Cyber Espionage and Targeted Attacks

This morning I read an article on Infoworld: Why you should care about cyber espionage which – to me – is a strange question. First of all, most companies have to protect some sort of intellectual property. It is not new for the Internet, that state-driven espionage not only targets state’s secrets but industrial espionage as well. Therefore Cyber Espionage as it is in no way different than any other espionage. Did you care about losing your intellectual property 20 years ago? Better care about it today as well.

Secondly, if I looked at the targeted attacks companies suffered, they are by no means limited to state-owned infrastructure. It hits private sector companies as well as public sector organizations.

Should you are about protecting your intellectual property? For sure!

Should you defend against targeted attacks? What a question. If you are concerned about this, I recently blogged about a paper we published: Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques.

So, there should be no separation – just protect your infrastructure and make sure you care about classical network hygiene (as described in the paper above). This is the best first step to happiness J


Enhanced by Zemanta

One thought on “Cyber Espionage and Targeted Attacks


    Well that sounds all so nice and for me it is definitely nothing new.
    However, in my company sadly nobody has a sense when it comes to security and my superiors always say I am too restrictive, or want to be.
    Man we don’t even have a documents classification policy although the technical means of RMS are in place and obviously only used by me.
    How to you convince your superiors to invest in security in a company where there is not even a CSO defined? I am talking about 8000 users and ~56 locations world wide.

    As always something has to happen before someone listens to me.

Leave a Reply