As cyber espionage grows quickly, government agencies become the No. 1 target, finds 2014 Data Breach Investigations Report.
Government agencies are the most frequent target for cyber espionage, a type of attack that, though small in absolute numbers, is growing quickly, according the latest Data Breach Investigations Report from Verizon.
Public sector organizations accounted for 75% of the more than 63,400 security incidents reported worldwide, according to Verizon security researchers' findings in the 2014 Data Breach Investigations Report.
The high number of government incidents are skewed by US reporting requirements, which produce a "vast amount of minor incidents" that are not a sign of higher targeting or weak defenses, according to the report's authors. But they provide important clues about the evolving nature of security incidents.
One development masked by the overall numbers is a threefold increase in cyber espionage incidents in this year's report compared with last year's. The figures reflect a larger data set of reported espionage incidents, not necessarily a direct increase in attempts. But because such incidents are hard to discern, and can take months to uncover, the larger reported number of incidents still represents a concern.
"We're seeing a steady uptick in cyber espionage," says Bryan Sartin, director of the Research, Investigations, Solutions, Knowledge (RISK) team at Verizon Enterprise Solutions.
Espionage is considered "not significant" as a source of government security incidents because it accounted for less than 1% of the total. Because of the large number of other security incidents reported by government -- including insider misuse (24%), crimeware (21%), and theft or loss (19%) -- espionage does not appear on the statistical radar screen.
"This is relative," Sartin said, because in absolute terms the number of espionage incidents still is small compared with other types of incidents.
But public agencies were targeted more often than any business sector included in the report, and the United States was the No. 1 government target, accounting for 54% of government espionage.
The potential for damage from these incidents is real. In 62% of espionage cases the breach went months before being detected, and in 5% it went on for years. In 85% of cases the espionage was discovered by an outside third party rather than the victim.
Source: Verizon 2014 Data Breach Investigations Report
The Verizon report analyzed 63,437 security incidents from 2013 reported by 50 organizations in 95 countries. Government contributors to this year's report include US-CERT, the Secret Service, the Defense Security Service, the Homeland Security Department's National Cybersecurity and Integration Center, and the Commonwealth of Massachusetts, all in the United States, along with agencies from Argentina, Australia, Columbia, Denmark, the European Union, Ireland, Luxembourg, Malaysia, the Netherlands, Spain, and Ukraine.
Governments participate in the study because it anonymizes the incidents and provides high-quality data, says Sartin. "At the end of the day, it's not a survey, it's investigations of data breaches."
The surge in cyber espionage was surprising. "We knew it was pervasive, but it's a little disconcerting when it triples last year's already much-increased number," the report authors wrote.
Much of the increase reflects the growing number of participants in this year's report, they said. But espionage still could be underreported because there are few requirements for publicly reporting it, and the characteristics of attacks vary greatly, making them difficult to identify.
Identifying the source of the espionage also is "really, really hard," the authors said. Still, they think at least 87% of reported espionage is being done by nation states, and about half of it seems to be from
William Jackson is writer with the <a href="http://www.techwritersbureau.com" target="_blank">Tech Writers Bureau</A>, with more than 35 years' experience reporting for daily, business and technical publications, including two decades covering information ... View Full Bio
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.