The 2017 Verizon Data Breach Report Reveals that Hackers Aren’t Just After Payment Cards and Identities Anymore

Cyberespionage is a growing problem, especially in the manufacturing industry, professional services, education, and the public sector, according to the 2017 Verizon Data Breach Report, which was released last week. While hackers are still after credit card numbers, employee tax data, health records, and other sensitive personal information, they’ve discovered that targeting intellectual property, company secrets, and even state secrets can be quite lucrative.

Almost as if on cue, around the same time the Verizon Data Breach Report was released, online entertainment provider Netflix fell victim to intellectual property theft. A hacker or group identifying itself as “TheDarkOverlord” demanded a ransom and threatened to publicly release episodes of the upcoming season of the Netflix original series Orange Is the New Black, which had been scheduled to be released [to paying subscribers] on June 9. Netflix refused to pay up, and TheDarkOverlord dumped 10 episodes (or at least, what appear to be 10 episodes) online. Because the hacker or group accessed the material by compromising a post-production facility utilized by several major television studios, other networks will likely be targeted in the weeks and months to come; in fact, TheDarkOverlord has already Tweeted as such.

Intellectual Property Especially Vulnerable in the Digital Age

In the digital age, companies are in possession of more intellectual property than ever before. In addition to product prototypes, patents, market research data, and sales lists, many companies develop proprietary software and mobile apps to gain a competitive edge. Casinos, for example, pour millions into the development of gaming software, and as consumers demand to watch television series and movies online, entertainment companies are investing heavily in content-delivery technologies.

The Verizon Data Breach Report notes that 90% of cyberespionage attacks are launched by “state-affiliated groups.” While most people might assume these groups are primarily targeting the public sector in search of state secrets, private-sector companies are not immune from cyber spycraft; cyberespionage is the top cyber threat facing the manufacturing industry, far eclipsing all other forms of hacking, and 90% of the data stolen consisted of company secrets.

Why would state actors be interested in hacking a manufacturing company? Private-sector firms have long been targets of spycraft on the part of foreign agents who wish to steal cutting-edge technology for use in their own countries. A recent plotline on the Cold War-era spy series The Americans involved Soviet spies infiltrating an agricultural company to steal samples of a new pest-resistant wheat crop for the KGB. The Verizon report implies that not much has changed since the series’ fictional spies’ time, noting that education institutions are increasingly being targeted by state actors and theorizing that this is because “[c]olleges are centers of innovation and are building technologies” that are of great interest to foreign governments.

While intellectual property theft by disgruntled current or former employees or competitors isn’t as common, it’s costly when it happens. It’s estimated that the Houston Astros MLB team lost $1.7 million after an employee of a competing team hacked their database, stealing confidential scouting and trade information. While it’s unknown at this juncture how much Netflix stands to lose from the theft of Orange Is the New Black, industry experts are already wondering if the company will be forced to release the next season early just so they can hope to compete with the “free” version provided by TheDarkOverlord.

How Are Hackers Getting In, and How Can Companies Stop Them?

The Verizon Data Breach Report found that the typical cyberespionage attack starts like most others do: An unsuspecting employee clicks on a malware-infected file attached to a phishing email. Once the malware is installed, a cyber spy can use it to steal legitimate login credentials and get into the organization’s system, where they can remain undetected for days, weeks, even months.

The best defense against phishing emails is to implement proactive cyber security procedures to prevent employees from being phished in the first place. The Verizon report suggests installing anti-malware protection at the email gateway, keeping software and operating systems up to date, implementing network segmentation and multi-factor authentication, security awareness training for all employees, and having a system in place where employees can immediately report suspected phishing emails to security personnel.

Any company that owns, or is perceived to own, useful or valuable intellectual property or competitive information is at risk of having it stolen. Verizon’s report illustrates that it’s just as important to protect intellectual property data as it is to protect payment card, customer, and employee data.

Author's Bio: 

Michael Peters is the CEO of Lazarus Alliance, Inc., the Proactive Cyber Security™ firm, and Continuum GRC. He has served as an independent information security consultant, executive, researcher, and author. He is an internationally recognized and awarded security expert with years of IT and business leadership experience and many previous executive leadership positions.

He has contributed significantly to curriculum development for graduate degree programs in information security, advanced technology, cyberspace law, and privacy, and to industry standard professional certifications. He has been featured in many publications and broadcast media outlets as the “Go-to Guy” for executive leadership, information security, cyberspace law, and governance.