Cyber Espionage Incidents Triple: Verizon Report - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Cybersecurity

Cyber Espionage Incidents Triple: Verizon Report

As cyber espionage grows quickly, government agencies become the No. 1 target, finds 2014 Data Breach Investigations Report.

Government agencies are the most frequent target for cyber espionage, a type of attack that, though small in absolute numbers, is growing quickly, according the latest Data Breach Investigations Report from Verizon.

Public sector organizations accounted for 75% of the more than 63,400 security incidents reported worldwide, according to Verizon security researchers' findings in the 2014 Data Breach Investigations Report.

The high number of government incidents are skewed by US reporting requirements, which produce a "vast amount of minor incidents" that are not a sign of higher targeting or weak defenses, according to the report's authors. But they provide important clues about the evolving nature of security incidents.

One development masked by the overall numbers is a threefold increase in cyber espionage incidents in this year's report compared with last year's. The figures reflect a larger data set of reported espionage incidents, not necessarily a direct increase in attempts.  But because such incidents are hard to discern, and can take months to uncover, the larger reported number of incidents still represents a concern.

[NIST's cyber security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work? Read: Protecting Critical Infrastructure: A New Approach.]

"We're seeing a steady uptick in cyber espionage," says Bryan Sartin, director of the Research, Investigations, Solutions, Knowledge (RISK) team at Verizon Enterprise Solutions.

Espionage is considered "not significant" as a source of government security incidents because it accounted for less than 1% of the total. Because of the large number of other security incidents reported by government -- including insider misuse (24%), crimeware (21%), and theft or loss (19%) -- espionage does not appear on the statistical radar screen.

"This is relative," Sartin said, because in absolute terms the number of espionage incidents still is small compared with other types of incidents.

But public agencies were targeted more often than any business sector included in the report, and the United States was the No. 1 government target, accounting for 54% of government espionage.

The potential for damage from these incidents is real. In 62% of espionage cases the breach went months before being detected, and in 5% it went on for years. In 85% of cases the espionage was discovered by an outside third party rather than the victim.

Source: Verizon 2014 Data Breach Investigations Report
Source: Verizon 2014 Data Breach Investigations Report

The Verizon report analyzed 63,437 security incidents from 2013 reported by 50 organizations in 95 countries. Government contributors to this year's report include US-CERT, the Secret Service, the Defense Security Service, the Homeland Security Department's National Cybersecurity and Integration Center, and the Commonwealth of Massachusetts, all in the United States, along with agencies from Argentina, Australia, Columbia, Denmark, the European Union, Ireland, Luxembourg, Malaysia, the Netherlands, Spain, and Ukraine.

Governments participate in the study because it anonymizes the incidents and provides high-quality data, says Sartin. "At the end of the day, it's not a survey, it's investigations of data breaches."

The surge in cyber espionage was surprising. "We knew it was pervasive, but it's a little disconcerting when it triples last year's already much-increased number," the report authors wrote.

Much of the increase reflects the growing number of participants in this year's report, they said. But espionage still could be underreported because there are few requirements for publicly reporting it, and the characteristics of attacks vary greatly, making them difficult to identify.

Identifying the source of the espionage also is "really, really hard," the authors said. Still, they think at least 87% of reported espionage is being done by nation states, and about half of it seems to be from

Next Page

William Jackson is writer with the <a href="" target="_blank">Tech Writers Bureau</A>, with more than 35 years' experience reporting for daily, business and technical publications, including two decades covering information ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
4/29/2014 | 4:34:55 PM
Whatever happened to accountability?
That a law must be passed to compel federal agencies to be transparent in order to track breaches is astonishing to me.  
User Rank: Author
4/22/2014 | 3:59:50 PM
Re: Caution with the numbers
pfretty, thanks for making the added point: Sometimes, its easy to focus too much on the numbers and miss the larger message.  Your point that leading infrastructure sectors have been targeted more than retail and consumer sectors is an important part of that message, and one worth heeding.  Of note: see our story this week on the Cybersecurity Framework for Critical Infrastructure: Protecting Critical Infrastructure: A New Approach  and Sensitive Data: What Constitutes 'Reasonable Protection'?

User Rank: Ninja
4/22/2014 | 3:44:46 PM
Re: Caution with the numbers
The actual numbers themselves are not as important as the overarching message -- in a data-based society, we need to pay more attention to accesspoints. According to the 2013 HP Ponemon Cost of Cyber Crime report (, all industries fall victim to cybercrime, but to different degrees. The report breakd out the average annualized cost of cyber crime appears by industry segment, and organizations in defense, financial services, and energy and utilities experience substantially higher cyber crime costs than organizations in retail, media and consumer products. Simply put hackers are under far more targeted campaigns while utilizing higher levels of sophistication. 

Peter Fretty,
User Rank: Author
4/22/2014 | 1:16:29 PM
What's new about the espionage incidents
One of the other interesting points raised by the Verizon team in their findings on espionage is the fact that while spear phishing, via mostly email, remains the most often used method by hackers to break into a system, there has been a notable rise in strategic web compromises as a method of gaining initial access.
User Rank: Author
4/22/2014 | 1:07:51 PM
Caution with the numbers
I think the narrative in the Verizon report says it well:

"Before someone concludes we're asserting a vast increase in
espionage in 2013, we're quite sure countless organizations
have been consistently targeted for several years. Instead,
we attribute this increase primarily to our ever-expanding set
of contributors conducting research in this area, along with
more community information sharing that improves discovery
capabilities. Like a streetlight illuminating cars parked along
the street, more contributors allow us to see more cars.
Unfortunately, we can also see that those cars have broken
windows and stolen stereos."
2021 Outlook: Tackling Cloud Transformation Choices
Joao-Pierre S. Ruth, Senior Writer,  1/4/2021
Enterprise IT Leaders Face Two Paths to AI
Jessica Davis, Senior Editor, Enterprise Apps,  12/23/2020
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll