A new wave of hacker attacks

“The cyber underground economy has shifted its focus to the theft of corporate intellectual capital – the new currency of cybercrime. Intellectual capital encompasses all the value that a company derives from its intellectual property including trade secrets, marketing plans, research and development findings and even source code,” says Simon Hunt, Vice President and Chief Technology Officer, Endpoint Security at McAfee.
In January 2010 a sophisticated cyberattack, named Operation Aurora, was launched to steal information from Google and at least 20 other companies. A coordinated and covert series of attacks targeting oil, gas and petrochemical companies, dubbed “Night Dragon”, stole a treasure trove of secrets, including bidding documents on new drilling contracts.
Nasdaq, the global exchange operator, had its systems breached last year, when attackers targeted a part of its website storing confidential information on behalf of companies, such as corporate strategy documents and M&A targets under consideration. Law enforcement authorities think the raid was corporate espionage against one of the companies whose data is held on the website, rather than a cyberterrorism attack on the US financial markets.   
The consequences of an attack can be immense. A quarter of companies have had a takeover or a new product launch delayed or derailed because of a data breach or a credible threat of one, according to a study conducted by McAfee.

Valuable IP at risk
Much more of a company’s value is now tied up in what it knows rather than in its physical assets than it was in the past. But keeping corporate information confidential is becoming harder, with more staff using mobile devices to keep in touch with the office while they are out and about, stretching corporate firewalls further and further. Many companies have also become leaner by opting to use cloud computing and offshoring data and processes to other companies. A recent Lloyd’s 360 Risk Insight report on digital risks identified increasing connectivity and cloud computing as two key trends risk mangers should be aware of and plan for.
Corporate networks have become more vulnerable because trade secrets are being shared between employees through emails every day. Nearly two-thirds of companies told McAfee that trying to make mobile devices secure was a major headache. 
That is no wonder, because hackers are increasingly targeting smartphones and tablet computers. In 2010, there was a 46% rise in the number of new “malware” found for mobile devices compared to the previous year. In March Google removed 58 malicious apps from its Android Market, but not before they were downloaded to about 260,000 devices.
The personal details of 114,000 American iPad owners, reportedly including the former White House chief of staff, members of the US Senate and House of Representatives, NASA and Department of Homeland Security employees, were obtained by hackers through the website of telecoms firm AT&T, which sells the 3G-enabled tablets in the US.

Sophisticated hackers
Companies are well aware of the threat of cyberattack and are spending heavily to try to protect themselves. In China, Japan, United Kingdom and the United States, organisations are on average spending more than $1 million a day on their IT. In the United States, China and India, organisations are on average spending more than $1 million a week on securing sensitive information abroad, says McAfee. Most expect to spend even more on IT security in the future. But despite the increasing spending, the solutions are often reactive, rather than trying to stay one step ahead of the hackers.
Companies are increasingly aware of the threat of data leaks from within their organisations and have started to watch casual or contract employees more closely and use behavioural analysis software to spot suspicious activity on the corporate network.
But many firms make the work of cybercriminals easier by doing little to protect information on the company’s corporate culture or structure, such as in employee manuals or through emails.
This information could prove useful for hackers to mount “social engineering”, in which they pose as employees to penetrate a corporate network. Once a sophisticated attacker infiltrates a network, they steal valid credentials on the network and operate freely – just as an insider would.
“No company can guarantee that their information is 100% secure at all times,” says Ben Maidment, Privacy and Cyber Technology Underwriter at Brit Insurance. “All they can seek to do is make sure they are as well protected as they can be and that means involvement at all levels of a company: from the Board assigning the required importance and budget to information security, through the Risk Management, Legal & Compliance and IT departments putting in place the technical and procedural protections, all the way down to individual employees ensuring that procedures are followed and they are aware of their role and responsibilities.”   

Comments

No comments