Threat Management, Threat Intelligence

‘With eyes wide open’: Strider flags insider threat recruitment from inside networks

President of Russia Vladimir Putin prior to a military parade in Red Square in Moscow. Today’s columnist, Meredith Bell of AutoRABIT, offers three tips for companies looking to protect their operations from retaliatory cyberattacks from Russia. Sergey Pyatakov / Sputnik

In April, the United Kingdom's MI5 warned that over 10,000 Britons had been recruited by China over LinkedIn for espionage. Those recruitment efforts typically began not with a transparent offer of money for trade secrets or national security secrets, but with mundane-looking invites to travel to China to speak at a conference or discuss business activities.

It's a story that has repeated itself the world over, including in the U.S. Unwitting employees recruited to give up trade secrets.

"It's very well known that the United Front work department, an arm of the Chinese Communist Party, uses professional associations, and alumni associations to identify talent in technology and recruit," said Eric Levesque, co-founder and chief strategy officer of Strider, whose bread and butter is a deep research into the people and corporate fronts used by foreign espionage groups. He noted too that the Biden administration came out with sanctions against certain Russian companies that hold conferences, where intelligence services try to snag talent.

Beyond the unwitting intelligence assets, there are the witting ones. Companies with thousands of employees will inevitably have some people doing day-to-day business that inadvertently get entangled with a front company for a sanctioned group, deliberately created to obscure who they are.

Here's where Strider, having offered an external service to vet employees and contacts in the past, now hopes to offer another assist: On Thursday, it announced its first product to provide visibility within networks. Strider Shield monitors network traffic and email in real-time for continuously updated keywords and domains of concern - complementing products that prevent hackers from getting in with the ability to prevent employees from being recruited to take data out.

A continuously updated set of search terms goes far beyond what most corporate officers would be capable of collecting on their own - including the local municipal agencies known to organize conferences used to recruit and filter potential spies up through to the Chinese government.

The point, says Strider is not to scare people away from marketing to China or Russia. In fact, it is the opposite - creating an early alert for the potential for harm.

"We don't tell our customers don't go or don't engage with these markets," said Levesque. "It's just going in with eyes wide open."

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.