Mercenary hacker groups are ushering in a new era of Espionage-as-a-Service.
Although recent cyber attacks have been loud and damaging to companies like Sony, JPMorgan Chase and Home Depot, the much larger threat stems from mercenary hacker crews who are stealing billions of dollars of valuable technology secrets every year from U.S. companies on behalf of paying clients, Taia Global warns.
The groups carrying out so-called Espionage-as-a-Service (EaaS) attacks are said to range in size and skill, and can be carried out by anybody from an amateur to an ex-spook. In addition, these hackers have no nation-state affiliation and are well-paid, available for hire whether it’s a Chinese millionaire like Su Bin, a Russian oligarch or a western business competitor of the company being targeted. The aerospace industry is among the hardest hit, but any company who is investing in high value research and development can be a target, the firm explains.
“They are rarely discovered is due in part to their skill level and in part to being mis-identified as a state actor instead of a non-state actor if they are discovered. The low risk of discovery, frequent misattribution to a nation state, and growing demand of their services ensures that the EaaS threat actor will flourish in the coming 12 to 24 months,” urges Jeffrey Carr, Taia Global President and CEO.
A new website, aptly named Hacker’s List, seeks to match hackers with people looking to gain access to email accounts, take down unflattering photos from a website or gain access to a company’s database. In less than three months of operation, the New York Times reveals that over 500 hacking jobs have been put out to bid on the site, with cyber thieves vying for the right to do the dirty work.
“In just the last few days, offers to hire hackers at prices ranging from $100 to $5,000 have come in from around the globe on Hacker’s List, which opened for business in early November,” NYT’s Matthew Goldstein writes. “The rather matter-of-fact nature of the job postings on Hacker’s List shows just how commonplace low-profile hacking has become and the challenge such activity presents for law enforcement at a time when federal and state authorities are concerned about data security.”
Data breaches are seemingly more common than ever before. The hackers freelancing for the listing service will have varying skill levels, but, as Mashable‘s Christina Warren put it, everyone should have the expectation that “our privacy and security are finite and will probably be breached.” In fact, the theft of intellectual property is estimated to cost the U.S. $300 billion per year, according to a report by the IP Commission. It’s becoming increasingly clear that IP and data theft is a growing epidemic, but it can be prevented. In the meantime, you can read all about hackers for hire here.