Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

China, Romania Key Sources of Hacking: Verizon

Related Coverage: Financial Cybercime and Cyberespionage Dominate Threat Landscape, Verizon DBIR

Related Coverage: Financial Cybercime and Cyberespionage Dominate Threat Landscape, Verizon DBIR

WASHINGTON – China and Romania were by far the largest sources of confirmed hacking attempts last year, with China’s mostly from state-controlled sources aimed at data theft, a new report said Tuesday.

Verizon’s 2013 Data Breach Investigations report said 30 percent of 621 confirmed attacks were sourced back to China, 28 percent to Romania, and another 18 percent to the United States.

By far most of the attacks in China were focused on data theft, the report said, while those from Romania and most of those in the United States were about theft for financial gains.

“State-affiliated actors tied to China are the biggest mover in 2012. Their efforts to steal IP (intellectual property) comprise about one-fifth of all breaches in this dataset.”

“This may mean that other threat groups perform their activities with greater stealth and subterfuge. But it could also mean that China is, in fact, the most active source of national and industrial espionage in the world today.”

The report was compiled together with 19 groups from the global computer security and law enforcement community, many of them national cybersecurity organizations and public-private computer security groups.

Advertisement. Scroll to continue reading.

The report said there were some 47,000 reported security incidents last year, the large part of them related to error, usually on the part of someone in a company who has lost a device or missent an email that could expose its systems.

But of those, there were 621 confirmed data breaches, three-quarters of them driven by financial motives.

Of the total, 111 were combined physical and malware attacks on smaller establishments aimed at financial theft.

Another 190 involved the physical penetration of bank automatic teller or cash point machines, using skimming devices to steal customer data.

And 120 more were what the Verizon report called the standard technique for penetrating networks and data for financial and espionage reasons: a mix of malware, hacking, phishing and other techniques.

Out of the 621 breaches, 19 percent came from state-linked actors, almost all of those from China, and were not financially driven, the report said.

Those from Romania, Russia and Bulgaria — 40 percent of the total — were virtually all aimed at financial gains.

 Related: Financial Cybercime and Cyberespionage Dominate Threat Landscape, Verizon DBIR

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...