Nation State Hacking Has A Big Commercial Impact

What impact does the long standing practice of State sponsored hacking to steal secrets and influence elections have on the business world?

It seems that cyber-espionage is on everyone’s mind these days. Fierce allegations are being made by US officials, claiming that Russian hackers interfered with the US election process. One of President Obama’s last act in office was to issue sanctions against alleged Russian hacking. But is this really surprising?

Nation states have been spying on one another since biblical times, the only thing that’s really changed are their methods. Instead of sending spies to infiltrate high ranks of political parties, nations can now utilise even more subtle, and less risky methods to achieve an even greater political and diplomatic impact.

In fact, America is certainly not alone; it is known that the NSA wiretapped Greek officials prior to, and during, the 2004 Athens Olympics.

‘The Athens Affair’, however, was over a decade ago. Today, the process is much simpler. Instead of hacking telephone networks, wiretapping, recording, and processing thousands of hours of calls, one simply has to hack a single email server to gain access to millions of emails and documents, all ready and waiting to be leaked at the right moment. For instance, with the goal of tarnishing a political candidate’s reputation.

Impact on the Enterprise

The question remains: what does this have to do with the business world? Well, due to the peculiar nature of cyberspace, the lines between nation states, hacking groups, hacktivists and cyber criminals are blurred. Russia makes extensive use of “patriotic” (read: nation state sponsored) hacking groups, as does China and Iran.

These “Blackhats” hackers are sent to do their nation’s dirty work. They operate with guidance and are backed by substantial resources, all with plausible deniability of the regime that employs them. However, because the lines are so blurred, hackers will often use the information they find, or the tools they possess, for personal gain. The methods that they perfect to hack and steal sensitive information from other nations can be used by them, the next day, to hack corporations.

Data Dumps

Hackers use data dumps to scourge and identify information which they can then utilize to hack organisations. In the process they may find information which could be used to hack corporations, which they will gladly use or resell. We’ve written in the past about the danger emanating from data dumps and password reuse  and it is advised that enterprises enforce policies preventing password re-use and monitor dump sites regularly to identify information leakage.

Playing the Supply Chain

In more sophisticated cyber-espionage operations, hackers retreat down the supply chain and try to hack the weakest link. For example, it is difficult to hack the US Department of Defence networks, in order to gain intelligence about the next generation of aircrafts the US is building.

It is far easier to hack the defence contractor who manufactures these aircrafts, simply because such companies employ thousands of smaller, less protected vendors who provide them with just about anything, from toilet paper and stationery, to aircraft-specific toilets, to missile casings. These vendors are still connected to the defence contractor’s ERP system, and communicate with it directly, creating a huge vulnerability.     

Meet CyberZeist

CyberZeist is “a Political & Offensive Black-Hat hacker.” He is a former member of the UGNazi hacking group, from which various members were arrested for hacking and credit card fraud. CyberZeist has been active for many years, and embodies the duplicity of hacktivists today. While he mainly focuses his efforts on political goals, such as human rights, he occasionally (or during the process of) hacks “regular” commercial enterprises.

In 2012, CyberZeist hacked the security services company G4S, and published a document that allegedly revealed human rights violations (for more information see the following link). He also leaked a few hundred login credentials that he allegedly obtained by launching a spear phishing attack on US federal employees.

Most, recently he uncovered the passwords to dozens of senators’ email addresses, as well as social security numbers and credit card information for senior members of the Democratic party, including Vice President Joe Biden, Senate Minority Leader Harry Reid, House Minority Leader Nancy Pelosi and acting Chair of the DNC Donna Brazile. The information was posted to Pastebin. On December 22, 2016, he even hacked the FBI website and leaked the data on Pastebin.

ITInsights

State-sponsored Cyberspies:          Cyberspies Impersonate Security Researcher:

State Sponsored Hackers: Finding  The Country Behind The Attack:

 

« Is There A Truly Secure Messaging App?
Indian Police Training To Crackdown On Electronic Fraud »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

ThreatConnect

ThreatConnect

ThreatConnect is an enterprise threat intelligence platform by Cyber Squared bridging incident response, defense, and threat analysis for InfoSec & DFIR teams.

National Cyber League (NCL)

National Cyber League (NCL)

The NCL provides a virtual training ground for participants to develop, practice, and validate their cybersecurity knowledge and skills.

PECB

PECB

PECB is a certification body for persons, management systems, and products on a wide range of international standards in a range of areas including Information Security and Risk Management.

Qufaro

Qufaro

Qufaro is a new initiative designed to make it simpler for those with career ambitions in cyber security to access the UK’s cyber-specific education and innovation opportunities.

Netmarks Indonesia (NMID)

Netmarks Indonesia (NMID)

Netmarks Indonesia is an IT solutions provider offering services related to ICT infrastructure, digital transformation and cyber security.

Epati Information Technologies

Epati Information Technologies

ePati Information Technologies is a specialist in information technology and cyber security.

eLearnSecurity

eLearnSecurity

eLearnSecurity is an innovator in the IT Security training market providing quality online courses paired with highly practical virtual labs.

Security BSides

Security BSides

Security BSides is the first grass roots, DIY, open security conference in the world!. BSides is a community-driven framework for building events for and by information security community members.

Cambridge Cybercrime Centre

Cambridge Cybercrime Centre

The Cambridge Cybercrime Centre is a multi-disciplinary initiative combining expertise from the Department of Computer Science and Technology, Institute of Criminology and Faculty of Law.

RhodeCode

RhodeCode

RhodeCode is an open source repository management platform. It provides unified security and team collaboration across Git, Subversion, and Mercurial.

The IoT Academy

The IoT Academy

The IoT Academy is a reputed Ed-Tech Institute that provides training in emerging technologies such as embedded systems, the Internet of Things (IoT), Data Science and many more.

Althammer & Kill

Althammer & Kill

Althammer & Kill offers pragmatic solution concepts for data protection and digitization. We advise in the field of data protection, information security and compliance.

Epic Machines

Epic Machines

Epic Machines is a Value Added Reseller and Managed Security Services provider offering Security Transformation using Cloud-native solutions to commercial and government markets.

Merlin Ventures

Merlin Ventures

Merlin Ventures is a strategic investor focused on driving growth and value for cybersecurity software companies with market-leading potential.

Thero6

Thero6

Thero6 develop dynamic financial analysis algorithms that help prevent coin collapses and theft of cryptocurrency funds by identifying the transaction absolutely throughout the chain.