Trends – Cyber espionage and data gangsters

Cyber attacks, data leaks and cyber espionage are some of the biggest threats that businesses face today. The scary part is that these malware attacks are done silently, without your knowledge. Before you realise what has happened, the damage has been done, and it could cost millions to repair your reputation and losses.

Threats such as these are known as advanced persistent threats (APT). Malware is used to infect a machine, creating a backdoor that will have access to sensitive information. The point of these attacks is not necessarily to cause any damage, but rather to steal sensitive information. These attacks have become incredibly complex and often difficult to detect. Modern malware codes are so sophisticated that they have the ability to rebuild continually so they are not detected.

Malware attacks are not new. In 2013, Kaspersky Lab exposed a cyber espionage campaign that focused on supply chain attacks. The group called “IceFog” focused on targets in South Korea and Japan by attacking the supply chains of Western companies.

The operation started in 2011 and exemplified a new trend involving the ability to hire small groups of attackers to perform surgical hit and run operations. If you wanted access to sensitive data from one of your competitors or to infiltrate a government organisation, you could hire these murky cyber mercenaries to do all the dirty work.

Attacks targeted sectors that included military, shipbuilding and maritime operations, computer and software development, research companies, telecom operators, satellite operators, mass media and television.

It is difficult to quantify how much data was stolen and how vulnerable these attacks left corporations. Companies do not often make these losses public in order to avoid embarrassment and litigation.

Malware and cyber attacks have continued and intensified since then. In March of this year, for example, the American Medical Collection Agency (AMCA) was breached. According to Wired, “the incident was first publicly reported at the beginning of June after the medical testing firm LabCorp said that 7.7 million of its customers had data exposed because of AMCA, and Quest Diagnostics said it had had records from 12 million patients exposed.” The exposed data included first and last names, addresses and phone numbers, dates of birth, health care provider information and medical service dates.

Companies need to become more aware of their environments in order to combat these attacks. Bring Your Own Devices (BYOD) is a cost-effective solution for many companies, but installed software and internet solutions need to be looked at and constantly maintained. What mechanisms do you have in place to ensure that data leakage does not take place on one of these devices?

Data policies are critical and often overlooked. Who has access to sensitive information and how accessible is it in your company? Social engineering is one of the biggest security gaps within companies. Any machine that has USB access is vulnerable and data can be leaked.

Who has access to your network and infrastructure? Are you outsourcing services that could perhaps make your data vulnerable? Monitoring for suspect activities on a network is key. Any unusual behaviour on your network should alert you immediately.

Data theft is on the rise at a rapid pace and it not just the multinational conglomerates that are being affected. Cyber thieves are eyeing opportunities to make money and hold organisations to ransom. Don’t let your company become a victim to these criminals. Have the right software and anti-malware installed to knock out any threats.