Report: Cyber-Espionage Incidents on the Rise
This post is also available in: 
עברית (Hebrew)
A new report reveals that the cyber-espionage phenomenon is on the rise, with government agencies as the main targets.
According to a recent Verizon cyber-security report government agencies have become the main target for cyber-espionage, a type of cyber attack growing more and more common – even though the phenomenon is still relatively limited in scale.
According to the Information Week report last year saw more than 63,400 incidents around the world, with public sector organizations involved in around 75% of them. The report adds, though, that American regulations required adding many comparatively minor incidents to the statistics.
One major development is the significant rise in the number of espionage incidents in 2013 compared to the previous year. One of the causes is a rise in the number of reports, rather than the number of incidents. Still, it takes months or years to discover a cyber-espionage campaign, so the rise in the number of reports is still a cause for concern.
Governments don’t consider cyber-espionage incidents to be a significant threat – less than 1% of cyber incidents involve espionage, with most incidents involving criminal activities, negligence or theft. Most cyber-espionage attacks, however, targeted government agencies rather than private companies, with the U.S. government being the world’s no. 1 target – 54% of cyber-espionage campaigns against governments were aimed at the U.S.
iHLS – Israel Homeland Security
This type of incident can cause severe damage. In 62% of the cases it took months to discover the infiltration, and in 5% of the cases the attackers were discovered after hiding in the network for years. In the vast majority of cases the infiltration was discovered by a third party rather than the victim.
The report analyzed about 63,400 cases from 2013, involving 50 organizations from 95 countries – including the American CERT, U.S. Secret Service, DHS and other agencies from Argentina, the European Union, Ukraine and others.
Experts were surprised by the increase in cyber-espionage activities, and mentioned the difficulty of tracing their source. Most of them, around 87%, were probably conducted by state authorities rather than private groups. In Asia most of the attacks were carried out by Chinese or North Korean cyber-units.
The attackers, according to the Verizon experts, tend to use a method known as “spear phishing”, with almost 80% of the attacks based on malicious files attached to e-mail messages.
