Cyber-Espionage: A Bigger Problem than We Realize

Homeland security is, and should be, our biggest priority as a nation.  If our safety as a people is threatened, little else matters.  We tend to focus our attention on nuclear threats around the world, which is sensible, considering the sheer destructive force capable of being rendered by those threats, or on terrorist attacks, which is understandable, considering the shock and scale of those attacks.  However, there's one threat we aren't paying close enough attention to: cyber-espionage.

Why Espionage Is So Threatening

Espionage seems inherently less threatening than large-scale attacks, and in terms of immediate casualties, it may be.  We've also faced a long history of espionage, throughout the Cold War and beyond – so much so that it has its own museum.

Essentially, espionage is a threat for three main purposes:

  • Information.  One of the biggest goals of espionage is to get information, whether it's related to political or military matters.  That information can be used for potentially endless destructive threats.  It can give spies access to our most secure military bases or compromise a mission meant to secure peace in a given region.  If our information is compromised, our defenses can be shattered – and any physical, measurable attack can become deadlier.
  • Manipulation.  Espionage also has the power to manipulate our population.  Rather than collecting information, spies can distribute information and change how our country operates from within.  Pushing specific political leaders to be elected, spreading distrust, and even igniting internal conflicts are all possible, and none of them is good for our country.
  • Undetectability.  The most threatening aspect of espionage is that when successful, it is virtually undetectable.  We could be hit with an espionage attempt that robs us of critical military information and not know until it's too late.  We could have our entire political structure undermined by an external attempt to manipulate it – and we wouldn't even know it was there.

The Cyber Era

Espionage in the cyber era makes the threat even more dangerous.  But why?

Part of the threat here is the sheer level of accessibility.  Anyone, from any country in the world, so long as he has an internet connection, can feasibly pose a threat to our biggest institutions.  All it takes is one weak password or one hacker with extraordinary skill, and a third-party terrorist organization can get the information it wants or needs.

Another element to consider here is the potential for economic impact.  While there's about $10.5 trillion dollars in the United States, only $1.4 trillion of that money is in cash.  That means that 87 percent of our money (or more) is held electronically, and that makes it vulnerable to external cyber-threats.  Economic attacks and manipulation have the power to weaken our country's infrastructure even more than a physical attack, though it would be at the cost of fewer casualties.

Finally, we need to consider the vulnerability and dependence our population has on the internet.  Almost every adult citizen has a social media profile or relies on the internet for information, but we can't reasonably expect all those individuals to protect themselves flawlessly or inspect every source of every article they read. A cyber-spy or political manipulator could easily gain an audience of millions for his own agenda.

New Precautions

All this is unsettling, so what can we do to mitigate the threat?  The creation of the internal Cyber Mission Force is a good start.  We need to have a team of cyber-espionage experts constantly on the lookout for threats, both to political and military intelligence and to the American people at large.

However, this doesn't do enough to protect individuals, or proactively monitor all possible threats.  We also need the help of large corporations, which already have security infrastructure in place and have the resources necessary to protect their users.  Accordingly, the best path forward is some level of collaboration between businesses in the private sector and the federal government.  Only through this flexible collaboration would we be able to identify the greatest percentage of incoming threats and tap the resources necessary to mitigate those attacks – or, ideally, prevent them altogether.

Homeland security is, and should be, our biggest priority as a nation.  If our safety as a people is threatened, little else matters.  We tend to focus our attention on nuclear threats around the world, which is sensible, considering the sheer destructive force capable of being rendered by those threats, or on terrorist attacks, which is understandable, considering the shock and scale of those attacks.  However, there's one threat we aren't paying close enough attention to: cyber-espionage.

Why Espionage Is So Threatening

Espionage seems inherently less threatening than large-scale attacks, and in terms of immediate casualties, it may be.  We've also faced a long history of espionage, throughout the Cold War and beyond – so much so that it has its own museum.

Essentially, espionage is a threat for three main purposes:

  • Information.  One of the biggest goals of espionage is to get information, whether it's related to political or military matters.  That information can be used for potentially endless destructive threats.  It can give spies access to our most secure military bases or compromise a mission meant to secure peace in a given region.  If our information is compromised, our defenses can be shattered – and any physical, measurable attack can become deadlier.
  • Manipulation.  Espionage also has the power to manipulate our population.  Rather than collecting information, spies can distribute information and change how our country operates from within.  Pushing specific political leaders to be elected, spreading distrust, and even igniting internal conflicts are all possible, and none of them is good for our country.
  • Undetectability.  The most threatening aspect of espionage is that when successful, it is virtually undetectable.  We could be hit with an espionage attempt that robs us of critical military information and not know until it's too late.  We could have our entire political structure undermined by an external attempt to manipulate it – and we wouldn't even know it was there.

The Cyber Era

Espionage in the cyber era makes the threat even more dangerous.  But why?

Part of the threat here is the sheer level of accessibility.  Anyone, from any country in the world, so long as he has an internet connection, can feasibly pose a threat to our biggest institutions.  All it takes is one weak password or one hacker with extraordinary skill, and a third-party terrorist organization can get the information it wants or needs.

Another element to consider here is the potential for economic impact.  While there's about $10.5 trillion dollars in the United States, only $1.4 trillion of that money is in cash.  That means that 87 percent of our money (or more) is held electronically, and that makes it vulnerable to external cyber-threats.  Economic attacks and manipulation have the power to weaken our country's infrastructure even more than a physical attack, though it would be at the cost of fewer casualties.

Finally, we need to consider the vulnerability and dependence our population has on the internet.  Almost every adult citizen has a social media profile or relies on the internet for information, but we can't reasonably expect all those individuals to protect themselves flawlessly or inspect every source of every article they read. A cyber-spy or political manipulator could easily gain an audience of millions for his own agenda.

New Precautions

All this is unsettling, so what can we do to mitigate the threat?  The creation of the internal Cyber Mission Force is a good start.  We need to have a team of cyber-espionage experts constantly on the lookout for threats, both to political and military intelligence and to the American people at large.

However, this doesn't do enough to protect individuals, or proactively monitor all possible threats.  We also need the help of large corporations, which already have security infrastructure in place and have the resources necessary to protect their users.  Accordingly, the best path forward is some level of collaboration between businesses in the private sector and the federal government.  Only through this flexible collaboration would we be able to identify the greatest percentage of incoming threats and tap the resources necessary to mitigate those attacks – or, ideally, prevent them altogether.