Security risk management: state-backed data spies hunt industrial secrets

If you ever doubted that security risk management was critical for businesses and enterprise, then your opinion might be changed after reading the information contained in the recent Verizon report. The latest study was published to coincide with Infosec – an annual security conference in London.

According to Verizon, state-sponsored industrial espionage became a much bigger cyber-threat to companies in 2012. State-backed data spying is officially the number two cyber-threat. Top of the list, unsurprisingly, were hackers looking to steal money and liberate valuable assets after breaking into corporate networks. The Verizon-sponsored survey generated its statistics by looking into reports of real data breaches suffered by corporations around the world. For the 2013 report it analysed more than 621 separate breaches.

From a corporate point of view the most worrying statistic the Verizon report identified was that companies often failed to address the issues of network security and failed to undertake vulnerability assessment testing. The problem is widespread and insidious. Many of the companies whose assets had been raided did not realise that their security had been breached or that their data had been stolen for months after the event.

While hackers had financial motives in 75 per cent of the cyber-attacks analysed for the report, in 20 per cent of cases the perpetrators were exclusively searching for trade secrets or intellectual property, it claimed:

“The number one statistical change we noticed is the level of state-sponsored espionage,” said security analyst Wade Baker, lead author on the report. “That’s a lot higher.”
He added that in 2012 the problem had escalated to such a degree, that it was felt that espionage-motivated attacks now merited their own cyber-threat category.

Many of the state-backed attacks used phishing campaigns in order to get a foothold in a target company. Once successful the attackers then penetrated deeper into the networks. The report suggests that these sort of tactics that would have been spotted had company systems been regularly tested for vulnerabilities. Of all sectors it was manufacturers and transport companies that appeared to be most at risk from state-sponsored espionage.
According to Mr Baker, attackers were generally unfussy and would use any tactic that got results when seeking to penetrate networks. Attackers used booby-trapped web pages, vulnerabilities in popular applications, social engineering and many other tactics to gain access. Worryingly malicious hackers managed to gain access despite the widespread use of security tools that aim to spot and stop intrusions:
“We do not get the sense that we are forcing these bad guys to change their methods because we have shored up all the holes and security problems. I would like to see that but I don’t. They are getting in without changing their tactics and using the same attack against a large number of victims.”

Verizon has urged companies to take every necessary precaution if they are to limit their vulnerabilities and protect themselves in the future. The primary task was to eliminate useless data and focus security on vital company information instead. He also encouraged companies to share information about attackers so all the members of a business sector were on their guard.

If your business needs help with security reviews, penetration tests or web security solutions from Barracuda Networks, Check Point, Alien Vault and Netwrix, please contact Krypsys on 0845 474 3031 or [email protected].