A National Security Imperative: Protecting Singapore Businesses From Cyber-Espionage

[InfoSec News <alerts () infosecnews org>]

http://www.eurasiareview.com/08052013-a-national-security-imperative-protecting-singapore-businesses-from-cyber-espionage-analysis/

By Senol Yilmaz
RSIS
May 8, 2013

OVER THE PAST few decades, Singapore’s economy has moved up from a mere 
producer of material goods to a creative inventor of ideas. This success 
stands on two main pillars: Firstly, heavy investment has been made in 
education as well as research and development. Secondly, the rigorous 
protection of intellectual property rights has reassured investors that 
their patents, trademarks, and trade secrets are safe and that their 
investments will pay out. Singapore’s innovation-friendliness is ranked 
in the list of the 20 most innovative countries in the world by the 
Economist Intelligence Unit; the World Economic Forum’s latest Global 
Competitiveness Report lists Singapore’s intellectual property 
protection regime second only to Finland’s.

However, with the widespread and growing use of cyber-espionage, this 
success could be undone quickly and quietly. The vast majority of 
companies store their secret business information digitally, whether it 
is formulas, production processes, or customer lists. The advantages 
over paper-based storing are obvious: digital storage is more cost 
effective and data can be accessed more comfortably by employees. But it 
also means that cyber-spies who gain access to a company’s IT network 
can steal enormous amounts of business secrets cheaply, easily and with 
little risk of detection.

A popular method of gaining illegal access is “spear-phishing”, as 
happened in the case of a medium-sized Swiss manufacturing company 
recently. The sales manager received a legitimate sounding e-mail 
supposedly from a potential client. He double-clicked on the attached 
file, assuming it contained an order. In reality, the attachment 
installed malware, or malicious software, on the sales manager’s 
computer. Subsequently, the malware opened a virtual door that allowed 
the perpetrator to access and search for information on the company’s 
computer network and allowed transferring data to the perpetrator. In 
this or in similar ways, companies’ innovations that may cost millions 
to develop can be stolen with malware that costs hundreds.

The perpetrators in these cases are difficult to identify as they can 
conceal their real identity and physical location. While many states 
engage in political and military espionage, experts argue that Chinese 
organisations are especially active in economic espionage with their 
government at best turning a blind eye to such activities.

[...]

______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org