Cyber-attacks can come from a variety of sources: foreign criminals, nation-states, script kiddies, hacktivists. But many still originate from the corporate sector; competing industries hacking into each others’ systems to steal company secrets. This shadiness in the business world is nothing new. But what you might not know is that even small and medium-sized businesses are increasingly becoming the target of this cyber-espionage.
According to a new report from PricewaterhouseCoopers, cyber-espionage is no longer restricted to governments and large international companies. Small and medium-sized businesses are potentially at risk. PwC’s report cites the London-based security intelligence agency MI5 sent a confidential letter to 300 U.K. businesses warning them of a coordinated, web-based cyber-espionage campaign.
But industrial cyber-espionage attacks are more targeted to specific organizations. These cyber-espionage attacks are usually considered “advanced persistent threats” because they have the capability and intent to effectively target a specific entity over a long period of time. Ultimately, industrial cyber-espionage attacks attempt to gain an advantage, either by theft or damage or both.
So what are your chances of being the target of industrial cyber-espionage? The answer depends on what your business does and what kind of competition you have. Charitable organizations are probably in the clear, but defense contractors are at a high risk of attack. If your company has any proprietary information that could benefit a competitor, or if a competitor has something to gain by causing harm to your business, then there is a risk.
But even if you take information security seriously to protect from outside attacks, what about attacks that originate from inside your organization? It’s rare, but disgruntled, bribed, or corporate spies may already be working from within your company. They would have intimate knowledge of your organization and your data access methods. Armed with this knowledge, these malicious insiders can be far more dangerous to your business than any outside threat.
In order to detect and stop these malicious insiders, check out this whitepaper How To Detect And Stop Malicious Insiders In Your Organization. It looks at what motivates them, how they might harm or steal your data, and what steps you can take to stop them.