The spy game is not what it used to be. Access to information, of course, remains at the heart of the spy business, but the methods of acquiring information and even the kinds of data that spy agencies are looking for has changed dramatically over the last decade or so.
Hacking is the name of the game in the spy business today, as governments are casting their data-gathering nets much farther these days. Government-sponsored or employed hackers from China and Russia are looking to break into virtually any public or private network to gather data on almost anybody. It used to be that foreign spies were just trying to gather data on government or military officials for potential blackmail purposes. Not anymore.
Today, hackers from China and Russia are looking to break into just about any network to try and find information about government officials or anyone associated with them, including colleagues, friends and family. A September 2nd report from CNN highlights that Chinese and Russian intelligence services are collecting personal information on a “grand scale” so they have as much data as possible on U.S. government.
The report notes that foreign intelligence agencies use sophisticated database analysis to cross-reference information from cyber attacks on targets ranging from the OPM to the cheating website Ashley Madison to try to find data that could potentially compromise operatives, government officials or family members.
An unnamed official from U.S. intelligence who spoke to CNN Tuesday says China has been particularly active in this kind of hacking for personal data, as a major part of its espionage strategy involves targeting American public and private networks.
China and Russia pulling out the stops after initial successes
Russia and China use both government and non-government entities, including hacking groups and private firms, to try and infiltrate foreign networks and analyze the data they steal. Their goal, according the official who spoke to CNN, is to mask the actual source of the attacks. He also noted both governments also carry out cyberattacks using their own hackers and disguise their identity through technical means.
Foreign cyberattacks have been increasing steadily for almost 10 years mainly because of their success, the official claimed. That said, the White House has repeatedly acknowledged the threat of and need to prepare for cyber attacks over the last couple of years.
Numerous audits and reports, however, have found that many U.S. government networks are still vulnerable. More than a few U.S. government agencies lack urgency in dealing with the problem, leaving government networks exploitable, according to the intelligence official. He went on to say it was “likely” there would be more unsuccessful and successful cyberattacks on U.S. government networks.
“What the OPM breach really revealed is that government cybersecurity isn’t even up to the par of the private sector, and the private sector suffers security breaches all the time,” notes Marc Zwillinger, a lawyer handling data breach and privacy cases. “So it’s a wake-up call both for the government networks and commercial networks.”
Of interest, both a number of lawmakers and current and former intelligence officials have publicly spoken about the need to consider retaliatory cyber attacks so as to impose additional “costs” on foreign states who target the U.S.