FBI and MI5 Warn Businesses of the Extreme Threat of Chinese Hacking

On July 6, the heads of the FBI and MI5 issued an unprecedented joint statement about the threat of corporate espionage, intellectual property theft and election tampering from China. FBI Director Christopher Wray said that Chinese government-backed cybercrime “poses the biggest long-term threat” to the economic and national security of the U.S., U.K. and their allies. According to Wray, China’s hacking activities are “bigger than that of every other major country combined.” He warned business leaders that China is “set on stealing your technology.”

The U.S. and U.K. security agencies are doubling their efforts to combat Chinese cybercrime. Businesses should do the same. As we noted in a previous article, data loss prevention tools (DLP) can help reduce the risk of sensitive information falling into the wrong hands. Organizations also need security controls that can distinguish nefarious activities from normal user activities.

Interested In Learning More?

Analyzing User Behavior

With today’s remote and hybrid work models, it’s simply not possible to keep sensitive data inside the secure network perimeter. Users need anytime, anywhere access to corporate resources to do their jobs. The challenge, then, is two-fold: determining when data access indicates a threat and preventing that threat from being successful.

For example, it would be normal for a user to download a project file. But if a user downloads all of the project files, that activity should trigger an alert.

There are a number of security tools that perform heuristics across individual behaviors. The word “heuristics” derives from the Greek word for “discover.” Heuristics-based tools analyze user behavior to learn what is normal and use a combination of rules and educated guesses to recognize suspicious activity.

If a potential threat is identified, the software can take action based upon defined policies. In addition to sending an alert to the IT team, the software might change the level of authentication required. For example, the user could be required to answer a challenge question correctly or enter a security code sent via text message.

Controlling the Location of Sensitive Data

Another effective strategy is to geofence sensitive data to make sure that it stays within a particular region. Policy-based control can also require that data stay on corporate-owned devices or even within a defined set of users. If someone tries to send an engineering file to the finance division, for example, security controls should prevent that activity.

It’s also important to ensure that DLP tools can assess more than text. Many hackers and malicious users are exfiltrating data in zip files and images. Organizations need DLP systems that are capable of OCR and detection of data in other media formats. DLP tools should also prevent someone from putting data in a zip file to circumvent security controls.

How DeSeMa Can Help

DeSeMa helps organizations determine where their sensitive data is stored and how to best protect it. We work with organizations of all sizes — small businesses and startups aren’t immune from the threat of hacking and data theft. In fact, small businesses are targeted more frequently than larger enterprises because they typically lack the tools to detect these threats.

Organizations should take the FBI and MI5 warning seriously. DeSeMa can perform a thorough assessment of the IT environment and data assets, and put controls in place to prevent hacking and corporate espionage by state-sponsored cybercrime groups.