Thursday, June 26, 2014
Corporate espionage series: State-sponsored hacking
State-sponsored hackers constitute a significant national security threat, as well as a problems for individual organizations.
Secure File Transfer
When people imagine a cybercriminal, they might think of a tech-savvy loner working from a dark basement. Or perhaps they're aware of the growing underground cybercrime syndicates, which are emerging as sophisticated, well-organized criminal forces. However, there's another type of cybercriminal that's perhaps surprisingly prevalent in today's digital world: state-sponsored hackers.
Countries highly concerned about cybercrime
As ZDNet recently explained, state-sponsored cyberattacks aren't always brought to the public eye, but they're an incredibly significant national security threat. For example, the United Kingdom's National Security Strategy categorizes cyberattacks as a "tier one" threat, with agencies warning that the danger has swiftly moved from the realm of the theoretical to the actual in the last few years, the source added.
As a case in point, ZDNet reported that a group controlled by a foreign government succeeded in gaining access to the U.K. government's secure network through a system administrator's account.
Governmental organizations aren't the only targets for these kinds of attacks, either. The United States has been on edge about cybercriminal activity originating in China and focusing on stealing American trade secrets. As EconoMonitor indicated, the U.S. filed criminal charges against hackers in the Chinese military in May. Companies impacted by this attack included Alcoa Inc., Allegheny Technologies Inc., United States Steel Corp., Toshiba Corp. unit, Westinghouse Electric Co., and others.
According to CSO Online, a recent study that pointed to the correlation between geopolitical conflict and increased threat of cyberattacks also noted the likelihood that much of this criminal activity is tied to state-sponsored hackers looking to assist state operations.
Within the U.S., controversy continues over cyberspying conducted by the NSA and other federal agencies. Although information technology companies have been outspoken asking the government to reform its practices and respect privacy, the activity remains a concern as companies explore the Internet of Things and other forms of highly connected services. The government has been linked to "back-door" weaknesses in key encryption algorithms and other programs, which may enable agencies to easily tap into companies' and consumers data.
In light of the threats from foreign governments, U.S. agencies have expressed concern over a shortage of information security professionals with the knowledge and skills necessary to curb sophisticated attacks. At the same time, organizations should seek ways to bolster their defenses against cyberattacks, regardless of the source or purpose.