Governments have been using cyber espionage to spy on one another almost as long as the Internet has been around. Likewise, cyber crime is nothing new. Until relatively recently, the two were distinct. Governments stole military secrets from other governments, and criminals stole money from banks and private enterprises.
Now the two have come together. Companies must deal with hackers backed by foreign governments out to steal trade secrets, research data and other valuable information. The recent accusation of five Chinese military officials on hacking charges is just the latest development in a dispute that has been simmering for several years.
Most companies don’t have the unlimited resources of the government, so let’s look at some simple ways every company can keep their intellectual property safer.
Don’t open unexpected emails
A surprising number of attacks begin with an employee at the victimized company opening a phishing email. These emails carry a malware attachment or contain a disguised link that directs the reader to a web site that installs malware on the host computer. Once the computer is compromised, the attacker can use it to steal data directly or impersonate the user and send more phishing emails to gain greater access. Instruct employees not to open any emails they were not expecting, and to verify directly with the source if they receive a message that might be suspicious.
Keep antivirus updated
Antivirus software is an important first line of defense against malware, but you can’t rely on it totally. Hackers with government backing can create their own malware from scratch, and new malware may not be recognized as a threat. Still, many attackers are not so sophisticated and use variants of known malware.
Keep software and operating systems updated
Sometimes a savvy hacker doesn’t even need malware to crack a system. The recent Heartbleed bug is a good example. It affected webservers running OpenSSL and only required a hacker to send a command to an afflicted server to have it return potentially valuable data from a random chunk of memory. A fixed version was released the same day the bug was officially announced, but more than a month later almost 1,300 of the 200,000 most popular web sites were still vulnerable to Heartbleed.
When a software developer releases a security fix or patch, you can bet hackers are looking to exploit computers running older versions. Update your computers as soon as possible.
Keep private meetings safe from clandestine cell phones
While cyber attacks are in the news, sometimes trade secret theft takes place in person. In today’s business world, almost everyone carries a cell phone of some type. Even basic feature phones have the ability to record voice notes and low-resolution video. A smartphone can take HD pictures and video and record hours of conversation. Our line of cell phone detection products can sniff out phones whether they’re on or off, so you can keep your confidential meetings safe from electronic ears.