0800 231 5914
Tweet Share

Mon, 07 Nov 2011
Big Business Most At Risk of Expert Hackers

Targeted cyber attacks are on the rise and big businesses with valuable assets and a number of key senior figures are most at risk.

A group of security experts issued a warning at a panel debate in October to businesses planning mergers or acquisitions or the launch of a new product, saying they are "primary targets for incredibly sophisticated organised cybercrime units".

Stuart Coulson, security expert at hosting firm UKFast used Apple as an example of a corporate giant that will always be on the radar of cybercriminals: "High profile individuals are targeted because they have access to certain data. Apple employees for example, during the launch of a new product, might be specifically targeted. And off the back of that, the journalists covering that could be targeted with spam emails disguised by details of the release and a picture of the iPhone 5, for example."

Mike Small, analyst at KuppingerCole said: "Although there is large proportion of opportunistic attacks, the nature of the hacker has changed dramatically from the script kiddie - the youth wanting to prove ascendency over the machine - to groups of people that are specifically after certain valuable things from certain organisations and they will get that by researching the individuals within those organisations that might give them an in and they will attack that individual in whatever way they can.

"But they will do it in a way that is silent, they won't disable computers or blow the systems, they will get in and use the information they collect to make the hit and to steal information that can be used in all kinds of ways.

"Knowing about mergers and acquisitions before they occur gives you leverage on the stock market. Intellectual property is extremely valuable too."

Small cited the example of RSA Security - a firm that resorted to replacing the SecurID tokens to any customers that asked after it had been hacked - to highlight the potential costs to big businesses that have their data compromised.

"That could run into the billions for that business. Similarly, drugs companies with recipes for new drugs should understand how valuable that kind of information is and protect it accordingly because those recipes can be very, very valuable.

"Targeted attacks are the things of the future and organisations need to be very careful to avoid them."

Dr Daniel Prince from Lancaster University said: "Organised crime units are essentially fully-functional businesses. Organised criminals are incredibly intelligent people. They are taking the best practices from businesses and applying them without any of the rules that businesses have to adhere to. They are very sophisticated and they have business continuity plans. We need to stop treating them like organised crime units and treat them like a business."

Andrew Frowen, managing director of Intaforensics, discussed the "internal threat" in more detail: "Everybody wants the newest device and within hours of the release of the Apple IOS 5, millions of people had downloaded it and were signing up to cloud services, most of whom were unaware of what they were doing. Those same devices are connected to corporate exchange servers so we have a conduit between the corporate network and the cloud on an employee's phone.

"A lot of corporates that I deal with when I carry out examinations of Blackberries and smart computers, aren't aware of how transparent it is when the data moves between the corporate network and outside of it. There is a lot of research around perimeter security but we are ignoring the internal threat, and this is the Achilles heel."

Return to news headlines

Print this article print this article.


Call now on 0800 231 5914 to discuss your IT solutions with one of our consultants

Talk to a Consultant Send an Enquiry