Feeds

Verizon: 96 PER CENT of state-backed cyber-spying traced to China

Lock up your data, folks

Intelligent flash storage arrays

Spooks carrying out state-sponsored cyber-espionage were responsible for one in five data breaches last year, researchers have claimed.

New statistics contained in Verizon’s Data Breach Investigation Report 2012 found that 19 per cent of all attacks were carried out by agents acting on behalf of their government. Researchers recorded more cyber-espionage incidents than ever before, although the majority of attacks were carried out by criminals looking to make money.

Bosses will be comforted by the finding that “external actors” were responsible for the majority of data breaches, with 92 per cent of all incidents involving an attack from someone working outside the the organisation.

Researchers examined more than 47,000 security incidents and 621 confirmed data breaches affecting international organisations from 27 countries, including government agencies, financial institutions and defence contractors. Since the first report was compiled nine years ago, boffins have pored over more than 2,500 data breaches.

The report, which was released today and covers 2012, said: “State-affiliated groups rise to the number two spot for the 2012 dataset ... We saw a dip in financially motivated cases against small organizations in our dataset, and that dip allows other trends to become more pronounced. Furthermore, our own investigations comprised more espionage cases than any previous year.”

Financial organisations suffered the most attacks, accounting for 37 per cent of recorded data breaches. Just over half (52 per cent) of all breaches involved “some sort of hacking” while 76 per cent of “network intrusions involved exploiting weak or stolen credentials” - which basically means someone didn’t set up a decent password.

Some 21 percent of the attacks were carried out by state-affiliated hackers on espionage missions, 96 percent of which could be tracked back to China.

Organised crime was responsible for 55 percent of all breaches, with the majority of attacks coming from the US or Eastern Europe.

The report added: “More than half of all external breaches tie to organized criminal groups. This reflects the high prevalence of illicit activities associated with threat actors of this ilk, such as spamming, scamming, payment fraud, account takeovers and identity theft. For professional criminals, the “why” is simple and consistent—money . As economic and social activities continue to go online, criminals will follow in order to exploit the soaring amount of data that can all too easily be converted to cash.”

Jason Hart, cloud solutions veep at SafeNet, said the data demanded a new way of thinking about security.

He said: “Verizon can always be relied on to lift the lid on hackers' motives and this new batch of data is shocking. While data breaches seem rampant, these results could trigger a real sea change in data protection strategies. Embracing a secure breach strategy renders lost or stolen worthless to the attacker, making the only serious mitigation of the threat to sensitive data held by enterprises and governments.” ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.