Monday, March 28, 2011

Hackers target business secrets

Intellectual property and business secrets are fast becoming a target for cyber thieves, a study suggests.

Compiled by security firm McAfee, the research found that some hackers are starting to specialise in data stolen from corporate networks.

McAfee said deals were being done for trade secrets, marketing plans, R&D reports and source code.

It urged companies to know who looks after their data as it moves into the cloud or third-party hosting centres.

"Cyber criminals are targeting this information based on what their clients are asking for," said Raj Sumani, chief technology officer in Europe for McAfee.

He said that some business data had always been scooped up when net thieves compromised PCs using viruses and trojans in a search for logins or credit card details.

The difference now was that there exists a ready market for the data they are finding. In some cases, said Mr Sumani, thieves were running campaigns to get at particular companies or certain types of information.

Perimeter defences

Thefts of intellectual property or key documents could be hard to detect, said Mr Sumani.

"You may not even know it's stolen because they just take a copy of it," he said.

Defending against these threats was getting harder, he said, because key workers with access to the most valuable information were out and about using mobile devices far from the defences surrounding a corporate HQ.

"Smartphones and laptops have crossed the perimeter," said Mr Sumani.

The report comes in the wake of a series of incidents which reveal how cyber criminals are branching out from their traditional territory of spam and viruses.

2010 saw the arrival of the Stuxnet virus which targeted industrial plant equipment and 2011 has been marked by targeted attacks on petrochemical firms, the London Stock Exchange, the European Commission and many others.

Mr Sumani said that, as firms start to use cloud-based services to make data easier to get at, they had to work hard to ensure they know who can see that key corporate information.

Otherwise, he warned, in the event of a breach, companies could find themselves losing the trust of customers or attracting the attention of regulators.

"You can transfer the work but you cannot transfer the liability," said Mr Sumani.



Powered By WizardRSS.com | Full Text Feeds | Amazon PluginsHud-1

0 comments: