Stolen data, financial damage, a ruined reputation: cyber espionage can cause serious problems for any modern business. Corporate espionage has always been a reality, but with the rise of cyber spying, new threats call for innovative solutions. Who benefits from cyber espionage and what can you do to protect your business?
Apr 14, 2020 · 5 min read
Illegal cloak-and-dagger operations have been a part of politics and business for centuries. It’s not just governments spying on each other; corporate espionage – the theft of a company’s secrets – has grown ever more sophisticated and effective. Stolen data can be incredibly valuable, and just as damaging for the victim.
As corporations move their activities online, these illicit practices have evolved. Sensitive information is kept in secure databases and on private cloud storage. While there are many advantages to these new systems, they’re far from impregnable.
Cyber espionage (not to mix up with cyberstalking) often involves breaking into databases and digital spaces to acquire private data. The stolen information can then be used by rival companies or nations, or sold to the highest bidder.
There are two primary targets for cyber spies – corporations, and governments.
An attacker can use malware to extort weaknesses in a system, track activity on a device, and spy on a user’s passwords. A malicious program can be delivered through a variety of channels, often without the victim even realising that their device is infected. From spear phishing emails to malvertising redirects , cyber spies can force their malware onto a company device or server to gain the access they’re looking for.
For most corporations, their employees are the first line of defence against cyber espionage. Their personal and work devices can be attacked and used to access a larger network. With an increasing number of remote workers relying on unsecured Wi-Fi hotspots outside of the office, it’s no challenge for an attacker to hack the connection and spy on their activity.
Cracking passwords is easier than many internet users realise. Most people choose simple passwords that can be cracked in just a few seconds. If a hacker cracks the password of the right employee, they could quickly access a range of sensitive information or launch further attacks using the compromised account. Strong passwords are paramount.
Hackers can also attack databases, cloud storage, and internal systems directly. This risk becomes much more serious when a business is slow to update their software. If an organisation or its employees forget to regularly download the latest security patches for their operating systems, they leave themselves vulnerable to extortion and spying.
In 2010, a wide-ranging cyber espionage operation launched against over 20 different corporations, including tech giants like Google and Yahoo. Although the organization behind the case – dubbed Operation Aurora – were never officially identified, it's widely believed that China was to blame. The cyber spies used weak spots in Internet Explorer to hack user accounts and steal swathes of intellectual property, in a pattern that has been repeated many times since.
2006 saw one of the most extensive examples of cyber espionage to date. Using malware delivered through email links – referred to as RATs – spies targeted 70 separate organizations. Among them were The United Nations and the International Olympic Committee. Huge amounts of sensitive data was stolen, and while the culprits are still unknown, it's telling that China was the only southeast Asian country where no attacks occurred.
Another high profile cyber espionage case surfaced in 2009, with the discovery of GhostNet. By the time they were noticed, this mysterious network of cyber spies had already targeted over a thousand devices across the globe. From Germany to South Korea, embassies, government offices, and high-ranking officials had their files stolen. To this day, we still don't know for certain who was behind the GhostNet.
Despite the growing sophistication of cyber espionage strategies, there are still actionable ways for companies to protect their data. Here are six steps that you can take today to limit the risks.
Make sure all your employees are using a reliable VPN. This service will encrypt the browsing data of a connected device, making it even harder for someone to access the company’s files through a single entry point. Rolling out NordVPN Teams across employee hardware can limit the damage of a hack and improve secure communication channels within the network.
Every connected device could pose a threat to your organisation, from internal servers to employee phones. Competitors can exploit an unsecured endpoint to gain access to password protected data elsewhere within the company. Find out more about how and why to implement a company-wide endpoint security system here.
Always backup your most sensitive data and keep it encrypted. This way, even if something happens to your main database, you’ll still have your backups. Encryption adds an additional layer of protection because even if someone manages to get their hands on your files, they won’t be able to read, corrupt, or sell them online. Try looking for a cloud storage provider that offers strong encryption as well – like NordLocker.
When operating systems and softwares aren’t updated regularly, they can become vulnerable to attacks. Malware and viruses will often try to exploit the weak spots caused by outmoded systems and browsers. It’s an essential part of best practice to install all available security updates on any company hardware wherever it’s located.
A cyber espionage attack will always be more damaging if all of a company’s sensitive information is stored in one place. Keeping different datasets across a range of segregated digital storage spaces will limit how much a spy can steal in one operation. Even if a database or endpoint device is compromised, the damage can still be mitigated.
With brute-forcing programmes available online, it’s never been easier to crack a password. Employees should be made aware of the risks they run by using weak or duplicated login credentials for personal and work accounts. To buttress cybersecurity within an organisation, invest in a password manager for all workers.
Want to read more like this?
Get the latest news and tips from NordVPN