Jan 18 2016

Protecting Philadelphia Companies from Chinese Hacking – Part 1

Last night, 60 Minutes ran a segment on China’s massive theft of intellectual property from US businesses.  http://www.cbsnews.com/news/60-minutes-great-brain-robbery-china-cyber-espionage/ The episode highlighted that the Chinese government is using its military and intelligence services to give its companies an edge over US business, by stealing our trade secrets.

 

My Team and I spent a number of years working at US Cyber Command and the National Security Agency. We saw first hand just how prolific this theft was.  I’ve spoken numerous times on this issue but often feel like Cassandra, the Prophet of Trojan War fame; Few people want to listen to the news of doom and destruction.

 

Kidding aside, the threat to local businesses is very real.  I have been very proud of our region’s ability to develop new technologies. We have a thriving ecosystem of venture capitalists and entrepreneurs. Philadelphia PACT and partners just put out a white paper detailing just how successful businesses in the Delaware Valley have been in creating and innovating – over 660 deals valued at over $11.3 billion in the past five years.  Our success is also a bullseye for Chinese hackers… Why try to out develop or compete fairly against US companies, when its so easy just to steal their hard work and create clones or knock offs?

 

The 60 Minutes article quoted a cyber expert who outlined how a company fell victim to a phishing attack (a word document was embedded with Malware that allowed the attackers to exploit a weakness in computer security).  This method continues to be successful and as such, is widely used. More technology is not the answer, but training and education are. Here at Layer 8 Security, we often say, “Cybersecurity is a people problem.” No matter how much money you spend on technology security, unless you educate and train your teammates, you leave a huge vector for potential hackers open.

 

There are effective ways to teach cyber hygiene. Taking time to discuss cyber awareness will pay dividends. Make this your New Year’s resolution.

 

Jeff ‘Cassandra’ Lipson
BACK TO BLOGS