- 10 Hot Big Data Startups to Watch
- 11 Unique Uses for Google Glass, Demonstrated by Celebs
- How to Export Your Google Reader Account
- How to Better Engage Millennials (and Why They Aren't Really so Different)
Network World - This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.
The country's most sensitive information is not always secure, despite what most citizens believe.
Nation states like China, Lithuania and Russia are deploying targeted, customized attacks controlled by humans in order to gain access to the intellectual property (IP) of government agencies, pharmaceutical companies, security organizations and other high-profile institutions. These advanced persistent threats (APT) are placing massive bodies of knowledge at risk.
Imagine what could happen if a hostile nation breached the Department of Defense and was able to access classified information on plans for smart bombs or biological warfare. Or picture a cybercriminal locking in on a pharmaceutical research lab, closing in on the cure for AIDS, hacking the system and selling the illegally obtained formula to the highest bidder. It's not unheard of. In fact, intellectual property is fast becoming one of the most profitable products on the black market.
In a recently released report, the National Aeronautics and Space Administration (NASA) disclosed it received 47 APT attempts, 13 of which successfully infiltrated agency computers in 2011. Breaches in NASA's IT networks can negatively affect national security or lead to significant financial loss. In addition, this type of threat leaves NASA's proprietary information and even blueprints for some of nation's most competitive technological innovations vulnerable. [Also see: "2011's biggest security snafus: Was this the year of the advanced persistent threat?"]
In fact, one of the 13 attacks reported in 2011 targeted the Deep Space Network at the Jet Propulsion Laboratory (JPL) and was linked to Chinese IP addresses. According to NASA, with full-system access to key JPL networks undetected intruders could:
· Modify, copy, or delete sensitive files.
· Add, modify, or delete user accounts for mission-critical JPL systems.
· Upload hacking tools to steal user credentials, further compromising other NASA systems.
· Conceal their actions by modifying system logs.
The JPL breach is still under investigation by the Office of the Inspector General.
NASA is just one of the thousands of companies considered "target-rich," meaning their IP and other sensitive data is ripe for cyberattacks and, more specifically, for APT. In 2011, Lockheed Martin, the country's largest defense contractor, was the target of a massive APT when its VPN access system was breached. Fortunately for Lockheed Martin the threat was detected almost immediately, averting potential disaster.
Since these attacks are customized and targeted, many go undetected by traditional security measures which are only able to blacklist known malware. And the persistent nature of the attack allows the hacker to modify codes and strings until it finds one that can stealthily permeate the enterprises' security system. In fact, the number of APTs detected by antivirus perimeter defenses can be as low as 25%, meaning the majority are free to continue with malicious activities.