Recent take-aways from I-OnAsia Corporate Investigations into IP Theft
Hackers are expected to cause more than US$4 trillion in damage to companies in 2021. In the past, much of this seemed like wanton and malicious carnage simply for its own sake - with no apparent rhyme or reason other than causing inconvenience. But hacking approaches are becoming more advanced and financially motivated. Hackers are targeting companies' most sensitive data and other intellectual property’ (IP), figuring that if you aren't willing to pay a king's ransom to get it back, your competitor will. The risks couldn’t be greater. And its not just the private sector either that falls victim to these acts: government controlled data is also being targeted daily.
Over the past decade, the majority of I-OnAsia's IP protection cases have involved: (1) corporate investigation of insider threats, where key members of manufacturing and operations or marketing or R&D teams walk out with company IP; (2) the investigation of criminal gangs and criminal networks targeting a single company's product, from phones to shoes to test answers. But the rise of hacking cases has been clear, according to Kevin Caja, I-OnAsia’s internal expert on cyber security services and risk advisory.
What do hackers target when they try to gain entry into the operating systems and networks of global brand and corporations?
When you’re dealing with professional hackers, you’ve got to think like one, hackers aren’t interested in the devices themselves, their interested in the content, the sensitive propriety information, the IP as well call it, the plans, the drawings, the contracts, the recipes, anything tangible that they can then go on to try and sell. Hackers will usually try to sell IP to a competing entity or third party. They may even try to blackmail the client for its return.
What are the top 5 areas you would target to reduce the risk that a hacker will steal company IP?
These layers of security and reporting is what is needed to keep encrypted IP safe in secure in the hands of its owners.
First. ensure operating systems and software are kept up to date.
This advice is certainly not a new concept, or a ground-breaking piece of advice. However, it is probably the most fundamental actions any organisation can take to ensure that they are operating with the right software and security protocols.
Not only does this provide clients with latest software and operating systems, but also provides the latest security upgrades to protect these systems. Every organisation should have a schedule of review of software updates which the in-house IT teams implement.
Failing to maintain operating systems and machines provides a huge opportunity for hackers looking for weaknesses.
Second, encrypt sensitive data.
In cyber security we talk about layers of security. Encrypting sensitive data is paramount in protecting the most sensitive information. I regularly see cases coming into I-OnAsia where clients have not encrypted their data, resulting in a hacker’s ability to leverage that information the moment they have obtained it. Although encryption is not a gold standard of security and has its weaknesses, it certainly adds a significant layer of complexity in the security of IP. We are regularly recalibrating our risk assessments to consider the benefits of encryption, particularly for emails and communications, which are just as valuable, if not more than other types of IP.
Third, learn to recognise and avoid phishing attacks.
Phishing is by far the most popular modus operandi of hackers across the globe. Hackers have developed strategies and methodologies to manipulate those using the very systems they are trying to get into.
Why take the complex route of manual hacking, when you can manipulate people to do that work for you?
A companies greatest weakness, is its people, training staff to understand what a phishing attack might look like will ensure that any such attacks are immediately dealt with and not given the opportunities to exploit. Staff should be able to recognise that a phishing attack came in many forms; the unfamiliar sender of an email, strange domain names, and emails with attachments or links that weren’t requested, are just a few of the most common phishing attacks I see employees get enticed with.
Fourth, monitor user accounts across the organisation.
A company's biggest weakness is its people. Sadly internal breaches are a common cause for loss of IP. Therefore it is important to monitor user accounts across the organisation. Internal IT departments should be looking for unusual logins from the same user on multiple machines, access to files and folders never accessed before, employees logging in and out at strange times out of normal business hours. Monitoring such conduct can allow an organisation to move a lot quicker in identifying the breach, denying access and implementing recovery processes, should there be a loss of information detected.
Finally, think first about your data protection software not your anti-virus software.
Most homes around the world use an array of anti-virus software, this software provides a good low-level protection to common and well-known malware, which is sufficient for the home user, who is likely never to be victim of a targeted hack. Virus software can be bypassed, thus allowing a steady stream of data to be taken from the end user. However, in the corporate world where data protection is critical, organisations should consider and seek advice and guidance on the implementation of data protection software. This software should have the ability to fully lock-down the most sensitive information. This data protection software should actively report on where data is going and who is accessing it.
Is it important to test these systems?
There is no doubt that testing your defences is critical in understanding where you can make improvements. I-OnAsia carries out regular penetration testing for clients to ensure their systems are up to the task of protecting their people and their information.
The ramifications of not taking this seriously are grave. Our clients are operating in some of the most competitive industries and they excel, because they understand the importance of this subject, it’s as simple as having a good password, managing your operating systems and training your people in awareness.
For a small investment, companies can protect their own crown jewels!