Cyberespionage tops APAC cybercrime trend

Countries moving industrial espionage activities online as more people in region get on Internet, and security insiders urge countries to balance need to fend off threats with risk of sparking off cyber warfare.

SAN FRANCISCO--Cyberespionage is the leading cybercrime trend in Asia-Pacific, with countries expanding their industrial espionage activities to digital platforms as more people gather and share information online. However, such activities should not be confused with cyber warfare and any action must not trigger war in the physical realm, urge security insiders.

According to Uri Rivner, head of new technologies at RSA, the security division of EMC, Asia has entered the age of cyberespionage, which he described as state actors stealing trade secrets from other nations and companies for their own benefit.

This new development is "industrial espionage on a much larger scale" in which countries make use of the technology at their disposal to steal trade secrets of economic value from other parties, he added.

Speaking to ZDNet Asia at the RSA Conference 2012 held here Thursday, Rivner attributed this trend to the growing proportion of users in the Asia-Pacific becoming exposed to the Internet, as well as the attractiveness of the gains to be gotten from the stolen information. These gains could be in areas such as natural resources, economic or political advantages, and with strong demand for such details there is bound to be cyberespionage activities, he said.

The RSA executive also noted that 2012 will see a merging of nation-sponsored attacks, cybercrime and hacktivism--all of which he identified as top cyberattack trends for the year. Elaborating, he said financially-motivated cybercriminals might breach government or military networks using advanced persistent threats (APTs) so as to sell the information to interested parties such as hacktivists or other state actors.

"We see a blend of tools being used between all of these groups," he said. "I can guarantee that 2012 will be very interesting from that perspective."

Be ready, but don't trigger online war
However, Rivner warned that non-violent cyberespionage and other related online crimes must not be confused with cyber warfare--which he said only takes place when "nuclear plants are blown up by other countries with a click of the mouse, or countries having blackouts".

He noted that some Asian countries have taken the issue of cyberespionage "very seriously" and are looking into or have crafted a national defense strategy for critical infrastructure, such as government Web sites. In fact, almost every major Asia-Pacific country has online capabilities for attack and defense, he stated.  

Roel Schouwenberg, senior researcher at Kaspersky Labs, pointed out that it was "scary" that countries are focusing on offensive, instead of defensive, capabilities in guarding against cyberespionage and other Web-based threats, though.

He said at a separate panel session held during the security conference on Thursday that being too offensive is not a good move because it would ultimately lead to cyber warfare.

Andrew Walls, research vice president of security, risk and privacy at Gartner, had a different perspective, though. He told ZDNet Asia in an e-mail that it was not realistic to expect nation states to regard online networks as "sacrosanct environments" and not promote their domestic interests and priorities there.

"In the interest of promoting commerce, nations will seek to limit cybercrime but they will also develop and maintain abilities to use those same networks and platforms for espionage and attack," he said. "As with non-digital espionage, nations will use proxies such as private individuals, groups and organizations to hide or mask their actions and intentions."

Thus, the digital arena is no different from the physical one when it comes to countries pursuing their national interests, Walls noted.

Ellyne Phneah of ZDNet Asia reported from the RSA Conference 2012 in San Francisco, USA.