Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Lieberman Software warns of more cyber-espionage cases in wake of EDF/Greenpeace saga

As reported previously, EDF has also been ordered to pay €500,000 in damages to Greenpeace, with several former members of staff within the energy giant and an external security company being handed down prison sentences.

According to Philip Lieberman, president of Lieberman Software, the only surprise is not having seen this sort of trojan-assisted industrial espionage reaching the courts before.

He says that the EDF/Greenpeace court case is only notable because the saga started more than five years ago.

"According to the various newswire reports, the power generation giant - which runs more than 50 nuclear power stations in France and 8 in the UK - tasked an external company to conduct illegal surveillance on Greenpeace's then head of campaigns in France, Yannick Jadot", he said.

"Thanks to the successful infection of Jadot's computer, EDF was able to illegally obtain 1,400 documents about the environmental charity's ongoing campaign against nuclear energy", he added.

The president of the privileged identity theft specialist went on to say that, while it is good to hear that the French courts have handed down actual and suspended sentences against former EDF security staff and the detective agency employed by the energy giant, there are some significant questions that remain to be answered.

These include the possibility of incursions into the computers of other senior members of Greenpeace's staff, how long it was before the infections were detected and how they were spotted.

And then, he says, there is the confidential court testimony that was released by a French Web site - Mediapart - two years ago, that revealed that EDF had organised surveillance not only of Greenpeace in France, but broadly across Europe since 2004.

The really big question, says Lieberman, is how many other cases of trojan-assisted industrial espionage have been carried out in recent years, especially since the external company hired by EDF are said to have relatively simple techniques to infect the Greenpeace chief's computer.

And it's worth noting, he explained, that the same French court handed down a six-month prison sentence and 4,000 euro fine to the external company that EDF used - in connection with infecting computers at a French anti-doping lab - allegedly on behalf of disgraced US cycling star Floyd Landis.

"So what do these two cases tell us? Quite simply that trojan-assisted infections are almost certainly an integral part of the modern-day private detective's IT arsenal when conducting industrial espionage", he said.

"The most worrying question is whether terrorists are also using the same techniques to assist their campaigns. I suspect the answer is yes, meaning that IT security professionals now need to take action against the use of trojans to harvest information from the machines under their protection", he added.

What’s Hot on Infosecurity Magazine?