Cyber Espionage Case Study

Abstract

Cyber espionage has become a critical component of modern cyber warfare as nation-states increasingly rely on cyberspace. However, cyber espionage had generated concerns regarding its acceptability given its potential threats to national security. This qualitative case study research explores the proposition that cyber security should be deemed an acceptable state behavior while cyber attack is unacceptable. This study seeks to answer the question, “How is cyber espionage an acceptable state behavior for intelligence gathering though it potentially damages relations between nation-states?” The qualitative case study examined existing studies on this issue and employed thematic analysis to analyze the data. The study found that cyber espionage is an acceptable state behavior since it plays a key role in cyber warfare, helps to establish appropriate countermeasures against cyberattacks and potential threats in cyberspace, and enhances intelligence gathering. While the study provides significant insights on this topic, future studies should examine the issue based on empirical or primary data.

Keywords: cyber espionage, acceptability, state behavior, cyberattacks, relationship, intelligence gathering, national security, cyber warfare, cyber capabilities.

Introduction

Cyberspace has become an important element in the operations of any given country since we are living in an information age. Countries across the globe use cyberspace for various purposes including business and in modern warfare. Cyberspace has developed into a crucial component of modern warfare as adversaries continue to exploit the potential of the Internet to carry out their activities. Cyberspace is used in the operational level and strategic level of modern warfare. At the strategic level, cyberspace is use to deter and influence the strategic balance of power in relation to the strengths and weaknesses of a state.[footnoteRef:1] As cyberspace dominates modern warfare, the concept and practice of cyber espionage has emerged. Cyber espionage refers to the practice of obtaining secrets with the permission of the owner/possessor of the information.[footnoteRef:2] As a form of cyberattack, cyber espionage is one of the most complex international problems in today’s world despite being seen as an acceptable state behavior. [1: Magnus Hjortdal, “China’s Use of Cyber Warfare: Espionage Meets Strategic Deterrence”, Journal of Strategic Security 4, no. 2 (2011):1] [2: Atul Agarwal & CERT-IN, “Cyber Espionage, Infiltration and Combating Techniques”, Indian Computer Emergency Response Team, 2013. https://www.cert-in.org.in/Downloader?pageid=5&type=2&fileName=CIPS-2013-0128.pdf]

Background Information

Cyber espionage has become one of the most important and complex international problem in today’s world. It can generate numerous risks or threats to security and other critical operations because it involves illegitimate possession of personal, sensitive, classified or proprietary information. Cyber espionage is carried out through various exploitation methods or techniques on individual computers, networks or the Internet. It incorporates intentional activities to infiltrate or penetrate computer systems/networks used by a rival to obtain information within or transmitted through these networks or systems.[footnoteRef:3] Cyber espionage is used by different nations across the globe including the United States, China and Russia despite concerns regarding its legitimacy and view as an acceptable state behavior. [3: William C. Banks, “Cyber Espionage and Electronic Surveillance: Beyond the Media Coverage”, Emory law Journal 66, (2017):513.]

Problem Statement

Cyber espionage involves illegal practices that result in information theft that could be used to attack an adversary. It poses threats and risks to relations between states and has become a complex international problem in the modern world. Cyber espionage is largely viewed as a new intelligence gathering approach and strategy for national security decisions. However, cyber espionage remains a form of cyberattack, which is legally and ethically unacceptable.

Research Question

How is cyber espionage an acceptable state behavior for intelligence gathering though it potentially damages relations between nation-states?

Purpose Statement

The purpose of this study is to examine the proposition that cyber espionage is an acceptable state behavior despite being a form of cyberattack, which is deemed unacceptable. The evaluation includes an exploration of norms that are established to promote the acceptability of cyber espionage despite its potential damaging impacts on relations between states.

Significance of the Study

This study will help address existing concerns regarding the acceptability of cyber espionage though it seemingly promotes information theft. It is important to study this issue because cyber espionage has generated numerous concerns regarding its legitimacy and acceptability vis-à-vis cyberattack as well as global security concerns.

Literature Review

The issue of cyber espionage has attracted considerable attention in existing literature because of the challenges it poses to international relations. Existing studies examine different aspects relating to cyber espionage and its increased use in the modern international relations framework as well as cyber warfare.

Proliferation of Cyber Espionage

Banks (2017) define cyber espionage as intentional activities used by an adversary to collect information resident on or transmitted through computer systems or networks.[footnoteRef:4] Cyber espionage has become common in the modern international relations framework due to use of cyberspace and the emergence of cyber warfare. In addition, the rise of cyber espionage is attributable to the long-standing practice of intelligence gathering and espionage in national security apparatus of every nation. Cyber espionage involves electronic surveillance of computer systems or networks to intercept communication between two or more parties. Using electronic surveillance, adversaries intercept what is said and planned. Such surveillance always result in processing and exploitation of huge volumes of communications transmitted on the Internet. Therefore, electronic surveillance has provided an avenue for transformation of conventional state-sponsored surveillance and espionage. [4: Ibid., 3]

