An annual data breach report found that cyber espionage activity increased more than threefold over the previous year – and that, in addition to China, a significant showing of attacks emanated from Eastern Europe.
In Verizon's “2014 Data Breach Investigations Report,” the service provider noted a total of 511 espionage incidents in 2013, with 306 events resulting in data disclosure.For the first time in its seven-year history, the data breach report analyzed security incidents that didn't result in breaches, in order to glean more knowledge on attack trends and threats.
Over the past two years, Verizon's partners for the report have grown from five to 49 organizations. To create its dataset, Verizon teamed with dozens of organizations around the globe. Contributors included security firms Kaspersky Lab, FireEye, McAfee, and WhiteHat Security, as well as law enforcement agencies, like the U.S. Secret Service, the Australian Federal Police (AFP) and the Dutch National High Tech Crime Unit (NHTCU). CERT teams throughout the world, as well as forensic providers like Deloitte & Touche and Guidance Software also participated.
With the expanded visibility, the source of cyber espionage attacks, in particular, appeared to be more dispersed globally, the report said. In last year's report, Chinese-based attackers were linked to 96 percent of all espionage incidents in 2012.
The report now notes that espionage attacks attributed to East Asia were “much less predominate in this year's data set," as 20 percent of espionage activity emanated from Eastern Europe.
“The 2013 dataset shows much more activity attributed to Eastern European actors, Russian-speaking ones in particular,” the report said. “As before, we don't propose these are the only active regions/ countries engaged in espionage. More comprehensive research into different actor groups is continually driving better detection and attribution, and we hope future versions of this report will show the fruits of those efforts.