Simply put, there is money to be made in cybersecurity and major money to be lost if not taken seriously as an investment. A company’s data is valuable and, therefore, appealing to bad actors. And as we know, the threat landscape is becoming harder and harder to keep track of and easier and easier for hackers to take advantage of. As if we did not have enough examples to illustrate this environment, a new threat campaign is demonstrating what is at stake once again.
This week, Cybersecurity Dive reported that a recently discovered “sophisticated” campaign targeted at least 10 organizations across the globe. Suspected to have been executed by UNC3524, the campaign sought to compromise the emails of executives exchanging information related to merger and acquisition deals. Researchers believe that the espionage group may have been accessing and tracking emails for 18 months before ever detected. They were able to accomplish this by infiltrating systems like forgotten network appliances and IoT devices, according to the summary. It has been revealed that they also used a malware tactic going after SSH tunnels, which signals that these breaches were an outcome of extensive planning. Considering such details, it becomes evident that UNC3524 was interested in harvesting corporate strategy data more so than a short-term financial gain.
Such interest in the behind-the-scenes details of business decision-making is an increasing issue, especially because the information gathered can be used to make money on the black market. This has been particularly true during the pandemic. As a piece for Forbes points out, cybercrime grew by 600% during this period. For instance, hotel giant Marriot was hit by a breach in 2020 that exposed data related to over 300 million guests. It is not just large companies like this at risk though. Smaller organizations are also potential targets that are even more vulnerable when you consider a stat concluding that nearly 43% of small businesses do not have a cybersecurity plan in place.
As businesses respond to this trend, not only is making sure that a proactive cybersecurity strategy is enacted important, but so is understanding the types of attacks that they are protecting against. In addition to data theft and malware as represented above, there are also threats like social engineering that continue to spread with the expanded use of social media and phishing campaigns, such as one that impacted 20,000 employees of a federal agency, which need to be considered. On top of these, there is the mounting presence of ransomware threats, which can stem from something as simple as opening a malicious email attachment. One piece of research estimates that 48% of such attachments are distributed through Microsoft Office files.
Considering the escalation of such cyber breaches, Microsoft has had to rapidly grow its cybersecurity program. In 2021, the company’s CEO stated that the plan was to increase Microsoft’s research and development spending in cybersecurity from $1 billion to $4 billion. As that plan gets put into effect, Microsoft just announced the launch of three new products that seek to enhance scanning, action and people-driven defense techniques for organizations, as covered by CNBC.
Microsoft is not the only company jumping at addressing the threat landscape businesses face. As flaws in cybersecurity can put businesses at risk, such as in the latest case of M&A spying, flaws in cybersecurity are also driving major business activity as companies aim to fill in the gaps that are leading to these flaws in the first place. Following reports of Microsoft’s interest in buying security company Mandiant, Google has announced its own intent on purchasing the firm. Regardless, all of this indicates that the relationship between cybersecurity and business is only guaranteed to strengthen.
Key Takeaways:
“Threat actor launches email attacks to lift corporate M&A secrets, Mandiant says” – Matt Kapko, Cybersecurity Dive
https://www.cybersecuritydive.com/news/email-corporate-espionage-merger-acquisition/623271/
- Cybersecurity Dive reported that a recently discovered “sophisticated” campaign targeted at least ten organizations across the globe.
- Suspected to have been executed by UNC3524, the campaign sought to compromise the emails of executives exchanging information related to merger and acquisition deals.
- They were able to accomplish this by infiltrating systems like forgotten network appliances and IoT devices and using a malware tactic going after SSH tunnels.
“The Top Six Cybersecurity Risks Facing Your Small Business” – Rudy Shoushany, Forbes
- As this piece for Forbes points out, cybercrime grew by 600% during this pandemic.
- Businesses both large and small are vulnerable to attacks.
- Key threats include data theft, malware, phishing, social engineering, and ransomware.
“Microsoft launches cybersecurity services to help clients fight off ransomware and other attacks” – Jordan Novet, CNBC
- Microsoft just announced the launch of three new products that seek to enhance scanning, action, and people-driven defense techniques for organizations, as covered by CNBC.
- This follows a statement from the company’s CEO In 2021 that Microsoft planned to increase research and development spending in cybersecurity from $1 billion to $4 billion.
- Google has also demonstrated interest in increasing cybersecurity business by announcing intent to purchase Mandiant.