What is Cyber Espionage and what can you do about it?

18th August 2022

Ransomware attackers are evolving—and so are their motives. Here’s what you need to know about hacktivists and cyber espionage.

States and governments have enlisted hacktivists as their own national “cyber espionage” task forces, funding attackers and handing them sophisticated technology “weapons.” What will the impact be of hacktivists on the warpath? If history is any indicator, entire governments could be destabilized.

Online attackers using ransomware as their weapon of choice are at the top of the cybersecurity headlines at the moment—and with good reason. These attacks have brought major cities and hospitals to a grinding halt. But while most ransomware attackers are usually just out for the ransom itself, attackers known as “hacktivists” attack for reasons besides money. And they’re making a comeback.

“When you watch a film like ‘War Games’ or ‘Hackers,’ they seem childish—not as malicious as they could be,” warned Hector Monsegur, the well-known former hacker, during Pure’s webinar “Ransomware Nightmares? Defend Your Data!” “But we’re in a different era. Hacking can be weaponized.”

What to know about hacktivists, how they’re evolving, and what you can do about it

1. Your current ransomware strategy probably isn’t enough.

Business leaders typically develop emergency plans for dealing with ransomware attackers who only want ransoms paid—which usually means either paying the ransom or designing storage so that data can quickly be replaced. But cyber espionage is a new spin on ransomware in that the attackers who seize data don’t usually want money—they want your data so they can expose it publicly. As The Washington Post reported recently, hacktivists have “capped off a nine-month run of stunning breaches.” In October 2021, when hacktivists published a huge haul of data stolen from streaming site Twitch, including all of the site’s source code, the hackers said Twitch had become a “disgusting cesspool.” The hacktivists wanted publicity for their message, not ransom money.

Could empowering the frontline with data help businesses to stay resilient?
Trending
Could empowering the frontline with data help businesses to stay resilient?

2. State-sponsored hackers are gaining more power.

Hacktivists today are less likely to be ragtag, loosely organized small groups, and more likely to have state money and power behind their attacks. In fact, Microsoft reported that state-sponsored hackers have seen healthy success rates this year, with Russia accounting for 58% of state-sponsored hacks. Most of these attacks targeted government agencies and think tanks in the United States.

When states hire “private-sector offensive actors” (PSOA), the hackers gain access to very sophisticated off-the-shelf tools and open-source penetration testing tools to carry out large-scale cyberattacks. In effect, the PSOAs are operating like a business, selling hacking as a service.

3. Cyber espionage and exfiltration are putting more data at risk.

Cyber espionage is a new flavor of ransomware in which hackers do more homework to identify the biggest payloads from their targets, such as classified, sensitive data or proprietary, intellectual property. If there’s one thing modern ransomware hackers have figured out, it’s that not all data is created equally. In fact, some data isn’t just more valuable—it can have seismic effects when stolen.

A cyber-espionage play can also be used by an adversarial country to undermine other counties. Monsegur noted, “In the rare instance where hackers can obtain intellectual property, say from a manufacturer, they can sell that data upstream to other countries.”

4. Hacktivists have technical know-how.

The exfiltration of sensitive data (along with threats to post it online) can cause even more havoc and scandal—exposing company secrets or even military intelligence. The deliberately recruited and highly valued cybercriminals have the technical expertise to shut down anything from government infrastructures to financial systems to utility resources. They’ve influenced the outcome of political elections, created havoc at international events, and helped companies succeed or fail.

5. Hacktivists often rely on anonymous cryptocurrencies to reduce the chances of getting caught.

Hackers may feel emboldened by the fact that because they’re able to use anonymous tools, they’ll remain underground once the ransom is paid. But that’s not always the case: After the May 2021 ransomware attack on Colonial Pipeline, FBI agents were able to identify the bitcoin wallet the hackers used and recover about half of the $5 million ransom the fuel company had paid. But the hackers remained at large, as did the rest of the ransom.

We think you'll like:

Andy Stone

Unlocking productivity and efficiency gains with data management

Russ Kennedy • 04th July 2023

Enterprise data has been closely linked with hardware for numerous years, but an exciting transformation is underway as the era of the hardware businesses is gone. With advanced data services available through the cloud, organisations can forego investing in hardware and abandon infrastructure management in favour of data management.

The Future of Cloud: A Realistic Look at What’s Ahead

Erin Lanahan • 22nd March 2023

Cloud computing has transformed the way we work, communicate, and consume technology. From storing data to running applications, the cloud has become an essential part of our lives. But what does the future hold for this technology? In this article, we’ll take a realistic look at the future of the cloud and what we can...

Ab Initio partners with BT Group to deliver big data

Luke Conrad • 24th October 2022

AI is becoming an increasingly important element of the digital transformation of many businesses. As well as introducing new opportunities, it also poses a number of challenges for IT teams and the data teams supporting them. Ab Initio has announced a partnership with BT Group to implement its big data management solutions on BT’s internal...