Governments Behind Surge in Cyber-Espionage

J.D. Tuccille | 4.24.2014 10:03 AM

Stealing your money remains the number-one motive for bad guys staging cyber-attacks of various sorts, but greed is dropping in importance relative to nosiness, according to Verizon. The telecommunications company finds espionage soaring as a motive for online threats, driven by governments less interested in cash than information.

Overall, cyber-espionage made up about 22 percent of incidents lst year, and growing. According to the authors of the 2014 Data Breach Investigations Report, "We knew espionage had been rising over the last few years, but the trend line chart surprised us by the degree of convergence with financial motives."

The authors speculate that the rise in espionage as a driver of online attacks may be "the result of adding contributors to the DBIR who specialize in espionage," but make it clear that they don't know. It's a change in online activity that they'll continue watching, according to the report.

As for who is behind that online espionage, and the popular targets…

It's worth knowing that 54 percent of all cyber-espionage targets are in the United States—South Korea comes in second place at 6 percent. This actually represents a broadening of targets, with the U.S. share of attacks declining relative to past years. Using standard classifications, the main targets of espionage are in the public (government), professional (including scientific and technical), and manufacturing sectors.

With such an emphasis on government targets, it's no shocker that the main snoops are mostly other governments. A whopping 87 percent of the actor behind cyber-espionage are state-affiliated, followed by organized crime at 11 percent.

Also, not too surprisingly, much of the threat is from Eastern Asia. Forty-nine percent of the actors within cyber-espionage are from that region, with 25 percent unknown, and 21 percent from Eastern Europe.

The authors of the report are careful to caution that the report doesn't cover all online incidents—they're dependent on the information they can gather. So the data might be skewed. But that's an interesting growth in the use of the Internet as a battleground between governments.

By far, the most popular means of executing an espionage attack is spear phishing.

A well-crafted and personally/professionally-relevant email is sent to a targeted user(s), prompting them to open an attachment or click a link within the message. Inevitably, they take the bait, at which point malware installs on the system, a backdoor or command channel opens, and the attacker begins a chain of actions moving toward their objective.

As far as total threats go, though, hacking and malware remain the most dangerous, with financial motives still the main driver of attacks overall.

Who knows. As governments continue going broke, maybe money will become a main motivator for them, too. "GREETINGS: My father was a very wealthy military contractor in Washington, D.C.."

The Rattler is a weekly newsletter from J.D. Tuccille. If you care about government overreach and tangible threats to everyday liberty, this is for you.

NEXT: Obama Breaks Armenian-Genocide Promise for 6th Year in a Row

Hide Comments (10)

Editor's Note: As of February 29, 2024, commenting privileges on reason.com posts are limited to Reason Plus subscribers. Past commenters are grandfathered in for a temporary period. Subscribe here to preserve your ability to comment. Your Reason Plus subscription also gives you an ad-free version of reason.com, along with full access to the digital edition and archives of Reason magazine. We request that comments be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of reason.com or Reason Foundation. We reserve the right to delete any comment and ban commenters for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.

Suthenboy 11 years ago

"Inevitably, they take the bait, at which point malware installs on the system, a backdoor or command channel opens, and the attacker begins a chain of actions moving toward their objective."

Inevitably? Really? That drives me nuts. I never click, answer, respond to the fuckers. I can spot a con a mile away. I know people who do and it pisses me off. They are facilitating them with their naivety. Grow the fuck up.

Look, there is no such thing as 'Credit Card Services' and they will not call or email to ask about your account. They already have your account number, so they won't be asking for it.
There is Discover. There is Visa. There is MasterCard. There is CitiBank, but there is NO Credit Card Services.
Legitimate businesses contact you with real names and specific information. They don't call with questions and vagaries. They can be called back. They don't call from blocked or unknown numbers. They don't have email addresses in Africa or Vanuatu.
1. Suthenboy 11 years ago
  
  There is no way they can make your dick bigger, or fuck like you did at 19. There are no secret cures for Rheumatoid Arthritis, joint pain, impotence or hair loss. If it works, it is known and popular....you know, like Aspirin. Some fucking root or melon from an exotic locale won't make your teeth grow back. There is no weird trick that will help you lose weight or secret bible codes that will make you rich.
  
  Obama and cronies are not using a little known technique to gain millions, tax free, every month. They are just stealing and they are doing it right in front of your eyes.
  
  Good grief.
  1. Pl?ya Manhattan. 11 years ago
    
    You are crushing my universe here!!! Are you telling me I can't get Obama to refi my house either?
  2. Scruffy Nerfherder 11 years ago
    
    fuck like you did at 19
    
    Thank god, the constant boner was annoying.
    1. Suthenboy 11 years ago
      
      No shit.
Geoff Nathan 11 years ago

I work in IT security and read security listservs and blogs. They all agree that the greatest risk to the security of our machines and data is not hacked passwords but phishing. The number of successful phishing attacks never goes down, no matter how much training we make our users take. The 'Help Desk Team' will never threaten to shut down your account. Nor did you get a refund for $93.86, and just open this zip file... (I actually got one of those yesterday...)
Sigh...
1. Pl?ya Manhattan. 11 years ago
  
  I though you were a linguist of some sort...
  1. Geoff Nathan 11 years ago
    
    I wear two hats--one of them is IT-shaped, the other dabbles in phonology. But only after midnight under a full moon.
2. Suthenboy 11 years ago
  
  You mean I really did not win a free cruise to Hawaii, all expenses paid, in that contest that I don't remember entering?
  
  *hangs head, puts suitcase back in closet*
Almanian! 11 years ago

"Can you hear me now?"

Please log in to post comments

Governments Behind Surge in Cyber-Espionage

Latest

Cops Called on Dad for Playing Catch with 14-Year-Old Son at Park

ICE Denies Reason Access to Immigration Court In Miami Detention Center

Deported for Innocent Tattoos?

Oh, Canada

Federal Court 'Vacates in Its Entirety' the FDA's Costly and Onerous Lab Test Rule

Recommended

Login Form