Corporate cybersecurity is one of the biggest headaches for any company. Not just because data and information about their clients, users, or providers may be put at risk. Competitiveness can also be seriously damaged by the loss of confidential internal information.
We always think that cyberattacks against businesses are carried out by third parties with no direct relationship to the company, with the sole purpose of selling that information. But, what about when the cybercriminal is from a rival company, or even a countryâs government? And what about when the cyberattack aims to steal information that will directly endanger the business model and the projects of the company that is the victim of the attack?
This is where we start to see a practice that, while not widespread, is beginning to become more significant among larger companies: cyber counterintelligence.
What is cyber counterintelligence?
Counterintelligence takes as a jumping off point one basic premise: if someone is going to attack your company, the best defense is a good offense. This is why, instead of acting preventively or reactively, this kind of company prefers to change things up, and catch the cybercriminal as they take their first steps.
This strategy can be carried out in several ways:
1.- Leaving their doors âopenâ. A company may leave an access point apparently deactivated or unprotected. This way, the cybercriminal will find this gap, and think that they are getting right to the core of the company and all its information.
2.- Fake information If the cybercriminal takes advantage of this gap, it is likely that they will find apparently confidential information. What they donât know is that that the door wasnât that âopenâ after all, and the information theyâve found isnât that confidential. What has actually happened is that the company has tricked them, leaving fake documents for them to find.
3.- Keep them busy while theyâre stealing However, as long as the cybercriminals think they are out of sight and have access to information, they will snoop around as they please. What they donât know is that, all the while, the company that is apparently experiencing a cyberattack is actually watching, obtaining information about the attacker in order to take possible measures against them.
The drawbacks of counterintelligence
It may seem like counterintelligence promises to be the perfect solution to avoid endangering a companyâs cybersecurity. But the truth is that there are several drawbacks:
1.- It isnât available to everyone. If a company wants to carry out cyber counterintelligence, it must have a team dedicated to the task. And it goes without saying that that is something that only large budgets can afford.
2.- The possibility of failure. If a company decides to âplayâ at counterintelligence, it must be willing to accept the rules: it could lose. Because the cybercriminals may be aware that they’re being watched, and so, while they pretend to be acting where they can be monitored, theyâre actually getting in through another entrance.
3.- Legal conflicts. Counterintelligence is no trifling matter: at times is can entail breaking some laws, meaning that any company that carries it out could become involved in some serious legal problems.
4.- Diplomatic conflicts. In some cases, cyberattacks between companies occur when two companies from different countries are competing for the same project or the same contract. When this happens, cyber counterintelligence can cause a diplomatic clash with the government of the country where the rival company is based.
As such, companies that really want to protect their companyâs cybersecurity must use less delicate, more secure methods. One example of this is Panda Adaptive Defense, a solution that not only acts both preventively and reactively, but also stops unauthorized access and protects companies from any kind of breach in their cybersecurity. Thanks to continuous monitoring of all the processes on the corporate network, Panda Adaptive Defense is able to stay ahead of cybercriminals, activating its protection systems before the attack happens. Our advanced cybersecurity solution guarantees a higher level of protection, without the need to use riskier techniques like counterintelligence.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
