Mercenary Hackers Offer Espionage-as-a-Service

Although the Sony attack was loud, damaging and hugely embarrassing to the company, the bigger threat is from mercenary hacker crews who steal billions of dollars of valuable technology secrets every year from companies on behalf of paying clients according.

This was the stark warning today from Jeffrey Carr, president and CEO of cyber security firm Taia Global.

Speciality shops

“These mercenary hacker groups range from small groups with little funding to speciality shops run by ex-government spooks to highly financed criminal groups who use similar if not identical tactics to nation state actors,” said Carr, the author of a new report on the subject. “That they are rarely discovered is due in part to their skill level and in part to being mis-identified as a state actor instead of a non-state actor if they are discovered. The low risk of discovery, frequent mis-attribution to a nation state, and growing demand of their services ensures that the EaaS threat actor will flourish in the coming 12 to 24 months.”

The FBI filed a criminal complaint last summer and a federal grand jury subsequently indicted Su Bin, the President of Lode-Tech. Bin was charged with five counts of conspiracy on a cyber espionage campaign that was in operation from at least 2010 until 2014. The hacker crew that he hired wasn’t named and is presumed to still be active. Stolen technologies included information about the F-35, F-22, and C-17 aircraft, and according to the criminal complaint, the hackers claimed that they were in a position to breach the network of Brahmos Aerospace, a joint venture between the Indian government and a Russian joint stock company.

“This report reveals details on EaaS operations culled from court documents, published papers, and personal interviews that I’ve had with Russian and Chinese hackers,” said Carr. “It also helps companies understand how to defend against this new type of threat actor.”

Mercenary hacker groups are small, skillful, well-paid and have no nation-state affiliation. Instead, they are hackers for hire, whether it’s a Chinese millionaire like Su Bin, a Russian oligarch or a western business competitor of the company being targeted. The aerospace industry is among the hardest hit, but any company who is investing in high value research and development can be a target. Taia Global’s report “The TRIES Framework: Counter-Reconnaissance against EaaS Threat Actors” is available for download at TaiaGlobal.com.

Do you know everything there is to know about hackers? Take our quiz!

Duncan Macrae

Duncan MacRae is former editor and now a contributor to TechWeekEurope. He previously edited Computer Business Review's print/digital magazines and CBR Online, as well as Arabian Computer News in the UAE.

Recent Posts

Apple Slashes iPhone Prices In China

Amid intense competition from Huawei and others, Apple has again slashed the price of its…

1 hour ago

Bitcoin ‘Creator’ Craig Wright Repeatedly Lied, Rules UK Judge

Damning ruling by British judge, after he rules that self-proclaimed bitcoin inventor lied 'repeatedly' to…

2 hours ago

Julian Assange Granted Right To Challenge US Extradiction Order

High Court rules Wikileaks founder Julian Assange can appeal against extradition to the US, despite…

3 hours ago

Tesla Layoffs Continue With Another 600 Jobs In California

Regulatory filing last week shows Elon Musk's Tesla is cutting another 600 jobs in California,…

5 hours ago

UK Regulator Declines To Investigate Microsoft’s Mistral AI Deal

Weeks after seeking feedback on Microsoft's partnership with Mistral AI, UK regulator says it does…

8 hours ago

UK AI Safety Institute To Open Office In US

Seeking collaboration on AI regulation, UK's AI Safety Institute to cross Atlantic and will open…

9 hours ago