As cyber espionage grows quickly, government agencies become the No. 1 target, finds 2014 Data Breach Investigations Report.
Eastern Asia. "Two countries in particular, the People's Republic of China and the Democratic People's Republic of Korea, represent that region," the report notes.
Attackers are using a diverse array of tools in espionage, but the most common is spear phishing. Email attachments are used to deliver 78% of identified espionage attacks, and links within emails deliver 2%.
Source: Verizon 2014 Data Breach Investigations Report
Because exploits used for espionage are varied, the recommended controls to counter them run the gamut of basic cyber security:
Use updated antivirus.
Segment your network.
Keep good logs.
Break the exploitation chain by detecting phishing attempts and interrupting them when someone "clicks."
Spot command and control traffic and data exfiltration.
Stop the lateral movement of attackers who gain access to the network.
The report also found the use of stolen and/or misused credentials (user names and passwords) continues to be the most frequent way attackers gain access to information, making the case again for using two-factor authentication. The report also noted that insider attacks are on the rise, especially for intellectual property.
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators. Read our InformationWeek Elite 100 issue today.
William Jackson is a technology writer based in Washington, D.C. He has been a journalist for more than 35 years, most recently covering the $80 billion federal government IT sector for Government Computer News. His coverage has ranged from architecture to international ... View Full Bio
Security Job #1 For FedsThe 2014 InformationWeek Government IT Priorities Survey shows federal IT pros care about security - itís rated as very important by 69% of respondents, 30 percentage points ahead of the No. 2 priority, disaster recovery. Will the upcoming NIST cyber-security framework help manage risk?
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.