“The threat of cyber-espionage on our critical infrastructure industries — the power grid, our transportation system and the country's financial systems — is just as great a threat to the U.S. military and government as the espionage aimed at those institutions,” he says. “They're not really separate anymore — the government and military are dependent on our infrastructure.”
What looks like industrial espionage has a potentially very large impact on the government's ability to carry out missions, he adds. “Some of the economic effects that are being blamed on globalization are actually the result of massive information theft, much of it accomplished by cyber-attacks.”
Tim Bennett, president of the Cyber Security Industry Alliance, a public policy advocacy group, agrees with Borg that the threat of an indirect, rather than direct, cyberattack against the U.S. government or military should be taken seriously. “Nobody wants to take on the U.S. directly in traditional military fashion.”
What an enemy can do, he says, is cripple the U.S. by crippling part of the critical infrastructure, such as control of the power grids, water systems and financial and transportation systems.
That said, cyber-espionage doesn't have to go to that extreme to benefit the perpetrators, says Dave Marcus, security research and communications manager at McAfee's Avert Labs, which recently released a report predicting that the rise in international cyber spying will pose the number one security threat in 2008.
“We're apt to see information gathering, or diverting information or inserting misinformation for financial gain,” he says. “Money will be the prime motivator. If it's worth money to X government, it will find a way to steal information even if it has to broker with someone. Ultimately, financial issues will drive cyber-espionage.”
— Jim Carr