Visit our Facebook page and become a fan.
Cybercriminals Refocus on Stealing Corporate Information
Corporate information is the major target for cybercriminals these days, according to a new study from McAfee and Science Applications International Corporation. It said foreign governments and competitors are paying cybercriminals more for corporate data. The study by McAfee and SAIC also said many corporations are choosing to hide thefts.
Stealing personal information is much less of a target for cybercriminals these days than targeting corporate information. That's the major conclusion of a new study from security firm McAfee and Science Applications International Corporation (SAIC).The report, titled Underground Economies, said cybercriminals have found that greater value exists in selling a corporation's proprietary information and trade information than in using personal data from individuals. The corporate information includes company data, trade secrets, marketing plans, research and development findings, and, in some cases, source code.
Insiders, Outsiders
Cybercriminals, the report said, now prefer to sell a company's proprietary information to competitors and foreign governments. "For example," it said, "a company's legal documents can fetch far more money than a list of customer credit cards."
The study, a follow-up to a 2008 report called Unsecured Economies, surveyed more than 1,000 IT decision-makers in the U.S., U.K., Japan, China, India, Brazil and the Middle East.
Scott Aiken, vice president for cyber operations at SAIC, said "the distinction between insiders and outsiders is blurring." He noted that attackers often steal valid network credentials and then infiltrate a network as an insider.
The report found that a quarter of the surveyed organizations had a tangible negative impact from being hacked, including the slowdown or end of a merger/acquisition or a product/solution rollout. Only half of the organizations that experienced a data breach took remedial steps to prevent future breaches, and about a quarter of global organizations are conducting risk assessment of their data only twice a year or less.
Half the surveyed organizations are investigating the costs and risks of processing data outside their home countries. A third are looking to increase the amount of sensitive information stored abroad, up from 20 percent two years ago.
Least Safe Countries
But three countries in particular are considered the least safe for data storage -- China, Russia and Pakistan -- while the U.S., Germany and the United Kingdom are considered the safest.
When data breaches occur, some organizations are choosing secrecy. Only 30 percent of the surveyed organizations report all data breaches, and 60 percent "pick and choose" which breaches to report. Legal leniency for reporting requirements is a factor in choosing countries for storage, with 80 percent of the organizations reporting that privacy laws requiring notification are a factor in their decision-making.
While the rise of more aggressive and organized cybercriminals is a key issue for data security, so is the rise of mobile devices. More than 60 percent of the respondents indicated that managing information security for mobile devices is a key challenge.
McAfee, which is owned by Intel, is a leading security technology company, and SAIC is a scientific, engineering and technology applications company involved with national security, energy and the environment, critical infrastructure , and health.
Wireless Business Solution Zee Tawasha