Industrial Espionage – why should I care
May 2nd, 2013 by Jesper Kråkhede
Everyone that´s been around for some time in this industry has Melissa and Love letter fresh in mind. How many similar outbreaks have you had the last years? I expect you to say none. Does this mean that there are no malware running around anymore? Of course not. There are even more today than there used to be. But the goal of malware today is not to get a widespread infection anymore but to get hold of vital information or to kidnap your infrastructure for others to use.
During my last four years in the business I have encountered a large botnet running in a large financial institution, they had the most ultimate security (they thought); I identified a large scale espionage operation in the manufacturing business where they had full access to the research department; I identified the source of a performance problem to be a large scale DDOS directed towards my client.
Threats today are sneakier in nature and are aimed either towards company that has something to steal (money or inventions) or something to kidnap (databases). This means that you need to update your risk-list and actually allow yourself to be seen as a target. Following You3 you exist and therefor are a target, you have something in common with a group and therefor are a target or you are you and therefor are a target. Identifying which target you are will help you determine the protection you need and if you have something unique or something hard to copy without the drawings you sure are a prime target.