Financier Worldwide .com logo
Free trial subscription | Subscribe now | Register for free NEWSwire | Products & services | FW Direct (RSS/XML)
User ID:  password:  
remember me
Forgot your password?
= requires subscription
search: 
Advanced Search
Print Edition
April 2014

issue

menu1
Current issue
Subscriptions
Editorial submissions
About FW magazine
FW Digital
Advertising
Media Information
Contact us
menu1
Reprints & syndications
Contract publishing
Creative marketing solutions
button
button
button
Cyber Crime: A Global Threat « Back
Selina Harrison, September 2012
 
Whether the infiltration is criminally or politically motivated, a cyber attack can have a negative impact on a company’s value, reputation and ability to generate revenue. However, while in the past cyber risk management was about protecting intellectual property and trade secrets from competitors, technological advances mean the incidence of government sponsored cyber espionage has increased. Posing a threat to national infrastructure systems as well as state secrets and commercial gain, global defence agencies now rank the threat of cyber attacks alongside that of terrorism.

Cyber attacks against large corporations have been widely reported. In July, more than 450,000 usernames and passwords from Yahoo were published on the web. The hacker group D33Ds Company took responsibility for the breach, explaining it had exploited a basic SQL injection vulnerability in a Yahoo service to steal the details, exposing the email addresses and passwords of users of Gmail, AOL, Hotmail, Comcast, MSN, and several other email services.


Prior to this, during 2011 hacktivist group LulzSec conducted a 50-day hacking spree, targeting numerous other organisations for varying reasons and with varying results. Amazon, eBay and Fox News were among the organisations targeted by the group, and it took down Sony’s Playstation 3 network for three weeks, stealing 70 million records and another 25 million from Sony Online Entertainment. The reputational and fiscal damage was severe.

But an organisation’s cyber risk profile is no longer determined by the potential monetary value of information to attackers. Indeed, during LulzSec’s 50-day reign of ‘entertainment’, some of the companies are said to have been targeted as a direct result of actions they took in response to the WikiLeaks situation.

Further data published by Verizon last year uncovered a huge rise in politically motivated attacks and showed that hacktivists stole more data from large corporations than cybercriminals. Verizon’s 2011 Data Breach Investigations Report found that 58 percent of data stolen during breaches in 2011 was appropriated by these groups. In contrast, about 35 percent of data stolen from large companies was taken by organised criminal groups that wanted to sell it or use it to commit another crime.

Recent research by security provider Symantec Corp. and Ponemon Institute found that data breaches cost companies an average of $5.5m per incident, while another Ponemon study found that the value of brand and reputation can decline by 17 percent - 31 percent after a breach, and it may take an organisation up to a year to recover its corporate image. However, data breaches are not only a concern for large enterprises. Verizon found that during 2010, 63 percent of breaches occurred in organisations with no more than 100 employees, with an average cost of $188,242 to repair the damage.

Even so, companies conducting business are not the only ones susceptible to cyber attacks. In recent years, reports have suggested government-sponsored attempts at cyber-espionage are on the increase.

Last November, a report submitted to Congress compiled by the Office of the National Counterintelligence Executive accused Chinese and Russian cybercriminals of conducting cyber espionage operations against private companies, US government agencies and universities, to aid their own economic development.
The report, titled ‘Foreign Spies Stealing US Economic Secrets in Cyberspace’, said Chinese hackers were “the world’s most active and persistent perpetrators of economic espionage”. It also stated that Moscow’s intelligence services are using the internet to “collect economic information and technology to support Russia’s economic development and security”.

The report discloses several incidents of Chinese hackers targeting US companies, including the case of Yu Xiang Dong, who is currently serving 70 months in prison for stealing documents from Ford Motor Company in 2006 to help him get a job with a Chinese automotive company. The case of Dongfan Chung has also been widely publicised. In 2009 Mr Chung was convicted of possessing sensitive documents for the benefit of China. Employed as an engineer at Boeing, Chung was found to be in possession of more than 300,000 sensitive documents related to a fuel system for a booster rocket. He had worked at Boeing and Rockwell Industries for 30 years and had apparently been divulging corporate secrets for at least five of those years.

It has been recognised that, as there is virtually no consistency across international law governing cyber crime, a collaborative regulation governing privacy and other aspects of cyber risk would help matters. Indeed, as far back as 2010, officials from China’s Ministry of Public Security highlighted that China urgently needs to collaborate with the US to combat cyber crime.

Despite China being seen as dominant in regards to hacking activity, speaking at the Fourth US-China Internet Industry Forum in November 2010, Gu Jian, vice-director of the Ministry’s network security protection bureau revealed that during 2009 more than 200 government websites had been infiltrated on a daily basis, largely by hackers from abroad. Mr Jian mentioned instances where the Chinese government had sought assistance from the US authorities after uncovering various incidents of internet crime, but the US had failed to respond to these pleas for help.

Mr Jian purported that the current mechanism of cooperation is inefficient in addressing the situation, because of the different legal systems in the countries involved and insufficient communication between them. To rectify the situation, he called for strengthening international cooperation and improved bilateral agreements.

Almost two years down the line there is still no such legislation in place and a number of national security organisations have warned that cyber crime is an increasingly global threat. Most recently, during a lecture on cyber warfare held in London in June, Jonathan Evans, the director general of MI5, said vulnerabilities in both state and commercial systems are being “exploited aggressively” by thousands of hackers and the “astonishing” level of cyber attacks from enemy states and criminals is a threat to national security and business. He also raised the prospect of terrorists exploiting such methods in the future and disclosed that the National Security Strategy ranks the threat of cyber attacks alongside that of terrorism.
Prev | 1 | 2 | Next

Add Comment
No comments yet


Options
Subscribe Now
Products and Services
View basket (0) items
Article options
 Printable Version
 Research Assistant
 Add to Assistant
 Send to a Colleague
Also in this section
 • Managing corporate fraud and corruption
 • Chinese health and wellness market set to expand
 • EU launches banking reforms
 • Sony reorganisation gathers pace
 • US retail and consumer deals insight
About Us | Contact Us | Advertise | Careers | Privacy Policy | Terms & Conditions
© Copyright 2001-2014 Financier Worldwide Limited. All rights reserved.