Cyber-spying threat growing in scope, global security leaders say

3 Aug 2011

Senior security executives from some of the world’s largest corporations have warned that becoming victim to cyber attacks and corporate espionage is a matter of when, not if.

The Security for Business Innovation Council (SBIC) is a group of security leaders from companies including Coca-Cola, Nokia, SAP, FedEx, Johnson & Johnson, eBay and JPMorgan Chase.

A new report from the group examined the shift in the threat landscape affecting businesses targeted for corporate espionage and sabotage. Its authors claim that for most organisations, it is a matter of when, not if, they will be targeted by advanced threats. 

Advanced persistent threats – security industry speak for corporate espionage – has moved from the defence sector and government agencies to private-sector organisations, with the goal of stealing valuable intellectual property, trade secrets, corporate plans, access to operations and other proprietary data.

The term advanced persistent threat originated to describe a nation-state gaining access to a network to extract national security data over long periods of time. Recently, the term has broadened as attackers not affiliated to nation-states use similar techniques. 

Rather than gain entry through the network perimeter, today’s attackers target human vulnerabilities, exploiting end users through social engineering techniques and spear phishing which is targeted at small groups or even individuals.

The SBIC report offers seven defensive measures against escalating advanced persistent threats: 

·         Make intelligence gathering and analysis the cornerstone of your strategy

·         Activate smart monitoring to know what to look for and set up your security and network monitoring to look for it

·         Reclaim access control by reining in privileged user access

·         Train the user population to recognise social engineering tricks and compel them to take individual responsibility for organisational security

·         Manage expectations of executive leadership by ensuring the C-level realises the nature of combating advanced persistent threats is fighting a digital arms race

·         Re-architect IT by moving from flat to segregated networks, making it harder for attackers to roam the network and find crucial data

·         Sharing threat intelligence with other organisations to pool knowledge about the threats.

“Cyber criminals have aggressively shifted their targets and tactics and defending against such determined adversaries will challenge organisations to think about IT, information security and intelligence exchange in entirely new ways,” said Jason Ward, Irish country manager of EMC, parent company of RSA which is a member of the SBIC.

“Irish companies and public bodies must be aware of the new threats and ensure that they are adequately prepared to prevent them crippling their infrastructure or leaking important information,” added Ward.

Jason Ward will be part of the panel discussion and Q&A with Lord David Puttnam at the Digital Ireland Forum – Friday, 30 September, 2011

Gordon Smith was a contributor to Silicon Republic