Cybersecurity researchers took the wraps off a new sophisticated cyber-espionage campaign directed against aerospace and military organizations in Europe and the Middle East with an aim to spy on key employees of the targeted firms and, in some case, even to siphon money.
The campaign, dubbed “Operation In(ter)ception” because of a reference to “Inception” in the malware sample, took place between September to December 2019.
Financially motivated cyber gangs and nation-state threat actors have been successfully exploiting HR for many years to steal valuable trade secrets and conduct economic espionage. These attacks are particularly dangerous because they aptly leverage inherent human weaknesses.
Often, you don’t even need any hacking but to stumble upon a talkative or disgruntled employee who will readily share a great wealth of confidential information either unwittingly or maliciously.
Amid the pandemic, the situation has been exacerbated given that most of the engineers now work from home, having access to an enterprise\’s crown jewels. It suffices to breach and backdoor their machines to get virtually unlimited access to corporate trade secrets. Some threat actors knowingly exploit the COVID-19 mess to cover some inconsistencies or other red flags during an interviewing process, for example, to convincingly explain why they cannot meet in person or send a formal employment proposal.
Organizations should invest in employee training and security awareness in a consistent and reward-oriented manner. WFH infrastructure should be properly inventoried and monitored. Access to corporate data should be provided on the “as-needed” basis with a proactive monitoring of any anomalies. Last but not least, it won’t hurt to hire an external law firm to review your confidentiality and intellectual property clauses in employment contracts.