“We have just seen the tip of this iceberg. The economic threats of cyberespionage are a lot worse than you think,” says Harry Sverdlove, CTO of the security firm Bit9 Inc. “Most businesses have already been probed, even if they do not know it.”
Suddenly, this is front-page news, and it is not about malicious hackers, nor is it about cybercriminals seeking to loot bank accounts. This is “game on” where the object, say the experts, is to pilfer a company’s intellectual property. And the perpetrators are apparently state-sponsored (read China).
If these experts are right, while most eyes are on Stuxnet and Zeus, the real action is focused on a systematic ransacking of trade secrets and intellectual property of companies in the US, the UK, and throughout Europe.
This loud warning was sounded recently in England by Major General Jonathan Shaw, head of the Ministry of Defense’s cybersecurity program, who told the Telegraph: “The biggest threat to this country by cyber is not military, it is economic.”
To prove his point, Shaw indicated that numerous UK businesses have shuttered precisely because their IP was looted. “If the moment you come up with a brilliant new idea, it gets nicked by the Chinese, then you can end up with your company going bust.”
According to Shaw, cyberespionage has cost the United Kingdom about $43 billion, and that is a number big enough to get attention.
Small and midsized businesses are emerging as the primary target of cyberespionage, say the experts. “Small and midsized businesses… often do not invest in the resources to protect themselves. They rely on antivirus and a firewall, and that is not sufficient to defend against well organized, state-sponsored attackers,” says Don DeBolt, director of threat research for Total Defense, an Internet security company.
“These attacks are happening every day. IP is being stolen every day,” says DeBolt.
And the attacks are happening to all kinds of companies. That’s a conclusion of McAfee’s so-called Shady Rat research, which has documented intrusions into 71 targets. The list is dazzlingly diverse, with real estate firms, accounting firms, government agencies, defense contractors, and many more included.
“They are interested in everything,” says Sverdlove, and no business -- no matter how small or obscure -- should count itself safe. “If you have IP of value, they want it.”
Sverdlove goes on: “I talk at a lot of conferences about these cyberattacks, and everybody who attends has a story about an attack. These are advanced persistent threats -- nation states have identified target companies, and they have assigned teams to gather the information they want. Day in, day out, they try. They have the patience of Job.”
Traditional cybercriminals usually give up when they run into high security walls, he said. They want quick payoffs -- the Internet equivalent of an old-fashioned bank stick-up -- and they do not have the resources or inclination to persistently probe for weaknesses. The state-sponsored crooks are a different breed: “They keep coming back, they keep probing, and they are finding and exploiting vulnerabilities.”
Do all the attacks originate in China? Right now, say the experts, the digital fingerprints appear to be Chinese, but there is recognition that capable cyberspies (perhaps in Russia, South Korea, Israel, or France, to name nations often cited) are well able to generate false trails. Exactly who is behind the present wave of economic attacks is not known, but the damage to looted businesses keeps mounting.
That is why the experts are raising a plea for simple steps by small and midsized businesses to ward off at least some attacks: “About 80 percent of our cyberproblems are caused by what I call poor cyberhygiene,” Major General Shaw told the Telegraph. “Many of them would go away if our cyberhygiene was better.”
DeBolt says a lot of vulnerability traces back to plain failure to do easy things such as patching browsers and upgrading to late model OSS. “Where you can upgrade, upgrade. You will be much safer.”
Bottom line: Companies need to assume they will be attacked, and, that understood, the only real question is: What are you going to do about it?
No comments:
Post a Comment