Cyber Espionage is a cyber attack that leads to stolen classified, sensitive, or critical data often in the form of intellectual property in order to gain a competitive advantage over another business or government entity. Cyber Espionage is often targeted towards critical national infrastructure to build access capabilities to destroy, disrupt, or disable a nations infrastructure. In the weeks and months leading up to the Russo-Georgian war, many cyber espionage attacks had been conducted preparing for an eventual invasion by Russia on Georgia. Quite often cyber espionage is paired with attack.
Cyber attacks hit the media in 2020, when the Department of Homeland Security (DHS) issued a warning of expected cyber attacks from Iran. This was followed by Christopher C. Krebs, the first and current Director of the Cybersecurity and Infrastructure Security Agency (CISA), about the impending risk of cyber espionage and attack against US infrastructure.
Most industrialized countries in the world maintain their own highly skilled cybersecurity hacking forces that work to secure their own country’s data and infrastructure. These cybersecurity forces also seek out access to other country’s classified information as well (offensive and defensive).
The more interconnected and dependent we become on our technology infrastructure, the greater vigilence we need in protecting these dependencies from cyber attack.
Source: VMWare/Carbon Black
Additional Reading: DHS Warns of Potential Cyber Attack From Iran
Related Terms: Nation-State Hacker, Hacktivist
What does this mean for an SMB?
At the SMB level, you may not be commonly at risk to Cyber Espionage attacks. However, you most certainly are at risk to everyday hackers. Hackers breach Small to Medium Sized businesses 15x more often than larger firms. Hackers know this and target you because of it. SMB’s generally lack resources to properly secure systems, fail to train employees on cybersecurity hygiene, and sometimes lack proper security tools.
For these reasons, CyberHoot recommends all SMB’s take these actions:
- Train employees on how to spot and delete phishing email. Here’s a free video to help with this: How to Protect Yourself from Phishing Attacks.
- Train employees on how to use strong pass phrases instead of passwords.
- Test employees with Phishing tests. CyberHoot includes this in our services.
- Implement basic cybersecurity technical best practices including:
- regular offline data backups with versioning
- use multi-factor authentication on all critical accounts
- purchase and train employees to use a Password Manager
- Update/patch all devices and software whenever possible to ensure vulnerabilities are fixed.
- Establish risk management at your SMB by having a risk assessment performed at least once on your business.
Taking these proactive measures can reduce your risk of a costly breach, downtime, brand damage, and a cyber insurance claim (or all four).