Hackers hunting for corporate IP

News
By published

As companies move more data off-premise, cyber criminals are increasingly looking at how to steal it.

Cyber criminal

Cyber criminals have turned their attention more towards corporate secrets, moving away from targeting personal data, a report has indicated.

Global firms have started shifting their corporate data and intellectual property to the cloud, the McAfee and Science Applications International Corporation (SAIC) report claimed.

Now hackers have followed this move as they look to acquire such highly valuable information, the findings indicated.

A third of organisations surveyed in the report said they were hoping to increase the amount of sensitive information stored abroad, up from one in five in 2009.

China, Russia and Pakistan were considered by respondents to be the least safe nations for data storage, with the UK seen as one of the most secure destinations.

"We've seen significant attacks targeting this type of information. Sophisticated attacks such as Operation Aurora, and even unsophisticated attacks like Night Dragon, have infiltrated some of the of the largest, and seemingly most protected corporations in the world," said Simon Hunt, vice president and chief technology officer for endpoint security at McAfee.

"Criminals are targeting corporate intellectual capital and they are often succeeding."

Despite this shift, a number of organisations have failed to take mitigating steps.

A quarter of respondents had seen a merger or a new product launch either stopped or slowed thanks to a data breach, or the threat of one.

For those who had experienced a breach, just half took remedial steps to protect systems from similar compromises in the future.

Just a quarter said they carried out forensic analysis of a breach or loss.

McAfee said the cost of data breaches could be the main driver behind victims' lack of action after being compromised, as businesses seek to save money in tough times.

According to Symantec, the average cost for a data breach in the UK stood at 1.9 million in 2010.

"Sophisticated attackers infiltrate a network, steal valid credentials on the network, and operate freely just as an insider would," said Scott Aken, vice president for cyber operations at SAIC.

"Having defensive strategies against these blended insider threats is essential, and organisations need insider threat tools that can predict attacks based on human behaviour."

According to the report, companies have been keeping quiet about data breaches too, with just three in ten reporting all cases.

In the UK, it looks likely many businesses will soon have to comply with EU directives requiring them to report data breaches to the Information Commissioner's Office.

Tom Brewster
Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.

More about policy and legislation
UK map concept art showing digitized UK landmass outline in blue.

UK firms are pulling ahead of EU competitors in the AI race – here's why
OpenAI logo and branding pictured at Mobile World Congress 2024 in Barcelona, Spain.

The CMA just dropped its probe into the Microsoft–OpenAI deal
An abstract image showing blocks of blue shiny material overlaid on one another to represent LQMs and AI.

What are large quantitative models (LQMs)?
See more latest
Most Popular
Red Ubuntu logo appearing on a web browser with a microscope over the logo, placing emphasis on it
Qualys discovers three bypasses of Ubuntu's unprivileged user namespace restrictions
Gold lock floating above a digitally rendered motherboard with blue and red glowing hues, denoting ransomware
Security researchers hack BlackLock ransomware gang in push back against rising threat actor
A busy customer service desk
Omnissa eyes growth with revamped partner program
Female software developer using AI coding tools on a desktop computer with light from screen reflecting in spectacles.
Developers spend 17 hours a week on security — but don't consider it a top priority
A close-up of a digital dashboard showing stock market graphs overlaid onto a world map.
Financial services firms look to AI to improve resilience
Male software engineer working on a laptop at a home office desk with two PC monitors sitting on top of desk.
‘This shift highlights not just a continuation but a broad acceptance of remote work as the norm’: Software engineers are sticking with remote work and refusing to budge on RTO mandates – and 21% would quit if forced back to the office
Ransomware concept image showing a warning symbol in red with binary code in background.
Healthcare systems are rife with exploits — and ransomware gangs have noticed
Application security concept image showing a digitized padlock placed upon a digital platform.
ESET looks to ‘empower’ partners with cybersecurity portfolio updates
Databricks logo and branding pictured on a MacBook Pro screen.
Databricks and Anthropic are teaming up on agentic AI development – here’s what it means for customers
Dell Technologies logo and branding pictured at the company's stall at Mobile World Congress (MWC) in Barcelona, Spain.
Scale of Dell job cuts laid bare as firm sheds 10% of staff in a year