an invisible but persistent risk to prosperity.

Economic cyberespionage refers to the practice of some states of tasking or encouraging their national cybersecurity and intelligence agencies to use information and communications technology to conduct, sponsor or condone campaigns to steal assets of economic value from businesses in other nations and provide that IP to domestic firms.

It’s not only the increase in the scale, geographical spread and severity of campaigns of state-sponsored economic cyberespionage that’s worrying. The lack of international cooperation and political priority devoted to this practice will affect the competitiveness of high-performing and job-generating local industries, and by consequence nations’ future prosperity.

While a G20 agreement in 2015 that committed members not to conduct or support such theft led to a temporary dip, this form of cyberespionage hasresurged to pre-2015 levels and tripled in raw numbers between 2017 and 2022.Strategic competition has clearly spilled into the economic and technological domains and states have become more comfortable with and capable of using offensive cyber capabilities.

Our assessment is based on publicly recorded incidents. Given the clandestine and invisible nature of these acts, and the lag in time before the effects of IP theft are noticeable and disclosed or reported, there’s reason to believe that the real scale, spread and severity are even higher.

While only around 40 state-sponsored cyberespionage operations were reported between 2014 and 2016, hundreds of cases have occurred since then. And although not all of these cases are likely to be cases of economic cyber-espionage, campaigns that specifically target private-sector entities make up a noticeable share of all known cyberespionage operations from 2017 onwards.

Receive actionable information

* indicates required

Most of the cases occur in advanced economies, but private entities in Northeast Asia, Southeast Asia, South Asia and the Middle East are being increasingly targeted and affected. As companies and research institutes in other parts of the world become larger, wealthier, more innovative and more integrated into global supply chains, they also become targets of IP theft. For instance, incidents affecting and targeting private entities in Southeast Asia rose from 3.6% in 2014 to 15.4% in 2020. Similar trends can be observed in South Asia (6.4% in 2014 to 7.3% in 2020) and Latin America (3.6% in 2014 to 7.3% in 2020).

Addressing this invisible but persistent threat to economic competitiveness and prosperity first requires awareness before governments can start to acknowledge and recognise the nature of the risk. This could be enabled through more rigorous and specific assessments of the impact of lost IP on national economies in terms of financial costs, jobs and industry competitiveness. Also, national cybersecurity authorities and intelligence agencies could invest more in efforts to determine the scale and severity of state-sponsored economic cyber-espionage in their territory.

So far, only US and European authorities have published such assessments, and even those are already more than five years old. Most emerging economies in Southeast Asia, South Asia, the Middle East and North Africa appear to be increasingly affected, but governments there are yet to acknowledge and recognise the true risk.

The focus of most legislative initiatives is currently geared towards adding strengthened cybersecurity reporting requirements for providers of critical infrastructure and critical information infrastructure. This is important, but our report shows that industries that develop and commercialize high-value IP in the form of IP rights, trade secrets and sensitive business information equally require attention from policymakers. Ideally, governments would map those economic sectors and bring those industries or companies into the vault of arrangements for additional government protection in case they happen to be targeted by foreign states.

At the international level, members of the G20 and the broader UN membership should continue to raise and address the threat of economic cyber-espionage in relevant forums. Even in situations in which there’s no acceptance of state responsibility for acts of cyber espionage, the authorities have a responsibility to ‘not knowingly allow their territory to be misused’ and to ‘not support ICT-enabled theft of intellectual property’. Those are agreed norms of responsible state behavior in cyberspace and align with World Trade Organization obligations to provide minimum standards of IP protection.

In this light, we recommend that G20 members reaffirm their 2015 commitment to refrain from economic cyber-espionage for commercial purposes. We also suggest that the G20 initiate further work in developing concrete guidance for the operationalisation and implementation of that agreement.

In addition, we suggest that national IP and cybersecurity authorities assess the scale and impact of ICT-enabled theft of IP on their economies, and bring industries or companies into the vault of arrangements for additional government protection in case they happen to be targeted by foreign states.

Australia, despite a track record in innovation and current ambitions in cybersecurity resilience, currently lacks such an estimate and arrangements.


Republished from the Australian Strategic Policy Institute under a Creative Commons license in the Commonwealth of Australia. Read the original article.


[Sassy_Social_Share]
Gatra Priyandita, Bart Hogeveen, and Ben Stevens

Gatra Priyandita is an analyst, Bart Hogeveen is the head of the cyber capacity-building program, and Ben Stevens is a research intern working with ASPI’s International Cyber Policy Centre.

Related Articles

Expert: TikTok could be a risk to national security

Expert: TikTok could be a risk to national security

More than 86 million Americans use the social media app TikTok to create, share, and view short videos, featuring everything from cute animals and influencer advice to comedy and dance performances.
Concerned experts point out that TikTok’s parent company, the Beijing-based ByteDance, has been accused of working with the Chinese government to censor content and could also collect sensitive data on users.

Pentagon leaks suggest China developing ways to attack satellites – here’s how they might work

Pentagon leaks suggest China developing ways to attack satellites – here’s how they might work

The recent leak of Pentagon documents included the suggestion that China is developing sophisticated cyber attacks for the purpose of disrupting military communication satellites. While this is unconfirmed, it is certainly possible, as many sovereign nations and private companies have considered how to protect from signal interference.

Ransomware Attack Hits Marinette Marine Shipyard, Results in Short-Term Delay of Frigate, Freedom LCS Construction

Ransomware Attack Hits Marinette Marine Shipyard, Results in Short-Term Delay of Frigate, Freedom LCS Construction

The Wisconsin shipyard that builds the U.S. Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate suffered a ransomware attack last week that delayed production across the shipyard, USNI News has learned.

Fincantieri Marinette Marine experienced the attack in the early morning hours of April 12, when large chunks of data on the shipyard’s network servers were rendered unusable by an unknown professional group, two sources familiar with a Navy summary of the attack told USNI News on Thursday.