Hackers target business secrets Published duration 28 March 2011

image caption Many net-savvy thieves are scouring corporate networks for saleable secrets

Intellectual property and business secrets are fast becoming a target for cyber thieves, a study suggests.

Compiled by security firm McAfee, the research found that some hackers are starting to specialise in data stolen from corporate networks.

McAfee said deals were being done for trade secrets, marketing plans, R&D reports and source code.

It urged companies to know who looks after their data as it moves into the cloud or third-party hosting centres.

"Cyber criminals are targeting this information based on what their clients are asking for," said Raj Samani, chief technology officer in Europe for McAfee.

He said some business data had always been scooped up when net thieves compromised PCs using viruses and trojans in a search for logins or credit card details.

The difference now was that there exists a ready market for the data they are finding. In some cases, said Mr Samani, thieves were running campaigns to get at particular companies or certain types of information.

The McAfee report mentioned cases in Germany, Brazil and Italy in which trade secrets were either stolen by an insider or cyber thieves tried to get hold of via a concerted attack.

In some cases, said the McAfee report, companies made the job of the criminals easier because they did little to censor useful information about a corporate's culture or structure revealed in e-mails and other messages.

Such information could prove key for thieves mounting a "social engineering" in which they pose as employees to penetrate networks.

The report detailed efforts by firms to watch casual and contract employees and the use of behavioural analysis software to spot anomalous activity on a corporate network.

Perimeter defences

Thefts of intellectual property or key documents could be hard to detect, said Mr Samani.

"You may not even know it's stolen because they just take a copy of it," he said.

Defending against these threats was getting harder, he said, because key workers with access to the most valuable information were out and about using mobile devices far from the defences surrounding a corporate HQ.

"Smartphones and laptops have crossed the perimeter," said Mr Samani.

The report comes in the wake of a series of incidents which reveal how cyber criminals are branching out from their traditional territory of spam and viruses.

2010 saw the arrival of the Stuxnet virus which targeted industrial plant equipment and 2011 has been marked by targeted attacks on petrochemical firms, the London Stock Exchange, the European Commission and many others.

Mr Samani said that, as firms start to use cloud-based services to make data easier to get at, they had to work hard to ensure they know who can see that key corporate information.

Otherwise, he warned, in the event of a breach, companies could find themselves losing the trust of customers or attracting the attention of regulators.