NATIONS STATES HACKING AND ITS IMPACT ON ENTERPRISES

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

It seems that cyber-espionage is on everyone’s mind these days. Fierce allegations are being made by US officials, claiming that Russian hackers interfered with the US election process. President Obama’s last act in office was to issue sanctions against alleged Russian hacking. But is this really surprising?

Nation states have been spying on one another since biblical times, the only thing that’s really changed are their methods. Instead of sending spies to infiltrate high ranks of political parties, nations can now utilize more subtle, and less risky methods to achieve an even greater political and diplomatic impact. In fact, America is certainly not alone; it is known that the NSA wiretapped Greek officials prior to, and during, the 2004 Athens Olympics.

‘The Athens Affair’, however, was over a decade ago. Today, the process is much simpler. Instead of hacking telephone networks, wiretapping, recording, and processing thousands of hours of calls, one simply has to hack a single email server to gain access to millions of emails and documents, all ready and waiting to be leaked at the right moment. For instance, with the goal of tarnishing a political candidate’s reputation.

Impact on the Enterprise

The question remains: what does this have to do with the business world? Well, due to the peculiar nature of cyberspace, the lines between nation states, hacking groups, hacktivists and cyber criminals are blurred. Russia makes extensive use of “patriotic” (read: nation state sponsored) hacking groups, as does China and Iran.

These “blackhat” hackers are sent to do their nation’s dirty work. They operate with guidance and are backed by substantial resources, all with plausible deniability of the regime that employs them. However, because the lines are so blurred, hackers will often use the information they find, or the tools they possess, for personal gain. The methods that they perfect to hack and steal sensitive information from other nations can be used by them, the next day, to hack corporations (they are freelancers, remember?).

Data Dumps

Hackers use data dumps to scourge and identify information which they can then utilize to hack organisations. In the process they may find information which could be used to hack corporations, which they will gladly use or resell. We’ve written in the past about the danger emanating from data dumps and password reuse   and it is advised that enterprises enforce policies preventing password re-use and monitor dump sites regularly to identify information leakage.

Playing the Supply Chain

In more sophisticated cyber-espionage operations, hackers retreat down the supply chain and try to hack the weakest link. For example, it is difficult to hack the US Department of Defence networks, in order to gain intelligence about the next generation of aircrafts the US is building. It is far easier to hack the defence contractor who manufactures these aircrafts, simply because such companies employ thousands of smaller, less protected vendors who provide them with just about anything – from toilet paper and stationery, to aircraft-specific toilets, to missile casings. These vendors are still connected to the defence contractor’s ERP system, and communicate with it directly, creating a huge vulnerability.    

Meet CyberZeist

CyberZeist is “a Political & Offensive Black-Hat hacker.” He is a former member of the UGNazi hacking group, from which various members were arrested for hacking and credit card fraud. CyberZeist has been active for many years, and embodies the duplicity of hacktivists today. While he mainly focuses his efforts on political goals, such a human rights, he occasionally (or during the process of) hacks “regular” commercial enterprises.

CyberZeist twitter account

In 2012, CyberZeist hacked the security services company G4S, and published a document that allegedly revealed human rights violations (for more information see the following link). He also leaked a few hundred login credentials that he allegedly obtained by launching a spear phishing attack on US federal employees. Most, recently he uncovered the passwords to dozens of senators’ email addresses, as well as social security numbers and credit card information for senior members of the Democratic party, including Vice President Joe Biden, Senate Minority Leader Harry Reid, House Minority Leader Nancy Pelosi and acting Chair of the DNC Donna Brazile. The information was posted to Pastebin. On December 22, 2016, he even hacked the FBI website and leaked the data on Pastebin.

This post was written by Anna Shulga, Cyber intelligence analyst at IntSights

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
71 Followers
About Intsights
INTSIGHTS delivers powerful early warning of hacking and fraud attacks, via sophisticated cyber intelligence, rapid mitigation and one click remediation. Smart hackers plan their offensive before attacking the perimeter of an enterprise network. Pre- attack, they scout target and collaborate with like minded individuals on the Darknets and hidden online forums, seeking tools and information that can help them achieve their aims. For experienced cyber intelligence operatives, these are clear signals of an impending attack. Intsights expose hackers' reconnaissance efforts, interprets them, and then provides the tools to avert harmful attacks, enabling proactive defense. By uncovering and deflecting surveillance attempts and attack planning so early in the cyber attack chain, Intsights weakens hacker arsenals and dampens their motivation. These timely insights and countermeasures effectively encourage hackers to seek out easier targets. INTSIGHTS answers the growing need for rapid, accurate cyber intelligence and incident mitigation. The company was founded by veterans of elite cyber security and intelligence military units, where they gained a deep understanding of the way hackers think, collaborate and act. Intsights is backed by Glilot Ventures, one of the leading cyber-focused venture capital companies in the world.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel