Recently, my wife introduced me to my new favorite show, Drunk History. If you haven’t yet seen it - and you have a sense of humor - you should seek out this hilarity immediately.
In one of the better episodes, the inebriated guests and host taught me something no sober teacher ever did: Alexander Graham Bell likely stole the idea for the telephone from one of his main competitors by way of insider theft and data exfiltration at the patent office.
It seems that even before the computer or networks were invented, the enabling techniques we now most associate with cybercrime were alive and well.
In a successful business, a competitive advantage is something that makes you better than the competition. More desirable, affordable or maybe even trendier. It’s that new twist on an old product or a new product altogether - somehow at a cheaper price.
Whatever it may be, it gives you an edge and the other guys want it.
Nowadays, they’re quite often able to take it. And, due the pandemic immaturity of cyber defenses that exists across the business landscape, they can pull it off more easily and anonymously than ever before using the tools and tricks of the ubiquitous cybercriminal.
In fact, hacking the competition is more commonplace than publicly acknowledged or reported. From the NFL to Major League Baseball teams and companies in just about every industry sector, it’s happening a lot. As if the “traditional” cyber bad guys weren’t hard enough to defend against, right?
Just take a look at sampling of recent headlines:
And, as if Deflategate wasn’t bad enough, the NFL’s New England Patriots were accused of gaining a literal competitive advantage for themselves:
The list above could easily contain dozens more reported events just in 2015 alone - and, worse yet, thousands of undetected, unreported events.
It would seem that hacking is everyday business for organizations just as much as it is for the cybercriminal. Intellectual property, proprietary designs, financial reports, personnel information, customer data and much more are all center-mass targets for other companies seeking a leg up over yours.
Companies use all the same techniques as the bad guys too. From malware to social engineering, corporate hackers prove each week what the bad guys already know - it’s much easier to attack than defend.
What’s more, they don’t even have to engage in these dirty activities themselves.
With the emergence of the Dark Web as cybercrime’s illicit marketplace, hacking tools and cyber “hit man” services can be bought to launch everything from spear-phishing attacks, malware-laden spam campaigns and DDOS hits on a rival.
In one of the most famous recent cases that goes all the way back to 2011, the head of Russian payment processing company Chronopay hired a hacker to DDoS his main rival in order to win a contract award due to perceived instability and performance issues.
The Case for Cyber Threat Intelligence (and Counterintelligence too!)
Combine all this corporate hacking for competitive advantage with all the “regular” hacking going on out there each week and cyber defense for most all businesses becomes a kind of Gordian Knot proposition.
But just as with that famous knot, using some “outside the loop” approaches can help companies cut through the binds.
These days, most businesses that even do cybersecurity at all still do what they’ve always done, buy what they’ve always bought and hire who they’ve always hired. Against what appears to be an unsolvable cyber problem, these overwhelmingly tactical defense activities are viewed as, well, all you can do.
Enter cyber threat intelligence and a better level of situational awareness.
Just as is performed by most state-level security and intelligence organizations, corporate cyber threat intelligence is just a flavor of the same sorts of things they too use to know their enemy, know their own risk profiles and prepare and plan for (and respond to!) existing and emerging threats.
As some businesses are starting to learn, getting strategic about cybersecurity and cyberdefense is becoming just as much a key part of their operations as it is to get strategic about finances, product development, hiring, marketing or sales.
Corporate hacking activities highlight this fact even more, as their targeting is more direct, more fundamentally meaningful to the success (or failure) of your business. In other words, they’re purposefully trying to steal your competitive advantage and put you out of business.
By committing to always knowing what you are as a target and what threats map to those vulnerable areas, it’s possible to be better prepared over the long term and make better use of all those pricey tactical defenses.
In short, cyber threat intelligence is decision support.
The sharp rise of cybercrime has taught us that it’s not possible to stop the hits from coming, it’s only possible to detect them as quickly as possible and react not only to limit the damage but to learn more about your adversary and yourself from the incidents as they occur. Developing cyber intelligence functions yourself or leveraging the services of those who provide the expertise enables you to do so.
Now, with the equally sharp rise in corporate hacking, executives also need intelligence to rely on in their tactical and strategic decision-making just as the leaders of nations do.
With cyber correctly being seen now by the most forward-thinking companies as a business problem versus a purely technical one with real impacts that can be felt throughout the corporation, it partners and customers, it’s time to learn that cyber intelligence is just competitive intelligence by another name.