A recent article in CSO magazine by Maria Karlov talks about the latest wave of data breaches and attacks on corporate intellectual property. Symantec identified a group of cybercriminals, who they originally named Morpho, that target research and other intellectual property from corporations. The group is currently named Butterfly, but don’t let the name make you think they are pretty and harmless.
Butterfly may be an independent group who wants to steal intellectual property for financial gain. Twitter, Facebook, Apple and Microsoft are among those that were attacked. The group is very sophisticated and some members may be based in the US, which may be why many of their targets are US companies.
One theory is they are stealing this information for insider trading in the financial markets. That would be very difficult to verify, since billions of dollars are traded on markets daily. Given the level of sophistication in the attacks, it’s unlikely this group would leave a trail of breadcrumbs on their financial activities.
Another possibility is they might be hackers for hire. There are two ways for a company to get into a market quickly. They can develop a product or service that is better than the competition or they can acquire a product or service. The latter can be done legally through acquisition or licensing. Or it can be done illegally through theft.
Corporate espionage is nothing new, but today the stakes may be higher for the victims and the beneficiaries. If a new pharmaceutical company wants to jumpstart operations, it would be time consuming going through the normal R&D and regulatory approval processes. The same applies to manufacturing companies and any organization that creates valuable intellectual property. In business, time is money. It would be faster to steal the designs, formulas or process information from a competitor. That could undercut the competitor’s business quickly and jumpstart your own.
One way to prevent stealing your intellectual property is to protect the data itself when you create it. It is obvious that Butterfly can get through network and system perimeter security, since they have successfully stolen a lot of intellectual property. It is unlikely that any of the stolen information was encrypted or given any type of persistent protection. By encrypting the data and applying persistent security policies to it, it renders the stolen information useless to anyone not authorized to access it. This applies to information on file servers, desktops, mobile devices and content repositories.
Groups like Butterfly will continue to proliferate as long as there is data to steal and money to be made. Protect yourself by rendering anything they steal useless.
Photo Credit flatluigi