China, Romania key sources of hacking, report says

Apr 23, 2013
A person walks past a 12-story building alleged in a report on February 19, 2013 as the home of a Chinese military-led hacking group in Shanghai's northern suburb of Gaoqiao. China and Romania were by far the largest sources of confirmed hacking attempts last year, with China's mostly from state-controlled sources aimed at data theft, a new report said Tuesday.

China and Romania were by far the largest sources of confirmed hacking attempts last year, with China's mostly from state-controlled sources aimed at data theft, a new report said Tuesday.

Verizon's 2013 Data Breach Investigations report said 30 percent of 621 confirmed attacks were sourced back to China, 28 percent to Romania, and another 18 percent to the United States.

By far most of the attacks in China were focused on data theft, the report said, while those from Romania and most of those in the United States were about theft for financial gains.

"State-affiliated actors tied to China are the biggest mover in 2012. Their efforts to steal IP (intellectual property) comprise about one-fifth of all breaches in this ."

"This may mean that other threat groups perform their activities with greater stealth and subterfuge. But it could also mean that China is, in fact, the most active source of national and in the world today."

The report was compiled together with 19 groups from the global computer security and law enforcement community, many of them national cybersecurity organizations and public-private groups.

The report said there were some 47,000 reported security incidents last year, the large part of them related to error, usually on the part of someone in a company who has lost a device or missent an email that could expose its systems.

But of those, there were 621 confirmed , three-quarters of them driven by financial motives.

Of the total, 111 were combined physical and malware attacks on smaller establishments aimed at financial theft.

Another 190 involved the physical penetration of bank automatic teller or cash point machines, using skimming devices to steal .

And 120 more were what the Verizon report called the standard technique for penetrating networks and data for financial and espionage reasons: a mix of malware, hacking, and other techniques.

Out of the 621 breaches, 19 percent came from state-linked actors, almost all of those from China, and were not financially driven, the said.

Those from Romania, Russia and Bulgaria—40 percent of the total—were virtually all aimed at financial gains.

Explore further: Twitpic to stay alive with new owner

add to favorites email to friend print save as pdf

Related Stories

Quarter of US firms in China face data theft: lobby

Mar 29, 2013

Over a quarter of the members of a US business lobby in China have experienced data theft, the group said on Friday, after the two powers engaged in a war of words over state-sponsored hacking attacks.

China, US to set up cybersecurity working group

Apr 13, 2013

China and the US, which are embroiled in a bitter dispute over hacking, have agreed to set up a cybersecurity working group, US Secretary of State John Kerry said Saturday.

Chinese economic spying 'intolerable': US lawmaker

Oct 04, 2011

A US lawmaker said on Tuesday that Chinese economic espionage, including cyber spying, has reached an "intolerable level" and called for the United States and its allies to confront Beijing.

Security firm: Hackers hit chemical companies

Nov 01, 2011

(AP) -- Cyber attacks traced to China targeted at least 48 chemical and military-related companies in an effort to steal technical secrets, a U.S. computer security company said Tuesday, adding to complaints about pervasive ...

Recommended for you

Facebook dressed down over 'real names' policy

Sep 17, 2014

Facebook says it temporarily restored hundreds of deleted profiles of self-described drag queens and others, but declined to change a policy requiring account holders to use their real names rather than drag names such as ...

Yelp to pay US fine for child privacy violation

Sep 17, 2014

Online ratings operator Yelp agreed to pay $450,000 to settle US charges that it illegally collected data on children, in violation of privacy laws, officials said Wednesday.

User comments : 0