China is the epicenter of state-affiliated cyber attacks: Verizon report

Infotech Lead India: China is the epicenter of state-affiliated cyber attacks, according to a Verizon report.

Verizon’s report says the number of attacks by state-affiliated actors has nearly tripled from last year, of which 96 percent were attributed to China.

While the state-affiliated espionage campaigns took the second spot at 20 percent, financially motivated cybercrime took the top spot at 75 percent, Verizon said.

The Wall Street Journal on Tuesday reported that cyber attacks could be “as serious as a nuclear bomb,” according to a top Chinese general, who rejected suggestions that the Chinese military is behind cyber spying aimed at Western companies.

Gen. Fang Fenghui, chief of staff of the People’s Liberation Army, made the comments after meeting with his U.S. counterpart Martin Dempsey, chairman of the Joint Chiefs of Staff.

The Obama administration is looking at options to confront Beijing over the issue, including trade sanctions, diplomatic pressure and indictments of Chinese nationals in U.S. courts.

Verizon 2013 Data Breach Investigations Report, which was released on Monday, says breaches in the second spot include cyber threats aimed at stealing intellectual property with a motive to further national and economic interests. Classified information, trade secrets and technical resources were soft targets.

In 2012, a range of industries have been targeted. Thirty-seven percent of breaches affected financial organizations and 24 percent affected retailers and restaurants.

Twenty percent of network intrusions involved the manufacturing, transportation and utilities industries and the same percentage affected information and professional services firms. 38 percent impacted larger organizations and represented 27 different countries.

External attacks continue to be largely responsible for data breaches, with 92 percent of them attributable to outsiders and only 14 percent being the work of insiders.

This category includes organized crime, activist groups, former employees, lone hackers and even organizations sponsored by foreign governments. Similar to the prior year’s report, business partners were found to be responsible for about 1 percent of data breaches.

Hacking remains the most popular way through which breaches occur. It was responsible for 52 percent of data breaches. Seventy-six percent of network intrusions happened because of weak or stolen credentials, 40 percent incorporated malware, 35 percent involved physical attacks and 29 percent leveraged social tactics such as phishing.

Despite all the bad publicity that mobile threats received during the past year, only an insignificant number of breaches involved the use of mobile devices.

The proportion of breaches incorporating social tactics such as phishing has grown four-times more in 2012. Third parties continue to detect 69 percent of the breaches.

[email protected]