Corporate cybersecurity is one of the biggest headaches for any company. Not just because data and information about their clients, users, or providers may be put at risk. Competitiveness can also be seriously damaged by the loss of confidential internal information.
We always think that cyberattacks against businesses are carried out by third parties with no direct relationship to the company, with the sole purpose of selling that information. But, what about when the cybercriminal is from a rival company, or even a country’s government? And what about when the cyberattack aims to steal information that will directly endanger the business model and the projects of the company that is the victim of the attack?
This is where we start to see a practice that, while not widespread, is beginning to become more significant among larger companies: cyber counterintelligence.
What is cyber counterintelligence?
Counterintelligence takes as a jumping off point one basic premise: if someone is going to attack your company, the best defense is a good offense. This is why, instead of acting preventively or reactively, this kind of company prefers to change things up, and catch the cybercriminal as they take their first steps.
This strategy can be carried out in several ways:
1.- Leaving their doors “open”. A company may leave an access point apparently deactivated or unprotected. This way, the cybercriminal will find this gap, and think that they are getting right to the core of the company and all its information.
2.- Fake information If the cybercriminal takes advantage of this gap, it is likely that they will find apparently confidential information. What they don’t know is that that the door wasn’t that “open” after all, and the information they’ve found isn’t that confidential. What has actually happened is that the company has tricked them, leaving fake documents for them to find.
3.- Keep them busy while they’re stealing However, as long as the cybercriminals think they are out of sight and have access to information, they will snoop around as they please. What they don’t know is that, all the while, the company that is apparently experiencing a cyberattack is actually watching, obtaining information about the attacker in order to take possible measures against them.
The drawbacks of counterintelligence
It may seem like counterintelligence promises to be the perfect solution to avoid endangering a company’s cybersecurity. But the truth is that there are several drawbacks:
1.- It isn’t available to everyone. If a company wants to carry out cyber counterintelligence, it must have a team dedicated to the task. And it goes without saying that that is something that only large budgets can afford.
2.- The possibility of failure. If a company decides to “play” at counterintelligence, it must be willing to accept the rules: it could lose. Because the cybercriminals may be aware that they’re being watched, and so, while they pretend to be acting where they can be monitored, they’re actually getting in through another entrance.
3.- Legal conflicts. Counterintelligence is no trifling matter: at times is can entail breaking some laws, meaning that any company that carries it out could become involved in some serious legal problems.
4.- Diplomatic conflicts. In some cases, cyberattacks between companies occur when two companies from different countries are competing for the same project or the same contract. When this happens, cyber counterintelligence can cause a diplomatic clash with the government of the country where the rival company is based.
As such, companies that really want to protect their company’s cybersecurity must use less delicate, more secure methods. One example of this is Panda Adaptive Defense, a solution that not only acts both preventively and reactively, but also stops unauthorized access and protects companies from any kind of breach in their cybersecurity. Thanks to continuous monitoring of all the processes on the corporate network, Panda Adaptive Defense is able to stay ahead of cybercriminals, activating its protection systems before the attack happens. Our advanced cybersecurity solution guarantees a higher level of protection, without the need to use riskier techniques like counterintelligence.