Cyber Espionage Incidents Triple: Verizon Report - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Cybersecurity

Cyber Espionage Incidents Triple: Verizon Report

As cyber espionage grows quickly, government agencies become the No. 1 target, finds 2014 Data Breach Investigations Report.

Eastern Asia. "Two countries in particular, the People's Republic of China and the Democratic People's Republic of Korea, represent that region," the report notes.

Attackers are using a diverse array of tools in espionage, but the most common is spear phishing. Email attachments are used to deliver 78% of identified espionage attacks, and links within emails deliver 2%.

Source: Verizon 2014 Data Breach Investigations Report
Source: Verizon 2014 Data Breach Investigations Report

Because exploits used for espionage are varied, the recommended controls to counter them run the gamut of basic cyber security:

  • Patch everything.
  • Use updated antivirus.
  • Train users.
  • Segment your network.
  • Keep good logs.
  • Break the exploitation chain by detecting phishing attempts and interrupting them when someone "clicks."
  • Spot command and control traffic and data exfiltration.
  • Stop the lateral movement of attackers who gain access to the network.

The report also found the use of stolen and/or misused credentials (user names and passwords) continues to be the most frequent way attackers gain access to information, making the case again for using two-factor authentication. The report also noted that insider attacks are on the rise, especially for intellectual property.

Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators. Read our InformationWeek Elite 100 issue today.

William Jackson is writer with the <a href="" target="_blank">Tech Writers Bureau</A>, with more than 35 years' experience reporting for daily, business and technical publications, including two decades covering information ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
4/29/2014 | 4:34:55 PM
Whatever happened to accountability?
That a law must be passed to compel federal agencies to be transparent in order to track breaches is astonishing to me.  
User Rank: Author
4/22/2014 | 3:59:50 PM
Re: Caution with the numbers
pfretty, thanks for making the added point: Sometimes, its easy to focus too much on the numbers and miss the larger message.  Your point that leading infrastructure sectors have been targeted more than retail and consumer sectors is an important part of that message, and one worth heeding.  Of note: see our story this week on the Cybersecurity Framework for Critical Infrastructure: Protecting Critical Infrastructure: A New Approach  and Sensitive Data: What Constitutes 'Reasonable Protection'?

User Rank: Ninja
4/22/2014 | 3:44:46 PM
Re: Caution with the numbers
The actual numbers themselves are not as important as the overarching message -- in a data-based society, we need to pay more attention to accesspoints. According to the 2013 HP Ponemon Cost of Cyber Crime report (, all industries fall victim to cybercrime, but to different degrees. The report breakd out the average annualized cost of cyber crime appears by industry segment, and organizations in defense, financial services, and energy and utilities experience substantially higher cyber crime costs than organizations in retail, media and consumer products. Simply put hackers are under far more targeted campaigns while utilizing higher levels of sophistication. 

Peter Fretty,
User Rank: Author
4/22/2014 | 1:16:29 PM
What's new about the espionage incidents
One of the other interesting points raised by the Verizon team in their findings on espionage is the fact that while spear phishing, via mostly email, remains the most often used method by hackers to break into a system, there has been a notable rise in strategic web compromises as a method of gaining initial access.
User Rank: Author
4/22/2014 | 1:07:51 PM
Caution with the numbers
I think the narrative in the Verizon report says it well:

"Before someone concludes we're asserting a vast increase in
espionage in 2013, we're quite sure countless organizations
have been consistently targeted for several years. Instead,
we attribute this increase primarily to our ever-expanding set
of contributors conducting research in this area, along with
more community information sharing that improves discovery
capabilities. Like a streetlight illuminating cars parked along
the street, more contributors allow us to see more cars.
Unfortunately, we can also see that those cars have broken
windows and stolen stereos."
10 Cyberattacks on the Rise During the Pandemic
Cynthia Harvey, Freelance Journalist, InformationWeek,  6/24/2020
IT Trade Shows Go Virtual: Your 2020 List of Events
Jessica Davis, Senior Editor, Enterprise Apps,  5/29/2020
Study: Cloud Migration Gaining Momentum
John Edwards, Technology Journalist & Author,  6/22/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
Flash Poll