One in Five Data Breaches are the Result of Cyberespionage
Even though the majority of data breaches continue to be the result of financially motivated cybercriminal attacks, cyberespionage activities are also responsible for a significant number of data theft incidents, according to a Verizon report.
Verizon's 2013 Data Breach Investigations Report (DBIR) covers data breaches investigated during 2012 by the company's RISK Team and 18 other organizations from around the globe, including national computer emergency response teams (CERTs) and law enforcement agencies. The report compiles information from more than 47,000 security incidents and 621 confirmed data breaches that resulted in at least 44 million compromised records.
In addition to including the largest number of sources to date, the report is also Verizon's first to contain information on breaches resulting from state-affiliated cyberespionage attacks. This kind of attack targets intellectual property and accounted for 20 percent of the data breaches covered by the report.
In more than 95 percent of cases the cyberespionage attacks originated from China, the report said. However, it would be naive to assume that cyberespionage attacks only come from China, it said.
In comparison to cyberespionage, financially motivated cybercrime was responsible for 75 percent of data breach incidents covered in the report and hacktivists were behind the remaining 5 percent.
Fifty-two percent of data breach incidents involved hacking techniques, 40 percent involved the use of malware, 35 percent the use of physical attacks -- for example ATM skimming -- and 29 percent the use of social tactics like phishing.
The number of breaches that involved phishing was four times higher in 2012 compared to the previous year, which is probably the result of this technique being commonly used in targeted espionage campaigns.