Defend your virtual borders
We recently wrote on the NY Times Hacking and what it means to you, but the latest news from the world of cyber-threats makes that attack look like small potatoes.
In a groundbreaking move, U.S. computer security firm Mandiant released a 60-page account of activities conducted by a hacking group that is, in all likelihood, under the direction of the Chinese military. Mandiant has even gone so far as to track the group down to its base of operations in an unassuming Shanghai office block.
According to Mandiant, and every intelligence agency in the States, this group, nicknamed “Shanghai Group” or “Comment Crew” has been launching sophisticated attacks to steal valuable insider information for years. This quote, from a NY Times article by David Sanger, David Barboza and Nicole Perlroth has more details:
Mandiant has watched the group as it has stolen technology blueprints, manufacturing processes, clinical trial results, pricing documents, negotiation strategies and other proprietary information from more than 100 of its clients, mostly in the United States. Mandiant identified attacks on 20 industries, from military contractors to chemical plants, mining companies and satellite and telecommunications corporations.
Mandiant’s report does not name the victims, who usually insist on anonymity. A 2009 attack on Coca-Cola coincided with the beverage giant’s failed attempt to acquire the China Huiyuan Juice Group for $2.4 billion, according to people with knowledge of the results of the company’s investigation.
Even more worrisome, in recent years the group appears to have concentrated efforts on gaining access to computers that control critical infrastructure such as power grids and gas lines by attacking the vendors that service those systems.
Our dependence on web technology has facilitated amazing growth, but that growth has been so fast that we have severely outpaced our ability to defend ourselves against threats like those posed by the Comment Crew.
Education is the way
Besides beefing up Internet security and web protocols, what crisis management steps can individual organizations take to help prevent the risk of becoming a cyber-victim?
The number one step you can take is to ensure everyone in your organization is educated and trained in the ways of hackers. Even with the massive sophistication of the Chinese attacks, the vast, vast majority of infiltration was done by using simple phishing attacks – essentially fake emails that trick the reader into clicking a link or downloading a file that contains malware.
Teach employees what to watch for, and, as bad as it may sound, encourage a culture of paranoia when it comes to web security. Vigilance is the key to winning this war.
Will it waste some of the precious time that we’re all starved for to confirm with the boss that he actually sent you that “important document?” Unfortunately, yes.
Will you be thanking your lucky stars when he tells you that he hasn’t sent an email since his computer mysteriously crashed three days ago? You bet.
The BCM Blogging Team