Academic journal article Emory Law Journal

Cyber Espionage and Electronic Surveillance: Beyond the Media Coverage

Academic journal article Emory Law Journal

Cyber Espionage and Electronic Surveillance: Beyond the Media Coverage

Article excerpt

Introduction

In the twenty-first century it seems that everyone is eavesdropping on everyone else-governments and companies, militaries, law enforcement and intelligence agencies, hackers, criminals, and terrorists. State-sponsored and private cyber espionage and criminal and foreign-intelligence surveillance have ramped up in part because the national security threat environment is ever more complicated and multifaceted, and the ability to meet it is increasingly dependent on good intelligence, in real time. However, surveillance and espionage have also increased because the Internet and cyber technology so readily enable exploitation of intellectual property and other commercially valuable information. Among its many attributes, the Internet has introduced new dynamics to the age-old tensions between security and liberty. The Internet expands our freedom to communicate at the same time it makes us less secure. It expands our online vulnerabilities while it lowers the visibility of intrusions. The Internet provides new means for enabling privacy intrusions and causing national security and economic harm even as it provides governments with ever more sophisticated tools to keep tabs on bad actors. Yet in the cat and mouse game between the government agents and suspected terrorists and criminals, ever newer devices and encryption programs ratchet up privacy protections in ways that may prevent government access to those devices and their contents. These devices and programs, in turn, may enable cyber theft or even destructive terrorist attacks.

Espionage and intelligence collection are part of the national security apparatus of every state. cyber espionage involves deliberate activities to penetrate computer systems or networks used by an adversary for obtaining information resident on or transiting through these systems or networks. A pertinent subset is economic espionage, where a state attempts to acquire secrets held by foreign companies. of course, states conducted economic espionage before the Internet, but the availability of cyber exploitation rapidly and significantly expanded the activity.1

Electronic surveillance intercepts communications between two or more parties. The intercepts can give insight into what is said, planned, and anticipated by adversaries. Because such vast quantities of communications now travel through the Internet, more than humans can comprehend in their raw form, surveillance often leads to processing and exploitation through algorithms or other search methods that can query large amounts of collected data in pursuit of more specific intelligence objectives.2

Traditional state-sponsored surveillance and espionage have been transformed into high-tech and high-stakes enterprises. Some of the cyber activity is electronic surveillance for foreign intelligence purposes, mimics traditional spying, and services a range of what most of us would concede are legitimate national security objectives-anticipating terrorist attacks, learning about the foreign policy plans of adversaries, and gaining advantage in foreign relations negotiations.3 However, a good deal of the cyber sleuthing involves economic matters, sometimes extending to include intellectual property theft, and is undertaken by states or their proxies to secure comparative economic advantage in trade negotiations, other deals, or for particular companies.4

I.ECONOMIC CYBER ESPIONAGE

Governments and their agents have been exploiting Internet connectivity by penetrating the electronic networks of foreign companies for nearly a quartercentury.5 Until 2010, companies chose to ignore the problem, more or less.6 Then Google publicly claimed that China had stolen source code and used it to spy and to penetrate other companies' networks.7 At about the same time, major economic espionage was carried out against large western oil companies and traced to a site in China, and another theft lifted security key tokens, which in turn led to the penetration of other firms, including defense contractors in the United States. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.