Culture

Governments Behind Surge in Cyber-Espionage

|

Online threat motives
Verizon

Stealing your money remains the number-one motive for bad guys staging cyber-attacks of various sorts, but greed is dropping in importance relative to nosiness, according to Verizon. The telecommunications company finds espionage soaring as a motive for online threats, driven by governments less interested in cash than information.

Overall, cyber-espionage made up about 22 percent of incidents lst year, and growing. According to the authors of the 2014 Data Breach Investigations Report, "We knew espionage had been rising over the last few years, but the trend line chart surprised us by the degree of convergence with financial motives."

The authors speculate that the rise in espionage as a driver of online attacks may be "the result of adding contributors to the DBIR who specialize in espionage," but make it clear that they don't know. It's a change in online activity that they'll continue watching, according to the report.

As for who is behind that online espionage, and the popular targets…

It's worth knowing that 54 percent of all cyber-espionage targets are in the United States—South Korea comes in second place at 6 percent. This actually represents a broadening of targets, with the U.S. share of attacks declining relative to past years. Using standard classifications, the main targets of espionage are in the public (government), professional (including scientific and technical), and manufacturing sectors.

With such an emphasis on government targets, it's no shocker that the main snoops are mostly other governments. A whopping 87 percent of the actor behind cyber-espionage are state-affiliated, followed by organized crime at 11 percent.

Also, not too surprisingly, much of the threat is from Eastern Asia. Forty-nine percent of the actors within cyber-espionage are from that region, with 25 percent unknown, and 21 percent from Eastern Europe.

The authors of the report are careful to caution that the report doesn't cover all online incidents—they're dependent on the information they can gather. So the data might be skewed. But that's an interesting growth in the use of the Internet as a battleground between governments.

By far, the most popular means of executing an espionage attack is spear phishing.

A well-crafted and personally/professionally-relevant email is sent to a targeted user(s), prompting them to open an attachment or click a link within the message. Inevitably, they take the bait, at which point malware installs on the system, a backdoor or command channel opens, and the attacker begins a chain of actions moving toward their objective.

As far as total threats go, though, hacking and malware remain the most dangerous, with financial motives still the main driver of attacks overall.

Who knows. As governments continue going broke, maybe money will become a main motivator for them, too. "GREETINGS: My father was a very wealthy military contractor in Washington, D.C.."