In December of last year, The US justice department indicted two Chinese men accused of hacking into the computer networks of companies and government agencies in Western countries.
The pair are allegedly part of a "hacking group" known as Advanced Persistent Threat 10, affiliated with China's main intelligence service.
The US and UK have accused China of violating an agreement relating to commercial espionage.
US Deputy Attorney General, Rod Rosenstein said he was coordinating with allies around the globe to thwart China’s economic aggression, according to a BBC story. He continued by saying he wants China to cease its illegal cyber activities.
Insurance Journal reports that since the start of US tariffs, China has stepped up its hacking efforts.
“By 2017 they started coming back and throughout 2018 they were back in full force,” said Adam Meyers, vice president of intelligence at Crowdstrike. “They have been very active and we expect to see that continue.”
To maker matters worse, Iran has also stepped up its attacks according to the New York Times.
You may recall, some years back the US charged Iranian Hackers for attacks on Wall Street firms as well as a dam in Rye, New York, located in Westchester county.
Chinese hacking attacks are getting far more sophisticated as they cover their tracks better than ever. Moreover, they are being strategic… Going after trade secrets they deem to be important. They often focus on business partners or suppliers such as an ISP as a way to access the data of the targeted company.
Russia too is still hacking at full force and using spear-phishing and other methods to break into accounts linked with sports and doping groups among others.
Russia is also winning the hacking speed race - in a mere 20 minutes they can go from breaking into a corporate network to moving laterally through it. They're followed by North Korean groups at two hours and 20 minutes, Chinese hacker groups at four hours, Iranians at five hours and nine minutes and cybercrime gangs with roughly nine hours and 42 minutes. CrowdStrike also warns of increased collaboration between highly sophisticated criminal actors.
In all, US and western businesses face the worst cybersecurity threat situation in history. We predicted this would be the case, late last year. This is one situation where we wish we were wrong.
Hacking techniques are getting more sophisticated and methods which work successfully are being shared rapidly online.
Companies are not only vulnerable through the front door of their network but increasingly, their partners and suppliers can be used to get access to crucial information.
The weakest link in any company’s cybersecurity is workers who accidentally click on an email or a social media message. Even the best-designed networks can be breached in this manner. We suggest every company use a phishing simulation tool which tests employees. One alternative, Phish360 is so effective, it has achieved almost 100% click rate when used in various organizations.
The good news is the workers who click can be quickly trained on what to avoid in the future.
Here are other areas all organizations looking to promote a cybersecurity culture need to focus on:
Cybersecurity training must be done regularly.
Auditing and documentation must be performed regularly to ensure systems are secure.
Anomaly detection should be running constantly to detect threats as they emerge.
Penetration testing shows if systems can easily be reached from the outside. Here is a case where this test might have saved two company’s’ reputations from being destroyed.
Network forensics for when a breach eventually occurs. The bad guys always seem to get in eventually.
An action plan to follow when a breach does occur. Once it happens, few will have the clear heads needed to “wing it” correctly. Equifax botched it’s response in what is being called a PR catastrophe.
To ensure your organization is safe – even if you have internal IT, hire an experienced MSP or MSSP like Apex Technology Services.
It’s a dangerous world. Every company must be proactive to stay secure.