Most cyber attacks are designed for financial gain. Hackers want to access financial information in your networks that they can sell or use for blackmail. Cybercriminals typically use tactics such as phishing, ransomware and man-in-the-middle attacks to harvest user credentials or corporate data.
Cyber espionage attacks are also designed to gather sensitive data, but because the attacks come from nation-state actors, the end goal is intellectual property, classified information or access—stealing a piece of code for a weapons system, perhaps, or manipulating code to disable it.
A nation-state cyber espionage attack almost always deploys APTs, and it often remains in stealth mode in a network for years before it's detected. The bad actors can track the data they want; they can see how code is updated, track which projects have been discarded and monitor confidential communications between government officials. Other attacks don't provide those long-term benefits—or do that kind of long-term damage.
Cyber espionage, like other cyber attacks, has become more sophisticated over time. However, many victims didn't realize their role in geopolitical conflicts and regarded cyber espionage attacks like any other type of cyber attack for far too long. With nation-states now waging almost-constant cyberwars, cyber espionage has reached a new level of strategic value—and enterprises are paying attention.