This month, InformationWeek published an article under its information security community site, DarkReading. Titled, 6 Shocking Intellectual Property Breaches, the article takes a look at one of the darker sides of cybercrime. When major hacks and breaches of security occur, usually it is for access to personal financial information (bank account numbers, credit card numbers, etc.) or personal identification information (social security numbers, license numbers).
The damage these types of breaches cause can sometimes be irreparable for victims whose identities were compromised. It can also mean significant financial losses for the organization while creating a perceived loss of credibility. The information week article, however, looks at a different type of hacking – the theft of intellectual property.
The article points out many breaches where attackers were after sensitive data at Coca-Cola. Cybercriminals used a combination of spear-phishing tactics to exploit employee systems and steal passwords from an executive. The information they were after wasn’t Coke’s top secret formula for its cola, but rather information on a juice group in Asia which Coca-Cola was hoping to conduct a $2.4 billion acquisition. Sony is another company featured in the article. A breach in 2014 which garnered major media attention, occurred when hackers stole details of Sony’s IT infrastructure which gave them access to copies of TV pilot scripts, full movies (some that hadn’t even been released) and sensitive emails between industry executives and A-list talent.
A loss of intellectual property can spell disaster for a company. Competitors can get a hold of product information to gain an advantage in the market place. Or as in the case of Sony, products can be leaked to the online community, drastically reducing or even eliminating a profit margin on these items. Businesses of all sizes, big and small, should have protections in place to guard against unauthorized network access and security breaches.
Ways to Guard Against Intellectual Property Theft
Endpoint Antivirus Security
Hackers often get into organizations via Malware. Enterprise-level antivirus protection through an endpoint security platform ensures that all of the servers, workstations, and computer peripherals in an office’s IT environment are protected against viruses and malware.
Firewalls monitor network traffic in and out of an organization and can identify, isolate, and block suspicious activity. As many hacks occur outside of an organization, a firewall is essentially a layer of armor protecting the organization’s intranet from attacks over the internet.
Password and Credential Management
Businesses need to ensure that their employees have strong passwords for applications, and that each employee uses their own passwords (i.e. there is no one password shared among multiple employees). Additionally credential management such as automatically logging users out of applications after periods of inactivity or restricting access to certain applications to high-level executives helps to protect password and application credential information from falling into the wrong hands.