They may operate in countless sectors, but tech organizations have one thing in common: as leaders in innovation and holders of large amounts of customer information, including sensitive government data, security is crucial. But tech companies take an average of 187 days to identify a data breach, equating to a loss of between 10 and 99 million records per incident for large organizations. Cyber attacks on the tech sector have been so detrimental that at a White House summit in August 2021, several Big Tech companies made multibillion-dollar commitments to address security weaknesses and improve lackluster cyber defenses.
The threat to technology
There are many reasons why hackers would be motivated to target organizations that provide technology solutions. As a rapidly evolving industry, tech holds high-value future product plans, financial data, and customer information that can be sold or held for ransom. Intellectual property and proprietary information are capable of providing other companies with a significant competitive advantage, making them an attractive target for competitors or opposing threat groups.
Tech companies also hold data belonging to all the companies they work with, which can include utility firms, healthcare organizations, and even government bodies. An attack on their systems could expose their clients to a similar fate. State-sponsored threat actors are also often interested in collecting intelligence from tech organizations to help them defeat the security countermeasures of other companies around the world, thereby enabling future data theft.
The ever-growing cybersecurity skills gap is also a threat to the industry, with hackers often deliberately targeting smaller organizations that have fewer security professionals. Organizations across all industries are feeling the effects of the skills gap, with cybersecurity job openings now reaching over 500,000 in the US, up 18 percent from 2020. The tight labor market means that security teams are overstretched, undertrained, and overworked, with less time to focus on mitigating risks within their own organization.
When hackers attack technology
One of the latest and widest-reaching cyber attacks on the technology industry is the SolarWinds breach, identified in December 2020. The campaign used US tech company SolarWinds as a springboard to compromise a host of government agencies, as well as breaching thousands of tech companies including Cisco, Microsoft, Intel, Belkin, and VMware. US intelligence services state that Russia was likely responsible for the breach, which appeared to be an effort to collect intelligence rather than simply cause destruction. The same hacking group is now involved in a fresh wave of activity, compromising the networks of 14 technology service providers.
In the same month as the SolarWinds breach, FireEye – one of the largest cybersecurity companies in the US – was hacked. An arsenal of red team tools were stolen in an attempt to wreck their effectiveness, and the hackers also appeared to be interested in FireEye’s government agency customers. Attacks have continued into 2021, with software company Kaseya hit by “the worst ransomware attack to date”, affecting at least 200 organizations globally, and a data breach exposing the personal information of over 500 million Facebook users, scraped because of a vulnerability in 2019.
Suffering a cyber attack can lead to severe reputational damage among customers, particularly if an organization provides cybersecurity solutions and therefore should be trusted with the detection and prevention of cyber attacks. The reputational repercussions of a data breach can be as damaging as fines or breach recovery costs, with the vast majority (87 percent) of customers willing to take their business elsewhere. And for small or medium-sized enterprises for whom competition is fierce, a damaged reputation can be a blow from which the business might never recover.
Threat intelligence for tech organizations
With many vendors focused on their clients’ technology rather than their own, simple and effective threat detection tools are a must. Cyber threat intelligence can offer businesses an overarching view of cyber risks, but these organizations can struggle to manage and leverage this intelligence for themselves.
Centripetal provides organizations with Zero Trust inspection of all threat traffic, powered by proactive intelligence. Our solution, CleanINTERNET, aggregates a growing base of over 3,500 cyber threat intelligence feeds, using dynamic cyber threat intelligence to analyze and shield threats on your behalf, and delivering comprehensive findings to you via our team of expert threat analysts. These analysts help to bridge the security skills gap and alleviate the burden on internal teams.
The CleanINTERNET solution dramatically increases your cybersecurity posture and helps prevent network infiltration and data exfiltration, providing technology businesses of all sizes with the enterprise-class intelligence and Zero Trust inspection they need to protect their reputation and secure the sensitive data they hold.