Don't like Russian cyberspies? Tips to stop state-sponsored hackers

Don't like Russian cyberspies? Tips to stop state-sponsored hackers

Russian cyberspies and other state-sponsored hackers remain a serious threat

Be wary around random, but legitimate-looking emails popping up in your inbox. A foreign government may be using them to try to hack you.

That may sound far-fetched, but Russian cyberspies allegedly stole sensitive files from Democratic groups and figures using this very tactic. In some cases, the spoofed emails pretended to be from Google and managed to trick victims into giving up their login details, paving the way for a series of high-profile hacks that rocked this year’s presidential election.

But even as the presidential race is over, cybersecurity experts warn that state-sponsored hackers remain a dangerous threat. Political organizations, businesses, and universities all should be on guard -- you’re probably already in their crosshairs.

A persistent threat

Russian cyberspies gained particular notoriety this year. U.S. intelligence agencies have blamed them for allegedly carrying out hacks meant to influence November’s election. Among their methods: breaking into the personal email accounts and networks of their victims and then leaking the stolen documents online.

“I do think the Russian campaign has been very successful in accomplishing its objective of weakening American democracy,” said Dmitri Alperovitch, CTO of security firm Crowdstrike.

The suspected Russian cyberspies also have no reason to stop. Since the presidential election, they’ve been found going after U.S. think tanks and even the German government with the consistent use of email attacks designed for espionage.

However, Alperovitch said potential targets of state-sponsored hackers can still fend off the threat. His company is among those providing a security product that goes beyond monitoring for computer viruses and can track for any unusual activity occurring on a system. This can be particularly useful in detecting hacking tools Russian cyberspies tend to favor, which often masquerade as legitimate computer processes secretly tasked to steal files.  

 “I think the problem is people are relying on legacy technologies to stop these attacks,” he said. “These tools are clearly failing.”

screen shot 2016 11 10 at 11.04.49 am Fancy Bear

Russian hackers have been blamed for targeting U.S. political targets.

Struggling to keep up

Although suspected Russian cyberspies became a major topic in this year’s U.S. election, state-sponsored hackers have been around for years, often times stealing sensitive data or intellectual property from businesses and government agencies. In addition to Russia, China, Iran, and the U.S. National Security Agency have all been implicated in various cyberespionage incidents. 

So why do the hackers keep on succeeding? Some of that blame can go to the victims, many of whom don’t fully understand how to deal with the threat, said Peter Firstbrook, an analyst with research firm Gartner.

“Customers are looking for a magical button to stop all these threats,” he said. Businesses will then buy the tools and assume they’re safe, when in reality they aren’t properly being used.

For example, many businesses often fail to install security patches with their IT products -- including the antivirus software -- exposing them to hacks that otherwise could have been prevented. They may also ignore the warnings that pop up from security software, believing them to be a false positive. Or they’ll even forget to turn the software on.  

However, in other cases, the businesses had limited expertise on staff to deal with the cyberthreats the security tools encountered.

“If you buy the tools without hiring the right people, you are not going to solve your nation-state hacking problem,” Firstbrook said.

The need for vigilance

For businesses and institutions struggling to recruit security talent, they can consider outsourcing that role to a company like Dell SecureWorks. It is among the vendors that can step in and manage or consult an organization’s IT security.

Phil Burdette, a researcher with the company, noted that foreign government hackers aren’t necessarily using state-of-the-art hacking techniques. Russian cyberspies, for instance, keep resorting to sending phishing emails as a way to steal a user’s password login information.

“There’s always a lot of emphasis on zero-day exploits and the attackers using the most sophisticated methods,” he said. But in reality, state-sponsored hackers tend to “use the path of least resistance.”

To prevent data breaches, users and business should consider implementing two-factor authentication with their email accounts and online services, Burdette said. In that way, the hackers can’t break in with only a stolen password.

He also recommends that organizations partner with specialists who routinely investigate state-sponsored hackers. Often times, a business with less cybersecurity experience will assume it has foiled an attack only to realize the hackers were just getting started.

He also warned that no organization should assume they haven’t already been attacked. Security researchers are continually finding new evidence to suggest state-sponsored hackers were successful years before their intrusions were spotted -- the initial attack simply went undetected.

“We are getting better at learning how bad we are losing,” Burdette said.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.



The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments