Cyber Espionage
How states use cyber tools to steal secrets at unprecedented scale, from the SolarWinds breach to Chinese industrial espionage, and why it is so difficult to deter.
Digital Spying
Cyber espionage is the use of computer networks to gain unauthorized access to confidential information held by governments, militaries, or corporations. Every major intelligence service now conducts cyber espionage, and it has become the dominant form of intelligence collection in the 21st century. Unlike traditional espionage, which requires recruiting human agents and operating in hostile territory, cyber espionage can be conducted remotely, at scale, and with relatively low risk of attribution.
The SolarWinds breach, discovered in December 2020, demonstrated the scale possible. Russian intelligence (SVR) compromised the software update mechanism of SolarWinds, a company whose Orion platform was used by approximately 18,000 organizations including multiple US government agencies. The attackers had access to the Treasury Department, Commerce Department, and parts of the Pentagon for months before detection. The operation was classified as espionage rather than an attack because it collected information without damaging systems, but its scale was unprecedented.