April 23, 2013
Verizon Report States China Is Behind Most US Cyber Attacks
Michael Harper for redOrbit.com — Your Universe Online
Verizon has just released their 2013 “Data Breach Investigations Report” analyzing where the largest threats originate and what cyber-thieves are after when they attack networks.According to the report, a large percentage of these attackers are simply looking for a way to turn a profit, using stolen information on their own or selling it to other parties. The majority of the attacks originating in the US are financially motivated. A much smaller percentage of the attacks analyzed by the report were state-affiliated or perpetrated as an act of espionage.
The Verizon investigation found that the majority of cyber espionage attacks originated in East Asia or China. This isn´t the first time China has been shown to launch a wide array of attacks against the US and other countries.
Finally, the report found that hacktivists are still busy causing trouble for corporations and other network owners to make a statement or simply for fun. These attacks are normally carried out by way of Distributed Denial of Service (DDoS) attacks and have been shown to disrupt service and cost affected companies millions of dollars to combat.
“The bottom line is that unfortunately, no organization is immune to a data breach in this day and age,” said Wade Baker, the principal author of the latest Data Breach Investigations Report (DBIR) in a press statement.
“We have the tools today to combat cybercrime, but it´s really all about selecting the right ones and using them in the right way. In other words, understand your adversary — know their motives and methods, and prepare your defenses accordingly and always keep your guard up.”
According to their analysis, 75 percent of all the attacks launched last year were opportunistic in nature. Rather than target a specific person or organization, these attackers simply take advantage of a moment when they see one. In the vast majority of these attacks, the hackers are trying to take money from their victims.
The Verizon report states that the majority of those hacking for monetary gain are from the US or Eastern Europe, specifically Bulgaria, Romania or the Russian federation. These cyber criminals use more sophisticated weapons than their hacktivist counterparts such as phishing attacks.
A recent Symantec report backs up this claim, detailing a new maneuver called a “watering hole” attack. In this attack, a cybercriminal will infect a website and wait for a user from a targeted and smaller business to pass by. Once they infect the network of the smaller corporation, they´ll leapfrog their way to infect any larger organization the smaller company may do business with.
The Verizon report showed that a much smaller percentage of attacks were launched with the intention to spy on businesses or government branches. Only about 19 percent of the attacks analyzed were state-affiliated, yet the majority of these attacks could be traced to East Asia. The DBIR is quick to mention that companies all over the world have been attacked, saying that “geographic borders are no protection against cyber attacks.”
Verizon´s isn´t he first report to find a large number of cyber espionage attacks stemming from China. A February study from security firm Mandiant found that a specific arm of China´s People´s Liberation Army (PLA) is responsible for more than 100 attacks on US organizations since 2006.
China vehemently denies charges of cyber espionage each time these claims are lobbed against them.
Verizon says today´s report is important because it sheds light on where these threats originate and the intentions of these attackers.