Cyber Espionage

Abstract

Cyberspace gives rise to risks as well as opportunities, and a prominent threat emerging from this domain is cyber espionage. Because no internationally and legally recognized definition of cyber espionage exists, the following definitions of espionage will be used only to frame the subject under examination. “Cyber espionage” describes the exploitation of cyberspace for the purpose of accessing and collecting confidential data. It can occur via close or remote access. “Close access cyber espionage” involves the collection of confidential data through the installation of hardware or software by malicious actors in close physical proximity to the targeted computer network or system. In contrast, “remote access cyber espionage” is launched some distance from the targeted network, usually by exploiting pathways created by the Internet. Cyber espionage takes different forms depending upon the type of confidential data targeted, the actor undertaking this activity, and the context in which it occurs. “Political” cyber espionage is usually state-sponsored (although it can be undertaken by nonstate actors such as terrorist groups) and describes the appropriation of political and military information belonging to state and nonstate actors during times of peace or armed conflict. “Economic” cyber espionage is also state-sponsored but instead involves the theft of confidential business information from foreign companies. “Industrial” cyber espionage entails the theft of confidential business information, but, unlike economic cyber espionage, it is carried out by companies against foreign rivals without the support or assistance of a state. The dawn of cyberspace has heralded an exponential increase in political, economic, and industrial espionage for several reasons: first, cyberspace is used to store huge amounts of confidential information, and is therefore a resource-rich environment for cyber spies to target; second, the instantaneous nature of cyberspace means that cyber spies can access confidential information quickly, cheaply, and efficiently; and third, cyberspace is a virtual and interconnected domain, meaning that espionage can be conducted remotely and anonymously, thus making it a relatively risk-free enterprise. Peacetime espionage is not specifically regulated by international law, and thus there is no “international law of espionage” that can be applied to cyber-enabled espionage. But this does not mean that cyber espionage exists in an international law vacuum. In fact, there is an array of general principles of international law as well as specialized regimes that are potentially applicable to cyber espionage. Unlike peacetime espionage, cyber espionage committed during times of armed conflict is directly regulated by international humanitarian law.