When we think of hackers, our minds usually visualize individuals amplified by excessive energy drinks while hovering around multiple computer screens in their mother’s basement. Their motivation could range from a wide net of issues, but more than likely it is truly intrinsic to the individuals at the helm. Rarely do our minds venture down the road of state-sponsored espionage and if our minds go there it’s usually huddled in bed reading a good spy novel. The truth is, however, that the threat is real: very real.

Recently it was reported that Japan’s biggest defense contractor, Mitsubishi Heavy Industries, was the latest victim of a malware-based attack. The firm states that 10 of their sites became infected across Japan, including a submarine manufacturing plant. The total damage equating to 45 network servers and 38 PCs compromised from eight strains of malware. The company reassures that no intellectual property was acquired during the ordeal, but it reiterates the point. State-sponsored threats are real.

Former Cyber Security Czar Richard Clarke, who is on the Bit9 board of directors, recently stated in a video interview that, “The government of China is involved in hacking into American companies and taking that information and giving it to Chinese companies.” [Video]

Now no confirmation has been made among these attacks against China, who typically gets accused of such activity, but it highlights that there are significant weaknesses in domestic and international security defenses. And more specifically, we would argue that there is a blindspot on the endpoints – servers, laptops, PCs – that are running in corporations and in government organizations. It’s a blind spot that malicious hackers take advantage of when they target intellectual property and state secrets.  State-sponsored threats should be taken seriously and there should be effective security in place to prevent malware as well as unauthorized applications.