Sydney Outsourced IT Services Blog
Who Has Been Impacted by Chinese Cyber Attacks?
At the beginning of the year, the FBI warned businesses to protect themselves from cyber attacks by foreign entities, saying activity has spiked in the past 18 months.
Hewlett Packard and IBM are among the businesses most recently targeted. There’s a National Counter-Intelligence and Security Center that manages intelligence efforts for the U.S. government. It recently launched a campaign to address continuing threats. The center warns that many companies need to be more to protect against cyber theft.
Foreign governments accused of cyber attacks against the U.S. include Russia, China, Iran and North Korea, with China receiving the most scrutiny in recent reports.
How Do Hackers Breach Company and Government Security?
According to Entrepreneur magazine, hackers create fake social media accounts to get people to reveal work and personal information. One of the ways to guard against bad actors is to carefully scrutinize social media requests from people that aren’t personal connections and to research apps before using or downloading them, as well as keeping antivirus software up-to-date.
The FBI warning including a brochure entitled, “Know the Risk, Raise Your Shield” that targets federal employees. The recent warnings follow a string of cases against individuals and organizations accused of stealing proprietary information from U.S. government and businesses.
Nine cases filed since July 2018 include two hackers investigators say are linked to the main Chinese spy agency. Knicknamed APT 10, they allegedly stole corporate and government information via cyber attacks on employees.
Has There Been an Uptick in Recent Activity?
The breach of private businesses by Chinese hackers first hit news headlines in 2014, when Sony Pictures was hacked. This prompted an agreement in 2015 between Chinese President Xi Jinping and then President Barrack Obama that curbed cyber attack for a while.
At FireEye, a cybersecurity firm, analysts track hackers working on behalf of the Chinese government. The firm’s representative says attacks are on the uptick recently. These hacking groups are referred to as Red Leaves, cloudhopper, and APT10.
Managed Service providers are among the groups targeted. MSPs supply technology, telecommunications and other services to business clients. If they can break the security systems of such companies, Chinese hackers gain access to the sensitive data of the MSP’s clients.
APT10 has routed malware via an MSP network to its business targets. However, there are many steps businesses can take to protect their employees and data from prying eyes in cyberspace.
What Should Business Do to Raise Their Shields?
U.S. businesses should take proactive measures to safeguard against cyber attacks from Chinese hackers via email, social media and other points of entry.
This includes ensuring that advanced detection tools are utilized on network and email servers to safeguard access to company data. Regular threat assessments and employee training can help. This provides a diagnosis of the state of a firm’s cyber defenses regarding advanced persistent threats that attempt to find breaches in the company’s firewall. Precautions taken against the intrusion of foreign governments include:
- Fortify access controls. Evaluate the plans, policies, and procedures that govern corporate technology to keep proprietary data safe. This could include that installation of multi-factor authentication (MFA), data encryption and solidifying a layered defense system on all possible points of cyber attacks.
- Training. Make cybersecurity education and training a top priority. Everyone from the Board of Directors and C-Suite to individual employees needs to understand how to avoid cyber attacks by avoiding fake emails, malware and weak password strategies, among other efforts.
- Incident response plan. Organization leadership and key technical personnel must develop a protocol for dealing with threats. This should include representatives from business administration, information technology and operations.
- Crisis communications plan. Align the protection policy to risk management methodologies and the business needs of employees.
- Adopt a monitoring, detection and response plan. Quickly detect intrusions and breaches via rapid-respond plans to effectively eradicate the malware or other methods of entry.