For instance, it's totally legal to buy satellite images of a competitor's parking lot to determine how many customers they're serving each year or to pay a private investigator to walk around a trade show and share what they hear. It is not illegal to spy on a private company as long as the information is obtained by legal means. That said, other competitive intelligence companies cross the line and fall into illegal corporate spying. In fact, counterintelligence based on public information can be so successful that many companies now have OPSEC teams that manage what information is released to the public. What's the Difference Between Competitive Intelligence and Corporate Spying?Ĭompetitive intelligence, to put it in information security terms, is the white hat version of corporate espionage.Ĭompetitive intelligence companies generally use legal methods to gather and analyze information that's publically available, whether that be merger and acquisition news, new government regulations, blog content or social media noise. Given the competitive advantage that comes from innovation, it isn't hard to see why corporate spying has become such a large cybersecurity risk. Disgruntled employees or a former employee who now works for a competitor can inadvertently or directly reveal proprietary information and corporate secrets. Much of it comes from an insider transferring trade secrets from one company to another. That said, not all corporate espionage is so dramatic. Looking for third-party data breaches and data leaks on the dark web.Using email spoofing and phishing to trick a competitor's employees into revealing confidential information or sensitive data.Attacking a competitor's website by exploiting a CVE-listed vulnerability.Gaining access to a competitor's internal network by abusing poor network security practices.Changing the registration of a competitor's domain name using domain hijacking.Hacking into or disabling a competitor's computer using a cyber attack like the WannaCry ransomware attack.Using wiretapping, a lack of SSL or another form of man-in-the-middle attack to listen in on competitor communication.Posting as a competitor's employee to learn trade secrets or gain access to their customers' personally identifiable information (PII).Trespassing on a competitor's property or gaining unauthorized access to their files.There are a number of techniques that fall under the umbrella of industrial espionage: The information derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable through proper means by, the public.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |