Friday, January 16, 2015

Mercenary Hacker Crews Offering Espionage-as-a-Service Are On The Rise

We published our new report on Espionage-as-a-Service today. Here's a copy of the press release along with a link to the report itself.

MCLEAN, Va.Jan. 16, 2015 /PRNewswire/ -- Although the Sony attack was loud, damaging and hugely embarrassing to the company, the bigger threat is from mercenary hacker crews who steal billions of dollars of valuable technology secrets every year from U.S. companies on behalf of paying clients according to Jeffrey Carr, President and CEO of Taia Global, Inc.
"These mercenary hacker groups range from small groups with little funding to specialty shops run by ex-government spooks to highly financed criminal groups who use similar if not identical tactics to nation state actors," according to Carr, the author of a new report on the subject. "That they are rarely discovered is due in part to their skill level and in part to being mis-identified as a state actor instead of a non-state actor if they are discovered. The low risk of discovery, frequent misattribution to a nation state, and growing demand of their services ensures that the EaaS threat actor will flourish in the coming 12 to 24 months."
The FBI filed a criminal complaint last summer and a federal grand jury subsequently indicted Su Bin, the President of Lode-Tech. Bin was charged with 5 counts of conspiracy on a cyber espionage campaign that was in operation from at least 2010 until 2014. The hacker crew that he hired wasn't named and is presumed to still be active.  Stolen technologies included information about the F-35, F-22, and C-17 aircraft, and according to the criminal complaint, the hackers claimed that they were in a position to breach the network of Brahmos Aerospace, a joint venture between the Indian government and a Russian joint stock company.
"This report reveals details on EaaS operations culled from court documents, published papers, and personal interviews that I've had with Russian and Chinese hackers," said Carr. "It also helps companies understand how to defend against this new type of threat actor."
Mercenary hacker groups are small, skillful, well-paid and have no nation-state affiliation. Instead, they are hackers for hire, whether it's a Chinese millionaire like Su Bin, a Russian oligarch or a western business competitor of the company being targeted.  The aerospace industry is among the hardest hit, but any company who is investing in high value research and development can be a target. Taia Global's report "The TRIES Framework: Counter-Reconnaissance against EaaS Threat Actors" is available for download or by calling Mr. Jeffrey Carr at (855-777-8242).

No comments:

Post a Comment