Cyber espionage: the risks are rising
Enterprises are not taking the threat of cyber espionage seriously enough and many have not taken adequate steps to prevent an attack, according to a new study from Ovum, Protecting against cyber espionage.
The view of Graham Titterington, Ovum principal analyst, that cyber criminals are graduating from stealing credit cards and personal banking credentials to targeting corporate plans and proprietary information is supported by research by the UK Cards Association. It reports that online banking fraud losses in the UK were down to £46.7 million last year, which represents a 22% decrease from 2009.
“They [criminals] want valuable information such as product and technology blueprints, customer lists or information that can be used to embarrass or disadvantage a victim,” said Ovum's Titterington. “Almost every organization has information that would damage it if it were to be leaked out. However, many have overlooked cyber espionage in their preoccupation with preventing the theft of financial data. This needs to change.”
Cyber espionage is usually aimed at key individuals within an organization, who are sent spear phishing emails containing malicious links or attachments that infect their machines. The criminals then use malware to identify assets, decrypt login details and steal the target information.
Where once cyber crooks were content with random attacks, they are now highly focused and targeted at specific entities. Well-coordinated attacks such as Night Dragon (a series of cyber attacks starting in 2009 that targeted proprietary operations and project financing information on oil and gas field bids and operations) are on the rise according to McAfee’s chief technology officer, George Kurtz.
The Ovum report advises enterprises to restrict the distribution of sensitive information, vet users who have access to high value information, protect data held on third party sites and conduct a risk analysis, including mobile devices and removable media.
It also warns enterprises that holding large amounts of data can increase the risk of falling victim to cyber espionage and that they should look to minimise volumes. “Every piece of stored data and every copy of this data is a potential leakage incident,” added Titterington. “The increasing volume of data makes it harder to manage the entire data estate. The growth in data volumes should be examined critically. At minimum, organizations should make more use of shared data infrastructure and services so individual users can be discouraged from creating their own copies.”