Question

explain that when an unauthorized individual gains access to the information an organization is trying to protect, that act is categorized as a deliberate act of espionage or trespass

Answer 1

I explained here about deliberate act of espionage or treepass with some clear examples.

Espionage or trespass: .Espionage or trespass occurs when an unauthorized individual attempts to gain illegal access to organizational information. when we discuss trespass, it is important that we distinguish between competitive intelligence and industrial espionage. competitive intelligence consists of legal information-gathering techniques, such as studying a company's website and press releases, attending trade shows, and so on. in contrast, industrial espionage crosses the legal boundary.

Information extortion: Information extortion occurs when an attacker either threatens to steal, or actually steals, information from a company. The perpetrator demands payment for not stealing the information, for returning stolen information, or for agreeing not to disclose the information.

Sabotage or vandalism: Sabotage and vandalism are deliberate acts that involve defacing an organisation’s website, possibly causing the organisation to lose its image and its customers to experience a loss of confidence.

Theft of equipment and information: Computing devices and storage devices are becoming smaller yet more powerful with vastly increased storage (e.g. laptops, Blackberries, personal digital assistants, smart phones, digital cameras, thumb drives and iPads). As a result, these devices are becoming easier to steal and easier for attackers to use to steal information.

Skip dipping , involves the practice of rummaging through commercial or residential rubbish to find information that has been discarded. Paper files, letters, memos, photographs, IDs, passwords, credit cards and other forms of information can be found in rubbish.

Identity theft: Identity theft is the deliberate assumption of another person’s identity, usually to gain access to his or her financial information or to frame him or her for a crime.

Techniques for obtaining information include the following: 

1. stealing mail or dumpster diving 
2. stealing personal information in computer databases 
3. infiltrating organisations that store large amounts of personal information (e.g. data aggregators such as Acxiom, www.acxiom.com 
4. impersonating a trusted organisation in an electronic communication (phishing).

Finally if you get statisified with answer give good rating. Thank you

In addition to the many complex attacks, there are much simpler methods of obtaining valuable information. Because sensitive data is often not sufficiently protected, it can often be obtained visually, audibly or electronically..

Examples:

• Most IT systems are protected against unauthorized use through identification and authentication functions, for example user ID and password verification. If a password is sent through the network unencrypted, an attacker could easily read it.
• To withdraw money from a cash point, the user needs to enter the correct PIN. Unfortunately, the visual protection at these machines is often insufficient to prevent attackers from looking over the shoulder of a customer to watch them enter their PIN. If he then steals the cash point card, he can raid the account. The customer then has the additional problem of having to prove that he was not careless with the PIN, for example by noting it on the card.
• To obtain access rights to a user PC, or to remotely manipulate a PC, an attacker can send a Trojan horse to the user as an attachment disguised as a useful program. Experience has shown that, despite user education, users open e-mail attachments even if they arrive unexpectedly or have strange names. As well as causing damage directly, Trojan horses can be used by outsiders to gather information about the computer to which it was sent and about the network to which it is connected. Trojan horses are often aimed at collecting passwords or other access data.
• In many offices, the workstations are not acoustically screened off well enough from each other. Colleagues and visitors may therefore be able to listen in on conversations at adjacent workstations to obtain information that is not intended for their ears and may even be confidential.