Enterprises are not taking the threat of cyber espionage seriously enough and many have not taken adequate steps to prevent an attack, according to a study by Ovum.
Ovum said cyber espionage has been overlooked, and many enterprises are vulnerable to these attacks.
Ovum principal analyst Graham Titterington said cyber criminals are graduating from stealing credit cards and banking credentials to targeting corporate plans and proprietary information.
“They want valuable information such as product and technology blueprints, customer lists, or information that can be used to embarrass or disadvantage a victim,” the analyst said.
The analyst said many enterprises have overlooked cyber espionage in their preoccupation with preventing the theft of financial data.
Enterprises need “to wake up” to the danger or risk losing valuable information and having to deal with the consequences, Titterington said.
Cyber espionage is usually aimed at key individuals within an organization, who are sent ‘spear phishing’ emails containing malicious links or attachments that infect their machines.
The criminals then use malware to identify assets, decrypt login details and steal the target information.
The Ovum report advised enterprises to increase their awareness of cyber espionage, restrict the distribution of sensitive information, vet users who have access to high-value information, protect data held on third-party sites and conduct a risk analysis, including mobile devices and removable media.