Verizon has released its 2013 Data Breach Investigation Report, and it finds that all types of businesses are at risk for cyberattacks and cyberespionage. It also states that China plays a growing role in many hacking attacks, particularly digital spying efforts.
Nicole Perlroth with The New York Times reported, “Security experts like to say that there are now only two types of companies left in the United States: those that have been hacked and those that don’t know they’ve been hacked. Their latest supporting evidence comes in the form of an annual Verizon report, which counted 621 confirmed data breaches last year, and more than 47,000 reported ‘security incidents.’ … ‘The results validate that any business that operates online is at potential risk of suffering a data breach,’ said Wade Baker, one of the report’s principal authors. ‘We talk to a lot of actors that are flabbergasted that they would be attacked by a group based across the world. But the report shows that no matter the size of the organization — large, small, government agencies, banks, restaurants, retailers — people are stealing data from a range of different organizations and it’s a problem everyone has to deal with.'”
Computerworld’s Lucian Constantin added, “In addition to including the largest number of sources to date, the report is also Verizon’s first to contain information on breaches resulting from state-affiliated cyberespionage attacks. This kind of attack targets intellectual property and accounted for 20% of the data breaches covered by the report. In more than 95% of cases the cyberespionage attacks originated from China, said Jay Jacobs, a senior analyst with the Verizon RISK team. The team tried to be very thorough regarding attribution and used different known indicators that linked the techniques and malware used in those breaches back to known Chinese hacker groups, he said.”
ZDNet quoted the report, which said, “This may mean that other threat groups perform their activities with greater stealth and subterfuge, but it could also mean that China is, in fact, the most active source of national and industrial espionage in the world today.”
PCMag’s Chloe Albanesius noted, “In terms of how the attacks are carried out, Verizon found that 52 percent involved some form of hacking, 76 percent exploited security flaws, 40 percent turned to malware, and 29 percent used social tactics like phishing.”