Hackers going after intelligence data, but most will also take your money


Cybercriminals are still greedy, but a recent report indicates an increase in hacking attacks designed to steal information.

Verizon's Data Breach Investigations Report noted a fourfold uptick in hacker attacks in 2013. The study examined 63,000 cyberattacks worldwide and found that while the vast majority were typical money grabbing schemes, 511 were intended to snatch sensitive information.

This is up from the 120 such attacks that took place the prior year. Verizon noted that the majority of espionage-type attacks were launched from Asia and Eastern Europe and targeted against the government and corporations.

Verizon found that about 1,300 of the attacks resulted in data loss.

"When we had big spikes like those in 2011 when they were at their highest, we would see sprees where one criminal group was attributed to 50 to 100 victims," said Marc Spitler, Verizon senior analyst and DBIR co-author. "Criminals would cast a net and script something that finds POS servers with weak credentials, and install malware and away they would go. We called it the industrialization of cybercrime and financially motivated cybercrime."

Verizon said one reason the number of attacks rose is because countries and companies are actually bothering to report the incidents.

"Like a streetlight illuminating cars parked along the street, more contributors allow us to see more cars," the report says. "Unfortunately, we can also see that those cars have broken windows and stolen stereos."

The year 2013 featured several high-profile cybercrimes, including the Target and Neiman Marcus cases where the private data from millions of customers was stolen during the holiday shopping season.

"If they can steal it and sell it, they will," said Sean McGurk, managing principal for Verizon's risk team and a former cybersecurity specialist with the U.S. Department of Homeland Security.

Other famous attacks centered on the on-going Syrian Civil War and those conducted possibly under the auspice of the Chinese government by the People's Liberation Army. The Syrian Electronic Army hacked the Associated Press' Twitter account last April.

"We've got to protect the critical infrastructure," said former Homeland Security Secretary Tom Ridge, speaking last week at a cybersecurity forum in San Francisco. "The government has no critical infrastructure of its own, it relies upon the private sector to provide those services and infrastructure. And when that goes down, the government goes down." 

ⓒ 2018 All rights reserved. Do not reproduce without permission.
Real Time Analytics