Computer hackers or terrorists are the main security breachers globally. Most organizations have not made adequate efforts to protect themselves from corporate espionage either because it is too costly or because it is too large to manage with no guarantee of success.Consequences of hacking today are not restricted only to disrupting operations alone but involve damaging trust and reputations. As mobile phones get smarter and more connected there will be increased mobile phone attacks.
Why should I be aware of this?
Net-enabled connectivity, wireless networking and mobile computing have made cyber security a critical issue.
“Hacking” for corporate espionage now constitutes a real threat. Integrated security technologies are required to safeguard operations of business organizations against hacking. Developments such as shared computers, wide-area networks, consultants, wireless networks and employees working at home have added to the risk.
How does this affect me?
If we have anything that gives us an edge over competitors, there's every likelihood that competitors will make all attempts to find out about it. This information could range from source code for that great new software we're going to launch, to intellectual property, marketing plans, trade secrets, research documents etc. A lot of corporate espionage is done by professional investigators specially hired for the job. Also a disgruntled employee could be sending out secrets to competitors.
All about corporate espionage
With the advent of the information age with its tools and technologies it has become much easier to 'gather' information and analyze intelligence.
It is not difficult for trained intelligence analysts to ferret out critical information through masqueraded phone calls, purported interviews of the victim company's employees, going through their garbage or creating 'e-relationships' with employees.
In a short span of time they can gather vital information on a company’s core competitive advantages, including intellectual property, future strategies, human capital and the skeletons in its cupboards. As they are not physically penetrating the company, they are not doing anything illegal. But once they make an entry it is very difficult to protect anything from the determined and well-trained attacker.
Install a malicious Trojan
One of the methods used by hackers to install a malicious Trojan is by tricking a trusted inside employee. Once the Trojan is installed it downloads a remote backdoor and gives the hacker complete access to the computer and, from there, the rest of the network. Sometimes the malware just downloads every document from every computer's My Documents folder. Other times it downloads entire, multi-gigabit databases -- whatever it takes. Attackers even change the numerals in parts of financial documents in significant ways. The company has no way of knowing its public financial statements were fraudulent until it was too late.
What can I do?
- Spread the culture of security among your employees in a manner so the employees understand the importance and embrace the policies.
- Have a floor marshal program in effect so when employees thinks a person is out
- Ensure that no one finds any item of interest in your trash.
- Make sure that doors in the office are locked, there are gatekeepers, and video surveillance cameras
- A secure building coupled with adept security guards creates a secure perimeter for your building.
- If some of your employees have access to your business secrets you have to make sure they can be trusted. During selection process do a quick background and reference check.
- Many corporate spies use Trojan horse (malicious / nasty software) to relay data from your computer system to their offshore data collection servers. Keep the latest security software on your desktops and servers.
- Conduct third party assessment on how an intruder can gain access to your office and remove your company assets. Physical security audits are important for digital security assessments.