As cyber espionage grows quickly, government agencies become the No. 1 target, finds 2014 Data Breach Investigations Report.
Government agencies are the most frequent target for cyber espionage, a type of attack that, though small in absolute numbers, is growing quickly, according the latest Data Breach Investigations Report from Verizon.
Public sector organizations accounted for 75% of the more than 63,400 security incidents reported worldwide, according to Verizon security researchers' findings in the 2014 Data Breach Investigations Report.
The high number of government incidents are skewed by US reporting requirements, which produce a "vast amount of minor incidents" that are not a sign of higher targeting or weak defenses, according to the report's authors. But they provide important clues about the evolving nature of security incidents.
One development masked by the overall numbers is a threefold increase in cyber espionage incidents in this year's report compared with last year's. The figures reflect a larger data set of reported espionage incidents, not necessarily a direct increase in attempts. But because such incidents are hard to discern, and can take months to uncover, the larger reported number of incidents still represents a concern.
"We're seeing a steady uptick in cyber espionage," says Bryan Sartin, director of the Research, Investigations, Solutions, Knowledge (RISK) team at Verizon Enterprise Solutions.
Espionage is considered "not significant" as a source of government security incidents because it accounted for less than 1% of the total. Because of the large number of other security incidents reported by government -- including insider misuse (24%), crimeware (21%), and theft or loss (19%) -- espionage does not appear on the statistical radar screen.
"This is relative," Sartin said, because in absolute terms the number of espionage incidents still is small compared with other types of incidents.
But public agencies were targeted more often than any business sector included in the report, and the United States was the No. 1 government target, accounting for 54% of government espionage.
The potential for damage from these incidents is real. In 62% of espionage cases the breach went months before being detected, and in 5% it went on for years. In 85% of cases the espionage was discovered by an outside third party rather than the victim.
Source: Verizon 2014 Data Breach Investigations Report
The Verizon report analyzed 63,437 security incidents from 2013 reported by 50 organizations in 95 countries. Government contributors to this year's report include US-CERT, the Secret Service, the Defense Security Service, the Homeland Security Department's National Cybersecurity and Integration Center, and the Commonwealth of Massachusetts, all in the United States, along with agencies from Argentina, Australia, Columbia, Denmark, the European Union, Ireland, Luxembourg, Malaysia, the Netherlands, Spain, and Ukraine.
Governments participate in the study because it anonymizes the incidents and provides high-quality data, says Sartin. "At the end of the day, it's not a survey, it's investigations of data breaches."
The surge in cyber espionage was surprising. "We knew it was pervasive, but it's a little disconcerting when it triples last year's already much-increased number," the report authors wrote.
Much of the increase reflects the growing number of participants in this year's report, they said. But espionage still could be underreported because there are few requirements for publicly reporting it, and the characteristics of attacks vary greatly, making them difficult to identify.
Identifying the source of the espionage also is "really, really hard," the authors said. Still, they think at least 87% of reported espionage is being done by nation states, and about half of it seems to be from
William Jackson is a technology writer based in Washington, D.C. He has been a journalist for more than 35 years, most recently covering the $80 billion federal government IT sector for Government Computer News. His coverage has ranged from architecture to international ... View Full Bio
Security Job #1 For FedsThe 2014 InformationWeek Government IT Priorities Survey shows federal IT pros care about security - itís rated as very important by 69% of respondents, 30 percentage points ahead of the No. 2 priority, disaster recovery. Will the upcoming NIST cyber-security framework help manage risk?
InformationWeek Tech Digest, Nov. 10, 2014Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?