From: The Economic Times
NEW DELHI: China is the “most active source” of national and industrial cyber espionage in the world, a report by US-based telecom major Verizon alleged.
The 2013 Data Breach Investigations Report analyses more than 47,000 reported security incidents and 621 confirmed data breaches from the past year.
“96 per cent of espionage cases were attributed to threat actors in China and the remaining 4 per cent were unknown. “This may mean that other threat groups perform their activities with greater stealth and subterfuge. But it could also mean that China is, in fact, the most active source of national and industrial espionage in the world today,” the report said.
It added: “State-affiliated actors tied to China are the biggest mover in 2012. Their efforts to steal IP comprise about one-fifth of all breaches in this dataset.” The report also analayses 2,500 data breaches and 1.1 billion compromised records of the past nine years. For the majority (75 per cent) of breaches in the firm’s data set, the report said, threat actor’s country of origin was discoverable and these were distributed across 40 different nations.
It is fascinatingly apparent that motive co-relates very highly with country of origin, it added.
Speaking on the findings of the report, Verizon Risk Team Managing Principal Wade Baker told PTI that the report addresses issues and security events such as network intrusion, insider misuse and attacks against the energy and critical infrastructure sectors.
“It analyses 47,000 reported security incidents from 28 different countries including India and has been evaluated by 19 security organisations,” Baker, who is also the author of the report, added.
On role of China, he said: “We used the word state affiliated, not necessarily actors, that we absolutely know are part of the Chinese government or sponsored by the Chinese government directly, but there is kind of a range, they can be affiliated, may be they are part, may be they are sponsored. “Also you see things like stealing information and then that information finds its way into the businesses and government in China. And sometimes you miss that how it got there, but it is clear they are acting on the agenda.”
Data Security Council of India (DSCI) CEO Kamlesh Bajaj said: “There have been earlier reported incidences where some of the attacks could be traced, that the leaks were taken place into China, IP addresses in China.
When asked about the evidence on China, Baker said: “Yes, we have some evidence to believe that they really are part of the government, but, its hard to say that all the way to groups who seem to be acting on behalf or with the state or at least when they steal data it winds up in the hands of various economies and governments in China.”
Baker, however, said it is difficult to ascertain the capacity in which they serve the interest of China. On financially motivated cyber crimes, the report said: “The majority of financially motivated incidents involved actors in either the US or Eastern European countries (e.g., Romania, Bulgaria, and the Russian Federation).”
On such crimes, Baker said, most of financially motivated crimes took place in Eastern Europe.
“If you are talking network intrusions and financially motivated crimes, most of the ones that we are seeing are Eastern Europe — Romania, Bulgaria, etc. The ones that were from the US were crime groups that were physically installing consuls for ATM skimming and point-of-sale skimming and all of that…,” he added.
Bajaj said it is difficult to take any concrete actions against such global actors “because in many of these financial crimes you can’t use or invoke the international laws.”
Leave a Reply