March 29, 2011
Trade And Business Secrets Popular With Hackers
According to a new study, intellectual property and business secrets are quickly becoming popular targets for cyber hackers and thieves.
Research and a subsequent report by Web security firm McAfee found that hackers are specializing in stolen trade secrets, marketing tools, R&D reports and source codes from corporate networks. As many companies make the move into cloud or third-party hosting networks, McAfee is urging them to scrutinize those who are looking after their data.
"Cyber criminals are targeting this information based on what their clients are asking for," Raj Samani, chief technology officer in Europe for McAfee, told BBC News.
While in the past some business data had always been stolen when hackers compromised computers with viruses, Samani said that now there exists a market for the data that is being scooped up.
The report highlighted cases in several countries, including Germany, Brazil and Italy. Trade secrets were stolen from businesses by either an insider or cyber thieves who were able to get hold of data through a well-planned attack.
McAfee's report said that some companies made the attacks by cyber criminals easier because they did little to censor their emails and other messages and keep their corporate information safeguarded.
Such information could prove useful for criminals who pose as employees and then penetrate corporate networks more easily.
Samani said that thefts of intellectual property and key documents could be hard for companies to detect. "You may not even know it's stolen because they just take a copy of it," he said.
The threats are becoming harder and harder to defend against because key workers with access to the most valuable data are using mobile devices when away from the defenses surrounding a corporate office.
"Smartphones and laptops have crossed the perimeter," Samani told the British news agency.
The Stuxnet virus, which was first detected in 2010, targeted industrial plant equipment. In 2011, attacks are being targeted toward petrochemical firms, the London Stock Exchange and the European Commission, as well as other crucial systems.
As firms begin to rely on cloud-computing services to make their data easier to retrieve, they also have to work harder to ensure they know and trust who is handling their corporate information, said Samani.
Otherwise, companies may find themselves losing the trust of their customers if a breach occurs, and they may also attract the attention of regulators and officials, he added.
"You can transfer the work but you cannot transfer the liability," Samani said.
On the Net: