In the past several months, the cyber espionage landscape has been evolving rapidly. Recently, Verizon, the American telecommunications company, released its first analytical report on cyber espionage attacks. The report, titled Cyber Espionage Report (CER), provides several insights and trends about recent cyber attacks.
The CER includes seven years of Data Breach Investigations Report (DBIR) and fourteen years of Verizon Threat Research Advisory Center (VTRAC) data. Based on this data, several statistics have been revealed.
- In cyber espionage breaches, 85% of actors were state-sponsored and 8% were nation-state sponsored. In addition, 4% were associated with organized crime and 2% were former employees.
- The most impacted industries, affected by cyber espionage breaches in the last seven years, included the public sector, professional, manufacturing, information, mining/utilities, financial, and education.
- In cyber espionage breaches, most of the compromised devices were desktop/laptop (88%), cell phone (14%), and web application (10%). For all kinds of breaches combined, web applications (43%), desktop/laptop (31%), and email (21%) are the top targeted assets.
- Other attributes that were compromised during cyber espionage attacks include software installation (91%) and secrets (73%). Most of the compromised data types include credentials (56%), secrets (49%), internal (12%), and classified (7%).
In addition to Verizon, several other security firms have released cybersecurity analytical, and statistical reports, providing insights into cybersecurity.
- Recently, Wipro released its annual State Of Cybersecurity Report, which suggests that around 86% of all nation-state attacks fall under the espionage category. Out of these, around 46% are targeted towards private companies.
- Last month, the Australian Cyber Security Centre (ACSC) released an annual report on key cyber threats and statistics from 2019–2020, suggesting that ACSC had responded to 2,266 cybersecurity incidents. It received 59,806 cybercrime reports in that duration, at an average of 164 cybercrime reports per day, or one report every 10 minutes.
Reports released by numerous security organizations provide essential guidance to security experts. By following such reports, experts can better understand the threat landscape and ongoing trends among cybercriminals and prepare their actions accordingly.