Knowledge Tree
cyber espionage
Also known as: cyberespionage
Facts (41)
Sources
Rethinking Espionage in the Modern Era cjil.uchicago.edu 39 facts
claimThe 'statecraft tool' argument for cyber espionage suggests that low entry costs and increased accessibility improve statecraft by expanding information flow between countries, though this is countered by the parallel amplification of distrust.
referenceThe article 'Rethinking Espionage in the Modern Era' is structured as follows: Section II defines espionage; Section III outlines the ambiguity of espionage in international law; Section IV explains the difficulties of regulating espionage; Section V discusses catalysts and unique problems of cyber espionage; and Section VI proposes an exemplary norm for states to limit the consequences of legal uncertainties.
claimCyber espionage capacities are cheaper to invest in than traditional espionage tools because malware and similar information-retrieval tools are less expensive to develop than maintaining a vast intelligence network.
claimStates are unlikely to curb cyber espionage conduct if they believe they possess a strategic upper hand in the arena, as first movers in negotiations are at a bargaining disadvantage.
claimCountries with fewer traditional espionage capabilities may choose to increase their cyber espionage capacities to gain relative power on the international stage, particularly if cyber espionage is more cost-efficient than traditional methods.
claimNations with established cyber espionage capabilities are incentivized to oppose anti-cyber espionage treaties to maintain their dominance, while weaker states view anti-cyber espionage development stances as oppressive.
claimVictim states are unlikely to detain cyber espionage actors located outside of their own or an ally's jurisdiction without cooperative extradition relationships, even if the act is attributable to a specific organization or individual.
claimJames E. McGhee proposes a two-tiered analysis for cyber law where 'cyber intrusion' is used as a catch-all term until it can be further defined as a cyberattack, a cybercrime, or cyberespionage.
claimThe Edward Snowden leaks led to widespread condemnation of mass surveillance and cyber espionage from victim states.
referenceThe MI5 Security Service defines cyber espionage as an activity that allows a hostile actor to steal information remotely, cheaply, and on an industrial scale, with relatively little risk to the hostile actor's intelligence officers or agents overseas.
claimThe Budapest Convention and the African Union Convention on Cyber Security and Personal Data Protection are considered the best attempts at cyber space governance, yet both lack direct relevance to the area of cyber espionage.
claimThe Tallinn Manual does not address cyber espionage because the international law governing the use of force and armed conflict plays little or no role in regulating such activities.
claimThe definition of cyber espionage in the Tallinn Manual is intended to consider the alignment of traditional war conventions with cyber espionage during times of armed conflict, rather than peace-time espionage.
claimThe U.S. Department of Defense does not explicitly define cyber espionage or cyber attack in its dictionary of military terms, instead categorizing cyber espionage as espionage conducted as a cyberspace operation.
claimPresident Barack Obama called for new rules to govern cyberespionage due to its increasing use and effectiveness in global geopolitics.
claimThe Tallinn Manual does not provide a clear analysis on the topic of cyber espionage because the group believed there is an absence of a direct prohibition in international law on espionage per se.
claimThe Tallinn Manual classifies non-violent operations, such as psychological cyber operations or cyber espionage, as activities that do not qualify as attacks.
claimProposals to ban cyber espionage entirely are considered highly controversial and unlikely to gain political traction due to existing strategic considerations and the status quo.
accountA Chinese military group was linked to cyberespionage activities targeting over 100 American companies.
claimCyber espionage is defined as the use of cyber technology to achieve the goals of traditional espionage.
claimThe United States has begun prosecuting individuals engaged in alleged state-sponsored cyber espionage, which serves to impute reputational damage to bad state actors even if actual arrests are unlikely.
claimThe author of 'Rethinking Espionage in the Modern Era' draws an analogy between the use of private actors in cyber espionage and the state use of mercenaries and private military contractors, noting that the latter is a subject of significant controversy.
claimThe 'permissibility view' regarding cyber espionage is losing force due to growing discontent over information collection, weakening self-defense justifications, and the ballooning risk of information flow.
claimCyber intrusion attempts originate from over 100 countries, indicating that cyber espionage is a dispersed phenomenon rather than one restricted to a few capable states.
claimWilliams suggests that the United States should analyze cyber intrusions under a covert action framework rather than an intelligence analysis framework due to the unclear distinction regarding cyberespionage.
claimRobert D. Williams argues that the distinction between cyberespionage and covert action is so unclear that it is better to analyze cyberespionage under a covert action framework.
accountThe BBC reported on July 1, 2014, that energy firms were hacked by a cyber-espionage group known as Dragonfly.
claimThe cost efficiency of cyber espionage tools increases as experience and learning curves improve.
claimThe EastWest Institute, in a collaborative effort between Russian and American experts, defined cyber espionage as 'a cyber operation to obtain unauthorized access to sensitive information through covert means.'
claimMajor Graham H. Todd argues that cyberespionage should be classified under the cyberattacks framework to deter states by increasing the likelihood of triggering armed self-defense.
quoteThe Tallinn Manual defines cyber espionage as “any act undertaken clandestinely or under false pretenses that uses cyber capabilities to gather (or attempt to gather) information with the intention of communicating it to the opposing party.”
claimThe author of 'Rethinking Espionage in the Modern Era' suggests that a viable approach to regulating cyber espionage is to incrementally prohibit specific activities, such as the engagement of private entities in cyber espionage.
claimThe current state of international affairs regarding cyber espionage has not reached an unacceptable tipping point that would necessitate a treaty or regulation, unlike the Cold War nuclear and space arms races or recent economic espionage between the U.S. and China.
claimThe Tallinn Manual states that cyber information gathering performed from outside the territory controlled by an adverse party is not considered cyber espionage, though it may be punishable under the domestic criminal law of the affected State or the neutral State from which the activity originated.
claimThe territoriality argument regarding cyber espionage remains in analytical limbo until states can agree on a uniform conceptualization of cyber space.
claimCyber espionage disrupts traditional cost-benefit analysis of spying because the benefits of cyber espionage have increased while the costs have significantly decreased.
claimShackelford notes that countermeasures are only acceptable against unlawful behavior, meaning they would not be allowed if cyberespionage and cyberattacks were distinguished.
perspectiveThe use of private organizations for cyber espionage allows states to engage in espionage activities with minimal liability, which upends the traditional cost structure that limited widespread espionage.
claimCyber espionage has evolved from a tool for political stability into a point of public discourse, becoming less defensive and more offensive in nature.
Cybersecurity Trends and Predictions 2025 From Industry Insiders itprotoday.com 2 facts
claimCyber espionage campaigns will proliferate to a variety of actors focused on regional conflicts seeking the asymmetric advantage cyber provides, rather than being limited to large nations historically seen as mature cyber actors.
claimState-aligned cyber espionage operations are deeply intertwined with geopolitical dynamics.