Slashdot Mirror

← Back to Stories (view on slashdot.org)

China Behind 96% of All Cyber-Espionage Data Breaches, Verizon Report Claims

Posted by Soulskill on from the go-big-or-go-home dept.

colinneagle writes "Verizon's 2013 Data Breach Investigation Report is out and includes data gathered by its own forensics team and data breach info from 19 partner organizations worldwide. China was involved in 96% of all espionage data-breach incidents, most often targeting manufacturing, professional and transportation industries, the report claims. The assets China targeted within those industries included laptop/desktop, file server, mail server and directory server, in order to steal credentials, internal organization data, trade secrets and system info. A whopping 95% of the attacks started with phishing to get a toehold into their victim's systems. The report states, 'Phishing techniques have become much more sophisticated, often targeting specific individuals (spear phishing) and using tactics that are harder for IT to control. For example, now that people are suspicious of email, phishers are using phone calls and social networking.' It is unknown who the nation-state actors were in the other 4% of breaches, which the report says 'may mean that other threat groups perform their activities with greater stealth and subterfuge. But it could also mean that China is, in fact, the most active source of national and industrial espionage in the world today.'" The report also notes that financially-motivated incidents primarily came from the U.S. and various Eastern European countries.

9 of 96 comments (clear)

  1. I must admit a begrudging respect for China by TWiTfan · · Score: 5, Funny

    I kind of envy having a government so willing to go to bat for its native industry that it's willing to go as far as to steal IP for them. In my country, the government is more than happy to sit back and watch all its industries outsource and lay off everyone, and nationalism is regarded as a bad word. China, if nothing else, believes in China.

    --
    The cow says "Moo." The dog says "Woof." The Timothy says "Thanks, valued customer. We appreciate your input."
    1. Re:I must admit a begrudging respect for China by Anonymous Coward · · Score: 4, Insightful

      You're drawing a false distinction between China's government and it's industries. Companies in China essentially *are* part of the government.

    2. Re:I must admit a begrudging respect for China by gtall · · Score: 5, Insightful

      Your whole reply was pure speculation, unless the government has been giving you the memos, stop reading Mother Jones. You whole argument is that (1) you don't know what the government is doing, (2) therefore it is lying to you. Brilliant, Einstein.

    3. Re:I must admit a begrudging respect for China by Solandri · · Score: 5, Informative

      The difference is that from what I've seen of Asian corporate culture (I worked there for a couple years), it is not taboo to steal IP from competitors. In fact it's more or less considered normal albeit unspoken. It's not unusual for an employee who refuses to do it to be let go for other unspecified reasons.

      You've seen the stories over and over. Like how the Chinese government required Siemens to contract with Chinese companies to manufacture high speed trains, then once the companies had "acquired" enough technical knowledge to do it themselves they dumped Siemens. It makes me facepalm every time I read about some naive Western tech company eager to do business in China bending over backwards to please the Chinese government, like lambs to the slaughter, thinking that a few pieces of paper promising their IP is safe will protect them.

      In the late 20th century, this behavior was pretty much localized to the region. But now with the Internet, the behavior can reach around the globe. Those of you who think Western companies are the epitome of evil are in for a rude shock, once you see the no-holds-barred style of capitalism practiced in the East.

    4. Re:I must admit a begrudging respect for China by ebno-10db · · Score: 4, Insightful

      You don't last 2000+ years as a nation without a long term plan.

      China has fallen apart, and been glued back together, many times in the last 2000+ years. Emperor/Chinese party gets too greedy, peasants revolt, place falls apart for a few centuries, new peasant leader comes along and makes himself emperor (e.g. Mao) and it stays glued together for some time, until the cycle repeats.

      I'll buy that they're thinking longer term than the US, but that's also true of a hyperactive three year old. No country thinks 2000 years ahead. BTW Egypt has been around a lot longer and has at least as good of a claim to continuity.

  2. the other 4 percent by nimbius · · Score: 4, Funny

    was divided among local, state and federal government in their tireless quest to shit all over the middle east and shred the constitution.

    --
    Good people go to bed earlier.
  3. Block all of China? by Anonymous Coward · · Score: 5, Interesting

    I have a dumb question: If your company does not depend on doing business with China, why not block their entire country within your firewall? My current company has no dealings with China, so I've blocked their national IP address range. My spam/attacks have gone down almost 90% since doing so. I did the same with Russia and most of the former Soviet nations.

  4. DenyHosts Report by Sloppy · · Score: 5, Informative

    Added the following hosts to /etc/hosts.deny:
     
    [chinese address]

    [repeat dozens of times per day]

    At some point, you realize that the only time you ever communicate with that part of the Net, is when you're receiving an attack of some sort. Before long, "The Great Firewall of China" isn't going to be something installed by the Chinese government; it's something the rest of us will have done.

    Hmm... maybe that was the government's devious plan to combat internal dissent and external influences, all along!

    --
    As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  5. Re:I only have one question... by plover · · Score: 5, Interesting

    I realize you were probably asking this in jest, but Verizon Business Security is independent of their cell phone business. What happened is their investigators got pretty darn good at rooting out hackers, both internal and external. Helping customers find external hackers in their networks led them to offering these investigation services to other corporations. I'm pretty sure that their security team is a profitable self-sustaining division these days.

    The most important thing to the rest of us is they created a schema for recording incidents, and they publish the data (after anonymizing it.) With the number of investigations they perform, it becomes a statistically significant source of information about breaches, which had been a real black hole of information before.

    Most companies are reluctant to announce anything about their breaches. They're always negative publicity, they lead to accusations of wrongdoing or incompetence, and they may reveal other sensitive internal information about the kinds of data they keep. By being anonymized through the DBIR, we all get to learn much more about the threat landscape without being able to blame a specific company for a specific loss.

    --
    John