The Quiet Threat: Cyber Spies are Already in your Systems

It's an insidious security threat that's a lot more common than you probably realize.

As an IT or security executive, determining whether your organization is under attack via this seemingly undetectable threat -- and putting in place adequate technology and procedural safeguards -- should be a high priority. The stakes are too high to ignore the problem.

Security experts believe that a growing number of companies are being spied upon electronically by sources from other countries, most notably China. What makes these attacks so troublesome is that their techniques are often undetectable by the usual security tools. Electronic spies try to get into systems without causing disruptions, so they can quietly gather information over a period of time.
These types of threats are much harder to deal with than untargeted attacks because they never become widespread enough for security vendors to observe reliably. As a result, security software and other tools that detect known attacks don't identify these threats. Also, an attack that's aimed at a particular target can be designed to get around whatever combination of defenses is in place. And the people who launch electronic spying attacks go to great lengths to prevent the targets from detecting the threat.

Although the problem is largely hidden, it is real and serious. In this special report, InfoWorld.com answers the key questions on who's spying, what they're looking for, and what you can do to protect yourself:

• • How common is e-spying?
  • Who's doing the espionage?
  • How do the cyber spies infiltrate your systems?
  • Who are the data thieves targeting?
  • What risks do you face?
  • What can you do to stop the cyber espionage?