Lotrionte (2015) provide a different perspective regarding the proliferation of cyber espionage. Even though the proliferation is attributable to the transformation of conventional surveillance and espionage, there are additional contributing factors. According to Lotrionte (2015), cyber espionage, particularly economic espionage is brought by the failure by international law to provide public order.[footnoteRef:5] Prescriptive norms of international law are not strong enough to provide public order that would deter cyber espionage, especially economic espionage. Similarly, Libicki (2017) contends that despite objections to certain types of cyber espionage by the United States, such practices are rampant due to lack of suitable and effective norms.[footnoteRef:6] The absence of such norms or policies contribute to the widespread use of cyber espionage to promote cyberattacks on a nation’s critical infrastructure. [5: Catherine Lotrionte, “Countering State-Sponsored Cyber Economic Espionage Under International Law”, North Carolina Journal of International Law and Commercial Regulation 40, (2015):445] [6: Martin Libicki, “The Coming of Cyber Espionage Norms”, 9th International Conference on Cyber Conflict, 2017. https://ccdcoe.org/uploads/2018/10/Art-01-The-Coming-of-Cyber-Espionage-Norms.pdf]

Jasper (2015) contends that the spread and increase of cyber espionage in the modern world is attributable to the struggle for control of world affairs. This struggle incorporates efforts by different stakeholders including criminals, hackers, terrorists, virtual states and foreign powers.[footnoteRef:7] Foreign powers are employing similar tactics as criminals by carrying out malicious activities to intercept communication in computer systems and networks. The digital battlefield has become intense as nations try to intercept communications of their adversaries. For example, China has hacked every big American company looking for useful information as well as the computer systems of private transportation firms working for the U.S. Army. [7: Scott Jasper, “Deterring Malicious Behavior in Cyberspace”, Strategic Studies Quarterly 9, no. 1 (2015):60]

Cyber Espionage as an Acceptable State Behavior

According to…

Some parts of this document are missing

Click here to view full document

…has established a cyber espionage unit that collects intelligence and help in establishment of appropriate countermeasures to any threats in the nation’s cyberspace. However, Russia utilizes the cyber espionage unit to collect intelligence that is used for offensive cyber warfare. For example, Russia recently hacked Iranian hackers to conduct attacks in over 35 countries.[footnoteRef:30] [29: Ibid., 1.] [30: Helen Warrell & Henry Foy, “Russian Cyberattack Unit ‘masqueraded’ as Iranian Hackers, UK Says”, Financial Times, 2019. https://www.ft.com/content/b947b46a-f342-11e9-a79c-bc9acae3b654]

Theme #3: Cyber espionage enhances intelligence gathering

The third emerging theme or pattern in data is the idea that cyber espionage enhances intelligence gathering capabilities of nation-states. Improvements in intelligence gathering is linked to the changing nature of modern warfare because of technological advancements. In Russia’s case, cyber espionage provides a framework for the nation to enhance its intelligence gathering, which in turn aids its offensive cyber warfare.[footnoteRef:31] Intelligence collected using cyber espionage is used to foster offensive and defensive cyber capabilities of nation-states. For China, the United States and other nation-states, the shift in modern warfare to incorporate cyberspace has necessitated adopting strategies that enhance intelligence gathering and cyber capabilities. Cyber espionage has provided a framework for nation-states to improve their cyber and modern warfare capabilities through enhanced intelligence gathering. [31: Michael Connell & Sarah Vogler, “Russia’s Approach to Cyber Warfare”, CNA Analysis and Solutions, 2017. https://www.cna.org/CNA_files/PDF/DOP-2016-U-014231-1Rev.pdf]

Probable Errors in Analysis or Decision-making

As shown in the analysis, existing data provides explanations for the acceptability of cyber espionage as a state behavior based on three major themes or patterns. These themes show that while cyber espionage is viewed as a form of cyberattacks, it is an acceptable state behavior because it plays a key role in cyber warfare, improves intelligence gathering capabilities, and helps to establish appropriate countermeasures. While these themes help to answer the research question, the employed research methodology and design could have included errors in analysis or decision-making. The qualitative case study design could result in errors in analysis or decision-making since it is based on secondary data. The lack of empirical research and primary data implies that the decision-making could have been erroneous and resulted in wrong conclusions because of biases in existing studies.

Conclusion

Cyber espionage has become a major and complex international problem in today’s world. Even though a proposition for cyber espionage to be viewed as an acceptable state behavior exists, the practice poses significant national security risks and threats. This qualitative case study research examined existing data on this issue based on a set of documents. Data obtained from these set of existing documents was analyzed using thematic analysis technique in which emerging themes and patterns were identified. The study demonstrates that cyber espionage is an acceptable state behavior because it plays a key role in cyber warfare, improves intelligence gathering capabilities, and helps to establish appropriate countermeasures against cyberattacks and potential threats in cyberspace. Through these findings, the study addresses the existing gap in literature on acceptability of cyber espionage and provides insights on the reasons for establishment of cyber espionage norms in international relations.

However, the study’s findings are based on secondary research since it employed qualitative case study design. The lack of empirical data to support the broader themes or patterns identified in existing literature could have negative impacts on the generalizability of these study’s findings. While the research issue emerges from empirical curiosity, the employed research design/approach does not fully examine the issue. Therefore, future studies should be conducted to further explore the topic and help enhance understanding of cyber espionage. One of the recommendations…