The quiet threat: Cyber spies are already in your systems

InfoWorld - Is your company's data under surveillance by foreign spybots looking for any competitive advantages or weaknesses they can exploit? This might sound farfetched, but such electronic espionage is real. It's an insidious security threat that's a lot more common than you probably realize.

As an IT or security executive, determining whether your organization is under attack via this seemingly undetectable threat -- and putting in place adequate technology and procedural safeguards -- should be a high priority. The stakes are too high to ignore the problem.

[ Not all corporate espionage is high-tech; find out how to stop low-tech spies. | InfoWorld's Roger Grimes says you should lure spies with honeypots. | Master your security with InfoWorld's interactive Security iGuide. ]

Security experts believe that a growing number of companies are being spied upon electronically by sources from other countries, most notably China. What makes these attacks so troublesome is that their techniques are often undetectable by the usual security tools. Electronic spies try to get into systems without causing disruptions, so they can quietly gather information over a period of time.

These types of threats are much harder to deal with than untargeted attacks because they never become widespread enough for security vendors to observe reliably. As a result, security software and other tools that detect known attacks don't identify these threats. Also, an attack that's aimed at a particular target can be designed to get around whatever combination of defenses is in place. And the people who launch electronic spying attacks go to great lengths to prevent the targets from detecting the threat.

Although the problem is largely hidden, it is real and serious. In this special report, InfoWorld.com answers the key questions on who's spying, what they're looking for, and what you can do to protect yourself.

How common is e-spying? Observers say electronic spying is becoming more common. Neil MacDonald, a vice president at research firm Gartner who covers computer security, maintains that as many as 75 percent of enterprises have been or are being infected with undetected, financially motivated, targeted attacks that evaded their traditional perimeter and host defenses.

"Any government or commercial organization with sensitive information is being targeted," MacDonald says. The highly publicized attack on Google's network, in which the company was a target of what it called a highly sophisticated and coordinated assault originating from China, was just the beginning. MacDonald says multiple Gartner clients have reported being attacked during the same timeframe via similar methods. InfoWorld's editors have learned of repeated attacks at major companies, described in several off-the-record conversations.