Home Business IT Security Cyber espionage on the rise
ource: Verizon 2013 Data Breach Investigation Report ource: Verizon 2013 Data Breach Investigation Report

Three quarters of cyber crime is financially motivated, but cyber espionage is growing. Know your enemy, says a major new report.

Verizon has published its 2013 Data Breach Investigations Report. Now in its sixth year of publication, the report includes data from 19 global security organisations, including the Australian Federal Police. Because it uses data from so many law enforcement agencies, the report has become one of the most definitive global analyses of cyber crime.

This year’s report analyses of over 47,000 security incidents and 621 confirmed breaches. It also offers new insight into data thieves and their motives, says Verizon’s Paul Black, the company’s Regional Managing Principal for Investigative Response.

“There’s been a big increase in state affiliated cyber espionage this year,” Black told iTWire. “But we have a much larger data set, with 19 countries. Countries are increasingly using the Internet as military weapon. We are also seeing an increase in the involvement of organised crime.”

The report includes a matrix that maps the sources of cyber crime (organised crime, state affiliates and activists) against their targets by industry, their region of operation and a range of other criteria.

“As more and more commercial activity moves online, and organisations are storing more and more payment data, the types of attacks are becoming much more sophisticated,” said Black. “Despite all the best efforts of the security industry, too many people are still using weak passwords, or even easy to guess default passwords. These are very susceptible to brute force attacks.”

Black said a major problem was often the length of time it took organisations to realise they had been attacked. “Many of them don’t know for days or weeks afterwards, and are often informed by their customers or other third parties. Everything is logged, but people don’t look at their log files.”

Key findings from the report include:

  • Taking the top spot for all breaches is financially-motived cybercrime (75%) followed by state-affiliated espionage campaigns claiming second spot (20%).
  • Hactivist incidents held steady but the amount of data stolen decreased as hactivists shifted to other forms of attacks, such as distributed denial of service attacks.
  • Victims represented a wide range of industries, from financial organizations to manufacturing, transportation and utilities.
  • 38% of breaches impacted larger organisations and represented 27 different countries.
  • External attacks remain largely responsible for data breaches with 92 percent of them attributable to outsiders and 14% committed by insiders.
  • Hacking is the most common way breaches occur. In fact, hacking was a factor in 52% of data breaches.
  • Three quarters (76%) of network intrusions exploited weak or stolen credentials (user name/password).
  • The proportion of breaches incorporating social tactics such as phishing was four-times higher in 2012, which the report found directly related to the tactic’s widespread use in targeted espionage campaigns.

“The bottom line is that unfortunately, no organisation is immune to a data breach in this day and age,” said Black. “We have the tools today to combat cybercrime, but it’s really all about selecting the right ones and using them in the right way.

“In other words, understand your adversary – know their motives and methods, and prepare your defences accordingly and always keep your guard up,“ he said.

The report contains some excellent infographics and is extremely well written. It can be accessed at  http://www.verizonenterprise.com/DBIR/2013/

FREE CLOUD BACKUPS MANAGEMENT WEBINAR

Are your technicians spending too much time just managing your clients cloud backups?

Backups are an important part of any IT business but they should not consume more than their fair share of time and money.

Discover how to reduce the amount of time & money spent managing your Cloud Backups during this Free Webinar.

REGISTER FOR FREE WEBINAR!

FREE NETWORKING SERVICES CASE STUDY

As one of the world’s largest social networking services, Facebook handles a lot of user information, and requires input from an astounding range of stakeholders 24 hours a day, 7 days a week — from both inside and outside the business.

Discover how Facebook was helped to connect remote employees, vendors, consultants, and partners to applications and web services quickly and reliably - without risking sensitive data.

GET CASE STUDY!

GET THE IT BUDGET YOU WANT

Explore your Network Treasure Trove to get the IT Budget you want

With Australian businesses projected to spend over $78.7 Billion why does it feel like you can never get the budget you need?.

In most cases your budget will get approved because the proposals are not only technically correct, but also provide good, credible evidence on how the spend aligns with key business objectives.

Did you know that your Network Monitoring tool can help you build a comprehensive business case without an MBA?

HERE ARE 8 TIPS TO GET THE IT BUDGET YOU WANT.

CLICK HERE!

Graeme Philipson

Graeme Philipson is senior associate editor at iTWire and editor of sister publication CommsWire. He is also founder and Research Director of Connection Research, a market research and analysis firm specialising in the convergence of sustainable, digital and environmental technologies. He has been in the high tech industry for more than 30 years, most of that time as a market researcher, analyst and journalist. He was founding editor of MIS magazine, and is a former editor of Computerworld Australia. He was a research director for Gartner Asia Pacific and research manager for the Yankee Group Australia. He was a long time IT columnist in The Age and The Sydney Morning Herald, and is a recipient of the Kester Award for lifetime achievement in IT journalism.

Connect

 

 

 

 

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities