In a post-pandemic world riddled with digital attacks and a hyper-partisan political landscape, access to accurate and vetted intelligence is like finding a needle in a haystack. But intelligence is a critical resource in the fight to stay current with threat actors. In a world so dependent on staying connected, as a network defender, you need to understand actors’ motivations and know their tactics, techniques and procedures they leverage in order to properly mitigate current and future threats.
The first step is understanding the threat landscape, and more explicitly, understanding why your organization could be at risk. Generally speaking, organized criminals and advanced threat actors use a wide variety of tactics and techniques for the purposes of commercial or financial based crime. Typically, their main objective is to steal confidential corporate intel such as trade secrets, employee records, test results, etc. The impact of this theft also impedes citizens’ fundamental rights, world economy, and employment. For instance, the European Center for International Political Economy estimated a €55 billion loss, and 289,000 jobs were put at risk due to cyber espionage in the EU alone.
Common Techniques Hackers Use to Steal Intel from an Organization
Web scraping or web harvesting is a technique used by threat actors to extract data from targeted sites. While web scraping can be done manually by a human user, the term typically refers to an automated process this is implemented using bots or web crawlers. Let’s take a look at recent case and how this tactic was used in an attempt to steal proprietary data. Compulife Software Inc. is a company that provides services for calculating, organizing, and comparing life insurance quotes. NAAIP, a competitor of Compulife, intentionally hired a hacker to collect proprietary intel from Compulife’s public portals using scraping bots that were targeted at their transformative database. The web crawlers extracted all insurance quotes related to two zip codes in the US. NAAIP then used the stolen data to generate quotes on their own competing website, which in return leveled the playing field.
Another technique used by threat actors to steal organizational data includes spear phishing. Spear phishing is a targeted attempt to steal sensitive information such as account credentials or financial information from a specific victim, often for malicious reasons. It’s also the most successful form of acquiring confidential information on the internet and a tactic Redcurl, a persistent threat group, utilizes. Their primary objective is worldwide corporate espionage. In less than three years, they successfully stole data from dozens of companies, small and large, private, and public.
Types of Organizations Hackers Target
Threat actors in the modern digital world are becoming highly organized. While it’s true, their targeting can include any organization, they often prefer victims who either have a large dependent userbase or sensitive information. Threat actors have no respect for how many years of hard work you put into growing your enterprise or the cause behind the non-profit organization they knocked offline. At the end of the day, they are all targets so long as they have money, a large userbase and/or information that can be sold.
What You Can Do Immediately to Prevent Industrial Espionage?
Crime pays, as more people and devices become connected in the wake of digital transformation, ways for cybercriminals to profit continue to emerge. But you can prevent these threat actors from completely crippling your operation with DDoS protection designed to protect your network infrastructure be it in a private or public cloud or an on-premise data center. When shopping for a security vendor, keep service availability and intelligence at the forefront. Downtime leads to lost revenue, reputational damage (tough and slow to build back up), and angry customers (who won’t come back and purchase from you), none of which you can’t afford to lose in the long run.