Date Published: 
02/19/2013

 

The issue for us, is less who did it, but the expectation that whoever did it is a) ‎sophisticated, and b) using it for purposes at once obvious and less obvious.

The Mandiant report suggests industrial espionage on a large scale. It identifies ‎many victims, many of them household name (GM, Coca-cola), and not all obvious ‎targets.  One Canadian firm Telvent manages critical infrastructure like pipelines and ‎other energy infrastructure. It’s easy to understand why they might be targeted, ‎but Coke? 

The report highlights a number of cases of sustained efforts to either a) steal ‎intellectual property, or b) identify information which could compromise national ‎security.  The examples track over a large number of industries, over a long period ‎of time. The hacking efforts highlighted in the report are sustained over years, and ‎can be traced back to individual users.

The report also includes a detailed analysis of the “indicators” that were used to ‎trace and identify the hacking effort. These are bits of the forensic record that can ‎be analyzed as part of the tracking effort.

In a world where “proving” something that happens in another sovereign country is ‎impossible without their cooperation, the report goes a long way towards pointing a ‎detailed and carefully-analyzed finger at a likely culprit.  ‎

 

Risk Management Perspective: 

 

The report raises a number of questions that technology risk managers might ‎consider:‎

  • Who might be interested in what you have?‎
  • How organized and sophisticated might their attacks be?‎
  • How ready are you to protect the assets that you have?‎
  • How much security spending is reasonable? ‎
  • What does “security” even mean  in this context?‎
  • What role does government have in helping to craft defenses in a world ‎where corporations may not have adequate resources to defend ‎themselves? ‎

The answers to these questions are more elusive than they might seem at first ‎glance.  Many firms would not even know if they were compromised.  Many firms, ‎if they figured out they were compromised would not have any tools to explore ‎how bad the breach may have been. ‎

 

 

 > To read more about the story, click here

Industry Group: 
Other
Country: 
United States
Risk Class: 
Strategic
Risk Class: 
Operational
Risk Type: 
Competition
Risk Type: 
Intellectual Property
Risk Type: 
Information Security

Copyright © 2010 RiskOnBoard All rights reserved. Designed by CERAiT.com v2.1 Feb 02, 2011