Corporate espionage series: State-sponsored hacking

Jun 26th, 2014 / Category: Managed File Transfer

When people imagine a cybercriminal, they might think of a tech-savvy loner working from a dark basement. Or perhaps they're aware of the growing underground cybercrime syndicates, which are emerging as sophisticated, well-organized criminal forces. However, there's another type of cybercriminal that's perhaps surprisingly prevalent in today's digital world: state-sponsored hackers.

Countries highly concerned about cybercrime 
As ZDNet recently explained, state-sponsored cyberattacks aren't always brought to the public eye, but they're an incredibly significant national security threat. For example, the United Kingdom's National Security Strategy categorizes cyberattacks as a "tier one" threat, with agencies warning that the danger has swiftly moved from the realm of the theoretical to the actual in the last few years, the source added.

As a case in point, ZDNet reported that a group controlled by a foreign government succeeded in gaining access to the U.K. government's secure network through a system administrator's account. 

Governmental organizations aren't the only targets for these kinds of attacks, either. The United States has been on edge about cybercriminal activity originating in China and focusing on stealing American trade secrets. As EconoMonitor indicated, the U.S. filed criminal charges against hackers in the Chinese military in May. Companies impacted by this attack included Alcoa Inc., Allegheny Technologies Inc., United States Steel Corp., Toshiba Corp. unit, Westinghouse Electric Co., and others. 

According to CSO Online, a recent study that pointed to the correlation between geopolitical conflict and increased threat of cyberattacks also noted the likelihood that much of this criminal activity is tied to state-sponsored hackers looking to assist state operations.

Home-grown threats 
Within the U.S., controversy continues over cyberspying conducted by the NSA and other federal agencies. Although information technology companies have been outspoken asking the government to reform its practices and respect privacy, the activity remains a concern as companies explore the Internet of Things and other forms of highly connected services. The government has been linked to "back-door" weaknesses in key encryption algorithms and other programs, which may enable agencies to easily tap into companies' and consumers data.

In light of the threats from foreign governments, U.S. agencies have expressed concern over a shortage of information security professionals with the knowledge and skills necessary to curb sophisticated attacks. At the same time, organizations should seek ways to bolster their defenses against cyberattacks, regardless of the source or purpose.