What is Cyber Espionage and what can you do about it?

An image of , Cyber Security, What is Cyber Espionage and what can you do about it?

Ransomware attackers are evolving—and so are their motives. Here’s what you need to know about hacktivists and cyber espionage.

States and governments have enlisted hacktivists as their own national “cyber espionage” task forces, funding attackers and handing them sophisticated technology “weapons.” What will the impact be of hacktivists on the warpath? If history is any indicator, entire governments could be destabilized.

Online attackers using ransomware as their weapon of choice are at the top of the cybersecurity headlines at the moment—and with good reason. These attacks have brought major cities and hospitals to a grinding halt. But while most ransomware attackers are usually just out for the ransom itself, attackers known as “hacktivists” attack for reasons besides money. And they’re making a comeback.

“When you watch a film like ‘War Games’ or ‘Hackers,’ they seem childish—not as malicious as they could be,” warned Hector Monsegur, the well-known former hacker, during Pure’s webinar “Ransomware Nightmares? Defend Your Data!” “But we’re in a different era. Hacking can be weaponized.”

What to know about hacktivists, how they’re evolving, and what you can do about it

1. Your current ransomware strategy probably isn’t enough.

Business leaders typically develop emergency plans for dealing with ransomware attackers who only want ransoms paid—which usually means either paying the ransom or designing storage so that data can quickly be replaced. But cyber espionage is a new spin on ransomware in that the attackers who seize data don’t usually want money—they want your data so they can expose it publicly. As The Washington Post reported recently, hacktivists have “capped off a nine-month run of stunning breaches.” In October 2021, when hacktivists published a huge haul of data stolen from streaming site Twitch, including all of the site’s source code, the hackers said Twitch had become a “disgusting cesspool.” The hacktivists wanted publicity for their message, not ransom money.

2. State-sponsored hackers are gaining more power.

Hacktivists today are less likely to be ragtag, loosely organized small groups, and more likely to have state money and power behind their attacks. In fact, Microsoft reported that state-sponsored hackers have seen healthy success rates this year, with Russia accounting for 58% of state-sponsored hacks. Most of these attacks targeted government agencies and think tanks in the United States.

When states hire “private-sector offensive actors” (PSOA), the hackers gain access to very sophisticated off-the-shelf tools and open-source penetration testing tools to carry out large-scale cyberattacks. In effect, the PSOAs are operating like a business, selling hacking as a service.

3. Cyber espionage and exfiltration are putting more data at risk.

Cyber espionage is a new flavor of ransomware in which hackers do more homework to identify the biggest payloads from their targets, such as classified, sensitive data or proprietary, intellectual property. If there’s one thing modern ransomware hackers have figured out, it’s that not all data is created equally. In fact, some data isn’t just more valuable—it can have seismic effects when stolen.

A cyber-espionage play can also be used by an adversarial country to undermine other counties. Monsegur noted, “In the rare instance where hackers can obtain intellectual property, say from a manufacturer, they can sell that data upstream to other countries.”

4. Hacktivists have technical know-how.

The exfiltration of sensitive data (along with threats to post it online) can cause even more havoc and scandal—exposing company secrets or even military intelligence. The deliberately recruited and highly valued cybercriminals have the technical expertise to shut down anything from government infrastructures to financial systems to utility resources. They’ve influenced the outcome of political elections, created havoc at international events, and helped companies succeed or fail.

5. Hacktivists often rely on anonymous cryptocurrencies to reduce the chances of getting caught.

Hackers may feel emboldened by the fact that because they’re able to use anonymous tools, they’ll remain underground once the ransom is paid. But that’s not always the case: After the May 2021 ransomware attack on Colonial Pipeline, FBI agents were able to identify the bitcoin wallet the hackers used and recover about half of the $5 million ransom the fuel company had paid. But the hackers remained at large, as did the rest of the ransom.

Half of founders struggle to engage their communities

Taavi Kotka • 29th March 2023

– Almost two thirds recognise that sharing business success with contributors is key to growth and helping them to ‘scale with soul’ – More than a third recognise that building a loyal and engaged community is key for fundraising

The Risk of IT Business as Usual

Steve Hollingsworth and Gurdip Sohal • 27th March 2023

IT teams within mid-sized organisations are over-stretched. Resources are scarce, with sometimes skeleton teams responsible for all aspects of IT delivery across large numbers of users. With up to 90% of the team’s time being spent ‘keeping the lights on’, there is minimal scope for the strategic thinking and infrastructure optimisation that business leaders increasingly...

How retailers can embrace AI to build loyalty

Dan Hartveld CTO at Red Ant • 23rd March 2023

A key retail tech approach for 2023 is clienteling, which uses AI to offer customers the best of both worlds – the human touch coupled with the most personalised digital experiences. It means the establishment of long-term relationships with shoppers by using customer data that provides real-time insight into their preferences, behaviours, and purchases. This...