Recently, the US government announced that a major data breach, likely backed by Chinese hackers, had exposed the data of over 4 million government workers. Government officials believe this incident could be one of the largest breaches of federal employees' data.
Though drastic, this is just one of many episodes demonstrating the rise of cybercrime. The number of cyberattacks on the global scale is constantly increasing, with a growing number of advanced persistent threat (APT) groups having run cyberespionage campaigns under the radar for years. The primary targets of these attacks are government agencies, companies operating in various industries (e.g., military, energy) and non-governmental organizations.
Just as frightening are the rising costs of cybercrime: According to a recent Ponemon Institute study, the average cost of a data breach has reached record levels. For governments, the impact of cyberattacks is especially dramatic, particularly when private documents are exposed. And cybercriminal activities are costing the global economy billions per year; in fact, a report published in June 2014 by the Center for Strategic and International Studies estimates the likely annual cost of cybercrime to the world economy at more than $445 billion.
Cybercrime can significantly alter the social texture of any country, damaging trade and competition and affecting the growth of the global economy. But many intelligence analysts are also aware of its effects on Homeland Security. In a recent CA Veracode webinar, entitled "Cyberespionage: The New Paradigm," Senior Security Program Manager Gearóid O'Connor explores the tactics, techniques and procedures adopted by criminal crews worldwide, and provides useful suggestions that enterprises can follow to protect themselves and their digital assets. Before you review the webinar, spend some time learning more about major cyberthreats and how they operate:
In the majority of cases, behind long-term cyberespionage campaigns are groups of state-sponsored hackers who are interested in stealing secret information and intellectual property from their victims. In a few cases, principal security firms have identified groups of cybermercenaries that apparently conducted hit-and-run campaigns against many targets in order to sell their services to governments worldwide.
Common cyberespionage operations are characterized by highly sophisticated techniques and tactics. Often, threat actors use zero-day exploits in conjunction with consolidated hacking methods, such as spear phishing and watering hole attacks. Their main purpose is to infiltrate target networks and infect systems in order to steal sensitive data.
Gathered data can also be used for lateral movements within targeted systems. This means attackers could compromise a government system in order to gather information that could allow them to breach other targets.
A common tactic adopted by APT groups is to compromise networks that have business partnerships with their primary targets, usually the government and military offices. Why? Simply put, it's because these entities share tons of sensitive information that hackers can use to penetrate those systems. And because the majority of these companies lack proper security, doing so is relatively easy. In order to avoid a dangerous domino effect, it's important to share information about principal cyberthreats. Enterprise personnel must be informed about cyberespionage activities, recognize the risks of exposure with regard to their firms, and understand how best to protect their assets.
Want to learn more about how you can protect yourself against cyberespionage? Check out CA Veracode's webinar.
Photo Source: Flickr