Netizens beware! China could be snooping around

China is the 'most active source' of national and industrial cyber espionage in the world, a report by United States-based telecom major Verizon has alleged.

The 2013 Data Breach Investigations Report analyses more than 47,000 reported security incidents and 621 confirmed data breaches from the past year.

"Ninety six per cent of espionage cases were attributed to threat actors in China and the remaining four per cent were unknown. This may mean that other threat groups perform their activities with greater stealth and subterfuge. But it could also mean that China is, in fact, the most active source of national and industrial espionage in the world today," the report said.

It added, "State-affiliated actors tied to China are the biggest mover in 2012. Their efforts to steal IP comprise about one-fifth of all breaches in this dataset."

Click on NEXT for more...

The report also analayses 2,500 data breaches and 1.1 billion compromised records of the past nine years.

For the majority (75 per cent) of breaches in the firm's data set, the report said, the threat actor's country of origin was discoverable and these were distributed across 40 different nations.

It is fascinatingly apparent that motive co-relates very highly with country of origin, it added.

Speaking on the findings of the report, Verizon Risk Team Managing Principal Wade Baker said that the report addresses issues and security events such as network intrusion, insider misuse and attacks against energy and critical infrastructure sectors.

Click on NEXT for more...

"It analyses 47,000 reported security incidents from 28 different countries, including India, and has been evaluated by 19 security organisations," Baker, who is also the author of the report, added.

On the role of China, he said, "We used the word state affiliated, not necessarily actors, that we absolutely know are part of the Chinese government or sponsored by the Chinese government directly, but there is kind of a range, they can be affiliated, may be they are part, may be they are sponsored. Also you see things like stealing information and then that information finds its way into the businesses and government in China. And sometimes you miss how it got there, but it is clear they are acting on the agenda."

Data Security Council of India CEO Kamlesh Bajaj said, "There have been earlier reported incidences where some of the attacks could be traced, that the leaks were taking place inside China, with IP addresses in China". 

Click on NEXT for more...

When asked about the evidence on China, Baker said, "Yes, we have some evidence to believe that they really are part of the government, but it is hard to say that all the way to groups who seem to be acting  on behalf of or with the state. When they steal data, it winds up in the hands of various economies and governments in China."

Baker, however, said it is difficult to ascertain the capacity in which they serve the interest of China.

On financially motivated cyber crimes, the report said, "The majority of financially motivated incidents involved actors in either the US or Eastern European countries (like Romania, Bulgaria and the Russian Federation)."

On such crimes, Baker said, most of financially motivated crimes took place in Eastern Europe.

"If you are talking network intrusions and financially motivated crimes, most of the ones that we are seeing are Eastern Europe -- Romania, Bulgaria, etc. The ones that were from the US were crime groups that were physically installing consuls for ATM skimming and point-of-sale skimming and all of that," he added.

Bajaj said it is difficult to take any concrete actions against such global actors "because in many of these financial crimes, you can't use or invoke international laws."

Click on NEXT for more...

...