Should You Worry About State-Sponsored Cybercrime?

August 27, 2015 |
Cyberattacks ahead

If there’s one thing recent cyberattacks on compromised government personnel data should have taught us, it’s that state-sponsored cybercrime is far more than just a bogeyman story made up to frighten IT professionals. One recent example is where Chinese hackers are thought to have stolen government data relating to background checks on 21.5 million people – exactly the kind of thing a federal agency wouldn’t want falling into the hands of a foreign power.

And, of course, there was the Sony hack of November 2014, for which North Korea has almost universally been blamed. Rarely, if ever, has a cyber attack had such a clear ideological motivation.

However, if you’re not a federal agency responsible for national security, or about to release a movie that directly insults head of states, you may still be under the impression that state-sponsored cybercrime isn’t something you have to worry about. Surely the majority of US businesses don’t hold data that would be of value to China, Russia and North Korea, right? Surely you only have to protect against opportunistic thieves and disgruntled employees?

Unfortunately, the evidence points in another direction entirely.

Industrial Espionage

One of the best-documented cases of state-sponsored cybercrime is the activity of Unit 61398 of the People’s Liberation Army, which was detailed in a report from Mandiant back in 2013 and ultimately led to the US indictment of five individuals the following year.

Considered at the time to be the world’s most prolific advanced persistent threat, the group appears to have engaged – and may still engage – not in gathering state secrets, but in profit-motivated industrial espionage.

Known targets have included Westinghouse, SolarWorld, US Steel and Alcoa, with the hackers stealing business intelligence, intellectual property, documents on trade disputes – anything that might allow them to undermine US businesses’ competitiveness on the global market.

The Risk to Critical Infrastructure

Another important hacking target for state actors is critical infrastructure. Earlier this year, a study from the Organization of American States and Trend Micro found almost half (44 percent) of critical infrastructure suppliers in North and South America have experienced cyber attacks in which hackers attempted not to steal data, but to destroy it – presumably efforts to disrupt services essential to the very fabric of society.

It may be only a matter of time before we see a major state-sponsored cyber attack on an electricity, water or gas company here in the states, potentially with devastating consequences. According to a recent report from the UK insurance market Lloyd’s, if hackers were to shut down enough of the US power grid to plunge 15 states and Washington DC into darkness, it could cost the country’s economy as much as $1 trillion – not to mention cause mortality rates to rise, international trade to decline, and transport networks to collapse.

Attacks in Other Industries

Even then, this only covers a fraction of the industries that may well be targeted – if they haven’t already – by state-sponsored cybercrime. It’s been suggested that the cyberattacks on government data was carried out by the same group who had previously stolen data from the health insurers Anthem and Premera Blue Cross, and who would later target United Airlines.

Why would a single entity go after such a wide range of organizations? According to some, it’s because China isn’t just interested in gathering discrete items of intelligence, but in building a massive database of US officials and government contractors that can be cross-referenced: their clearance, their movements, their medical records. And they’re willing to attack almost anyone to do it.

Speaking to Bloomberg, Rosita Dellios of Australia’s Bond University commented: “Usually in cyber strategy, it is critical infrastructure like energy grids, transportation, and satellites that are mentioned.

“Here we have a whole class of people crucial to US security being targeted.”

Could your business be the next to fall to a state actor? Or have you taken the steps necessary to defend your data against even the most sophisticated forms of cybercrime?

Read more about Cryptzone’s security solutions for federal government, critical infrastructure and healthcare.

Back to Blog Home

Leo Taddeo

Leo Taddeo
Chief Security Officer

Leo Taddeo is the Chief Security Officer (CSO) for Cryptzone, a provider of dynamic, context-aware network, application and content security solutions. Taddeo, former Special Agent in Charge of the Special Operations/Cyber Division of the FBI’s New York Office, is responsible for analyzing the cybersecurity market to help shape Cryptzone’s vision for security solutions. Taddeo provides deep domain insight into the techniques, tactics and procedures used by cybercriminals, to help Cryptzone continue to develop disruptive solutions that enable customers to defend against advanced threats and breaches.

Prior to Cryptzone, Taddeo led more than 400 agents and professional support staff in cyber investigations, surveillance operations, information technology support and crisis management for the FBI. He oversaw high profile cases, including Silk Road, Blackshades and JP Morgan.

Previously, Taddeo served as a Section Chief in the International Operations Division, where he managed FBI operations in Africa, Asia and the Middle East. Taddeo has held various roles of increasing responsibilities in the field, including supervising a joint FBI/New York City Police Department Joint Terrorism Task Force and serving as the Legal Attaché in Rome, Italy.

After receiving his degree in applied physics from Rensselaer Polytechnic Institute in 1987, Taddeo served as a tank officer in the U.S. Marine Corps. In 1991, he was awarded a Purple Heart and Bronze Star Medal for valor for service in the Gulf War. Taddeo then earned a Juris Doctor from St. John’s University and joined the New York law firm of Mound, Cotton & Wollan, where he practiced civil litigation until entering the FBI.

Taddeo is a graduate of the CISO Executive Program at Carnegie Mellon University. He also maintains the Certified Information Systems Security Professional (CISSP) and GIAC Certified Incident Handler certifications.

Leave a Reply

Your email address will not be published. Required fields are marked *