Financial cybercrime, state sponsored espionage dominate security landscape

by CXOtoday Staff    Apr 23, 2013

Cyber Crime

As compared to any other years, perhaps it was 2012 that witnessed the large scale and diverse nature of data breaches and other network attacks. Additionally this time around nobody was spared from pubs to public agencies, mom-and-pops to multi-nationals. The motives for these attacks appear equally diverse.

Money-minded miscreants continued to cash in on low-hanging fruit from any tree within reach. Bolder bandits took aim at better-defended targets in hopes of bigger hauls. Activist groups DoS’d and hacked under the very different—and sometimes blurred—banners of personal ideology and just-for-the-fun-of-it lulz. And, as a growing list of victims shared their stories, clandestine activity attributed to state-affiliated actors stirred international intrigue.

All in all, 2012 reminded us that breaches are a multi-faceted problem, and any one-dimensional attempt to describe them fails to adequately capture their complexity. According to the Verizon 2013 Data Breach Investigations Report (DBIR), large-scale financial cybercrime and state-affiliated espionage dominated the security landscape in 2012. Taking the top spot for all breaches in the 2013 report is financially motivated cybercrime (75 percent), with state-affiliated espionage campaigns claiming the No. 2 spot (20 percent).  Breaches in the No. 2 spot include cyber threats aimed at stealing intellectual property — such as classified information, trade secrets and technical resources — to further national and economic interests.

The 2013 DBIR also found that the proportion of incidents involving hacktivists– who act out of ideological motivations or even just for fun — held steady; but the amount of data stolen decreased, as many hacktivists shifted to other methods such as distributed denial of service (DDoS) attacks.  These attacks, aimed at paralyzing or disrupting systems, also have significant costs because they impair business and operations.

The bottom line is that unfortunately,no organization is immune to a data breach in this day and age.
-Wade Baker, principal author of the Data Breach Investigations Report series

“We have the tools today to combat cybercrime, but it’s really all about selecting the right ones and using them in the right way. In other words, understand your adversary – know their motives and methods, and prepare your defenses accordingly and always keep your guard up,” said Wade Baker, principal author of the Data Breach Investigations Report series. 

In 2012, victims represented a wide range of industries.  Thirty-seven percent of breaches affected financial organizations, and 24 percent affectedretailers and restaurants. Twenty percent of network intrusions involved the manufacturing, transportation and utilities industries, with the same percentage affecting information and professional services firms. 

In terms of attack methods, hacking is the No. 1 way breaches occur. In fact, hacking was a factor in 52 percent of data breaches. Seventy-six percent of network intrusions exploited weak or stolen credentials (user name/password); 40 percent incorporated malware (malicious software, script or code used to compromise information); 35 percent involved physical attacks (such as ATM skimming); and 29 percent leveraged social tactics (such as phishing). The proportion of breaches incorporating social tactics such as phishing was four-times higher in 2012, which, according to the breach report, is directly related to the tactic’s widespread use in targeted espionage campaigns. Additionally, the compromise-to-discovery timeline continues to be measured in months and even years, as opposed to hours and days.  Finally, third parties continue to detect the majority of breaches (69 percent).