“We’ve seen a big shift in the last two years to more sophisticated, stealthy attacks,” says Gartner VP and Security Research Fellow John Pescatore. Sometimes, he says, the aim is purely financial—hijack some data and get the company to pay you to return it; or steal a customer database and sell the personal identification to whoever will pay for it. “Other times, it’s industrial espionage. And as people started to look at where those targeted attacks were coming from, they found they were coming from all over the world.” Experts point to China, Russia, France and Israel as big players in this black market. CIOs may be less aware of the threat to IP than to their systems, and therefore less prepared to protect the former. “Companies are thinking about worms and viruses, things that will not have very bad consequences and have always been wildly exaggerated,” says Borg. “Or they’re thinking about ID theft, which attracts a lot of attention, even though the number of cases is remarkably low.”

There’s a difference, too, in the systems an intruder looking for corporate secrets may target. IP thieves “won’t necessarily look at obvious financially sensitive areas,” says Borg, thereby escaping detection. “They may be looking at technical data, controls systems, automation software.” And the results of IP theft can be hard to see—a slow degradation of one’s competitive position in the market may easily be attributed to other, noncriminal factors.

Until recently, the most conclusive public evidence that sustained industrial espionage has taken place in cyberspace has come from the military. Titan Rain was “the most systematic and high-quality attack we have seen,” says Ira Winkler, author of, most recently, Zen and the Art of Information Security. Chinese hackers successfully breached hundreds of unclassified networks within the Department of Defense, its contractors and several other federal agencies. One Air Force general admitted at an IT conference last year that China had downloaded 10 to 20 terabytes of data from DoD networks.

But it’s not just high-profile targets that are at risk. “The intellectual property needed to build a new type of safety restraint for an aircraft is just as important as anything else,” says Howard A. Schmidt, former CISO of eBay and former special adviser to the president for cyberspace security.

IP thieves have targeted companies as diverse as retailers and high-tech manufacturers. In incidents nicknamed “the Trojan Affair,” 18 Israeli executives from several companies were arrested for their involvement in an international computer espionage conspiracy that targeted competitive information from rivals including, in 2005, the Israeli divisions of Ace Hardware and Hewlett-Packard. Also in 2005, several executives from the software company BusinessEngine pleaded guilty to hacking rival Niku’s systems to access its trade secrets.