It Affects More Than Just Nation States

It wasn’t that long ago when the threat to UK security was seen through the prism of espionage, sabotage, subversion, and terrorism. However, as the Cold War ended in 1991 and the West refocused onto wars in the Middle East and international terrorism, espionage, sabotage, and subversion seemed to drop out of view. More recently, with issues surrounding China’s acquisition of Intellectual Property and Russia’s threat to the critical infrastructure, those threats have resurfaced and are being brought to the publics attention by Western intelligence services.

Espionage. From a commercial perspective, Chinese espionage focuses on acquiring intellectual property (IP) to boost their economic growth while hindering the originators’ their success. The scale of that espionage and the acquisition of IP is such that its effects were highlighted by a former head of the NSA, when he described it as, “the greatest transfer of wealth in history.” It is a threat that is very much active, with the FBI reporting in 2021 that they opened a China-related investigation every twelve hours. If that is correct, from the beginning of 2021 to mid-2024 that would be 2,500 cases and it is very unlikely that the US are alone.

Sabotage. Fires at an Ikea store in Vilnius, arson attacks at a warehouse in East London and at a Warsaw shopping centre, have been reported as Russian efforts to remind the West of its capabilities amid ongoing support for Ukraine. To mount these attacks, Russia allegedly uses social media to recruit right-wing groups and while that might give some plausible deniability, it is not necessarily believed by Western intelligence agencies. Although overcoming the security of shops or warehouses might be relatively simple, sabotaging the critical national infrastructure of subsea cables or pipelines would require state intervention and significant resources. Whether the Russians would consider doing this at the moment is a moot point, but with US and Germany reportedly preventing a Russian plan to assassinate the CEO of Rheinmetall, in the same vein, the critical infrastructure of individual organisation’s could be seen to be at risk.

Subversion. Though sometimes seen as secondary to espionage and sabotage, subversion remains crucial in an overall strategy. The Soviet Union used it during the Cold War by setting up front organisations, infiltrating protest groups, and broadcasting propaganda. Its aim is to cause discontent and damage relations between people and their government. Currently, there are concerns that China and Russia use social media to spread disinformation, exploiting public opinion on conflicts, such as that between Israel-Hamas, to create divisions within the UK and other countries.

Espionage – The Collection Effort

UK intelligence services has set out in public that it uses agents, intercepts communications, searches bulk data, deploys eavesdropping devices, and accesses computers covertly. In all probability Chinese and Russian intelligence use similar techniques and combine this with open-source information, satellite imagery, and cyber methods. The production of intelligence is not haphazard or subject to chance, but is a highly directed effort that targets and exploits sources, processes and analyses information and provides a final product that meets the needs of those requesting it. This can be a very long term process lasting years, rather than weeks or months.

For more information on Open Source Intelligence (OSINT) and the process around delivering an intelligence product, please click here.

Defence in Depth – It’s Not Foolproof

Security is traditionally seen a providing protection through Defence in Depth and is often illustrated as a series of concentric circles protecting valuable assets at its centre. However, since the Cold War ended in 1991, business practices have evolved with technology, hybrid working, hot desking, and outsourcing, all in turn increasing the security risk. Across that time period and in common with an increasing number of in-house functions, security has moved from in-house to being outsourced, quite often as part of Total Facilities Management (TFM) contract. From a commercial perspective this can bring benefits, but from a security perspective and with a single TFM supplier, it has the potential to slice through the Defence in Depth model.

There is a tendency for security to sit within FM, but is this the correct place for it? To read more, please click the link here.

Social Media – People Attract Attention

Following a US Navy sailor’s espionage conviction in January 2024, the US Justice Department warned of Chinese intelligence targeting security-cleared personnel in a sentiment echoed by MI5’s Director General. A simple LinkedIn search for DV and SC clearances returned 2,100 and 27,000 profiles, respectively. Such accessible data poses new risks, potentially facilitating foreign intelligence exploitation of individuals such as a Cyber Intelligence manager and Royal Navy sailor who displayed their personal details on LinkedIn and claimed to have DV Clearance.

Its About Risk – It’s an Organisation’s Responsibility

Understanding potential threats to an organization—from intellectual property theft to infrastructure damage and subversion—is crucial. It’s the responsibility of an organisation to assess those risks alongside its dependencies, partners, and customer relationships. While Chinese and Russian capabilities are substantial, by their very nature, other than in general terms, their specific targeting is more difficult to judge. Leaders or emerging figures in specialised fields are however, believed to be particularly at risk, but establishing the degree of threat requires internal dialogue beyond publicly available information. Rather than isolated measures, a cohesive security culture and integrated Protective Security approach—encompassing Personnel, Physical, Information, and Personal Security—are essential to reducing vulnerabilities and countering foreign intelligence threats effectively.

Prior to the end of the Cold War and probably with the rise and importance of Cyber security, security was addressed as a single issue, through Protective Security, for more information on that, please click here.

Espionage, Sabotage and Subversion – A Document

It’s perhaps reasonable to assume that espionage, sabotage and subversion only affect nation states, but that isn’t true. They can affect a range of organisations, whether that is academia or private industry and if targeted, particularly by foreign states with their capabilities, could cause serious damage.

The document, Espionage, Sabotage and Subversion, sets out some of the issues in more detail and is available by clicking the link here.

RedLeaf Consultancy – Advising Clients

RedLeaf Consultancy is a consultancy which is primarily concerned with advising clients on how security might impact on the risks that they have have and from that generating solutions.