2012 Threat Landscape: Profit-Driven Crimes, State-Sponsored Espionage and Activism


April 23rd, 2013, 18:01 GMT · By Eduard Kovacs
According to Verizon’s recently released 2013 Data Breach Investigation Report, financially motivated cybercrimes and state-affiliated espionage campaigns dominated the 2012 threat landscape. Activists have also left an impression, but the impact of their operations hasn’t recorded any significant modifications.

Verizon has revealed that in 2012, over 47,000 security incidents were reported, 621 data disclosures were confirmed, and 44 million records were compromised. If we look at the figures for the last nine years, the number of compromised records has reached around 1.1 billion.

Financially-driven criminals clearly dominated the security landscape last year, 75% of breaches falling into this category. However, state-affiliated groups rose to the number two spot.

The company believes there are a couple of main reasons for which the number of espionage attacks – which target classified information, trade secrets and technical resources – has increased.

“On one hand, we saw a dip in financially motivated cases against small organizations in our dataset, and that dip allows other trends to become more pronounced. Another factor is the larger set of data sharing partners in this report that widens the population of incidents we can analyze,” the report reads.

“Furthermore, our own investigations comprised more espionage cases than any previous year, and this was bolstered by increased efforts to collect, share, and correlate IOCs that greatly improve the ability to uncover targeted attacks.”

So where do attacks come from?

The attackers are distributed across 40 different nations. Most of the financially-driven actors come from the US, Romania, Bulgaria and Russia.

As far as espionage is concerned, it probably doesn’t surprise anyone that the country of origin has been China in 96% of cases.

This could mean two things: China is really the most active source of national and industrial espionage in the world, and that other state groups might be more capable when it comes to hiding their tracks.

Verizon has released its 2013 Data Breach Investigations Report. The company has found that, in 2012, hacking was the “number one way” that data breaches occurred.
The figures from the report show that 52% of data breaches involved hacking. 76% of intrusions exploited weak or stolen credentials, 40% relied on malware, 35% involved physical attacks, and 29% of them leveraged social engineering tactics such as phishing.
As far as victims were concerned, in 2012, most of the targeted organizations were from the financial sector (37%), followed by retailers and restaurants (24%), manufacturing, utilities and transportation industries (20%), and information and professional services companies (20%). 38% of cyberattacks targeted larger organizations.
When it comes to the reasons why these attacks were carried out, Verizon’s Dave Hylender explains that they’re “diverse.”
“Money- minded miscreants continued to cash in on low-hanging fruit from any tree within reach. Bolder bandits took aim at better-defended targets in hopes of bigger hauls,” Hylender wrote
“Activist groups DoS’d and hacked under the very different—and sometimes blurred—banners of personal ideology and just-for-the-fun-of-it lulz. And, as a growing list of victims shared their stories, clandestine activity attributed to state-affiliated actors stirred international intrigue.”
The study provides organizations with some important advice on how to protect their assets against data breaches.
The recommendations include eliminating unnecessary data; ensuring that essentials controls are met; collecting, analyzing, and sharing incident and threat intelligence data; evaluating the threat landscape and creating strategies.
“If you’re a target of espionage, don’t underestimate the tenacity of your adversary.Nor should you underestimate the intelligence and tools at your disposal,” reads one piece of advice from the report.

Tags: , , ,

Comments are closed.

%d bloggers like this: