Who is behind Ransomware? Part III

Description:  Highly sophisticated breaches & mass exfiltration of data or intellectual property

Attack tool: malware, directly intrusion, social engineering

Preventability: Not preventable

Prevalence: Not prevalent

Attacker sophistication: High

Cost per incident: High

A breach that results in the exfiltration of valuable IP / trade secrets or large amounts of sensitive customer data is every company's worst nightmare.  A recent survey of Directors by the NACD revealed the second most significant issue that will undermine their companies’ strategic objectives is a cyber-attack. Most SMB’s don’t have to worry about being directly targeted by a nation state, but most enterprises actively prepare for these sorts of occurrences.  While some CISO’s believe all attacks can be prevented, experienced ones will tell you that if nation state wants in, they will get in. What matters is recovering quickly and minimizing damage.

Breaches can take several forms.  Yahoo’s 2014 breach resulted in over half a billion customer account credentials being stolen. The likely destination was dark web sites where a batch can fetch a few dollars for every credential.  Theft of IP or trade secrets is rarely reported in the mainstream media as the victims don’t want the news to become public. Nonetheless hacks of defense contractors or technology companies is persistent issue, but one that rarely percolates down to the middle or lower market.