Information Technology

(0) attackers < Back

Understanding the cyber threat:

The high tech and IT sector’s relevance to economic, intelligence, and security concerns likely make it a target for a variety of threat actors. The high-tech sector is often ground zero for cyberattacks. One obvious reason is that these organizations have very valuable information to steal. However, another more subtle reason is the very nature of high-tech organizations. High-tech companies generally have a higher risk appetite than their counterparts in other industries. In addition, they tend to be early adopters of new technologies that are still maturing and are therefore particularly vulnerable to attacks and exploits. Parts of the high-tech sector provide a path of attack to other sectors, as hightech products are a key part of the infrastructure for all kinds of organizations. Technology is a key enabler, but it can also be a key source of vulnerability. For example, because of the tremendous need to build trust on the Internet, attacks on certificate authorities have caused serious privacy breaches in a number of industries. In addition, vulnerabilities in pointof-sale systems have led to major security breaches for retailers, and backdoors in communications equipment have exposed organizations in all sectors to a wide range of attacks.

​The global technology market has grown considerably in recent years. According to the Forbes Global 2000 , the 184 technology companies on the list represent more than $9 trillion in market value, $4 trillion in assets, and nearly $3 trillion in sales.

 

These high-tech organizations, as well as those not on the top 2,000 list, come from a wide range of sub-industries, from electronics manufacturing and software development to digital media and space. Although they apply their skills and knowledge to different sectors, high-tech organizations all have something in common: they operate at the cutting edge of technology. Innovation, secrecy, intellectual property and, most importantly, security are imperative.

 

FireEye researchers most frequently detected threat actors using the following targeted malware families to compromise organizations in the high tech and IT industry.

 

 

Thales: Real-Time Cyber Threats in Information Technology

  • Computer Software
  • Information Technology Services
  • Control, Electromedical, Measuring & Navigational Instruments Manufacturing
  • Consumer Electronics & Personal Computer Manufacturing
  • Electronics Component Manufacturing & Wholesalers
  • Logic Device Manufacturing
  • Network Access & Communications Device Manufacturing
  • Networking & Connectivity Software
  • Routing & Switching Equipment Manufacturing
  • Search, Detection, Navigation & Guidance System Manufacturing
  • Security Software
  • Semiconductor Equipment Manufacturing
  • Storage & Systems Management Software

  •  Blueprints
  •  Proprietary Product & Service Information
  • Testing Results & Reports
  •  Production Processes
  •  Hardware & Software Descriptions & Configurations
  • Security & Risk Management Documents
  • Diagrams and Instruction Manuals
  • Marketing Strategies & Plans

The cloud security threat landscape highlighted threat actors’ continued efforts to shift targeting into cloud environments. Data gathered showed that threat actors used a variety of methods to gain initial access into organizations’ cloud assets, with nearly a quarter of incidents stemming from threat actors pivoting into the cloud from on-premise networks. In addition, API misconfiguration issues were involved in nearly two-thirds of studied incidents. This targeting coincided with a robust underground marketplace for cloud-related credentials, with tens of thousands of accounts for sale online. As organizations move into the cloud, threat actors are following right alongside. Maintaining properly hardened systems, enacting effective password policies, and ensuring policy compliance is critical to maintaining a robust cloud security posture.