sb-nz logo
Story image

Cyber-espionage growing problem for APAC region, report finds

Asia-Pacific’s public sector is at the greatest risk for advanced cyber-espionage attacks, while the region is hardest hit globally, according to the new Verizon Cyber-Espionage Report (CER) from the Verizon Threat Research Advisory Center (VTRAC).

Breaking down the stats

Cyber-espionage breaches in Asia-Pacific (42%) occurred more frequently than in the Europe, Middle East and Africa (34%) and North America (23%) regions.

The most targeted industries for attacks include the Public Sector (31%), followed by Manufacturing (22%) and Professional Services (11%).

The top actors in cyber-espionage breaches are state-affiliated (85%), nation-state actors (8%) and organised crime (4%).

The CER found that data that is confidential, sensitive or business-critical is often most targeted in cyber-espionage breaches, as attackers seek out data that could impact national security, political positioning and economic competitive advantage.

Recommendations for organisations

The CER is the first-ever, data-driven publication on advanced cyberattacks that analyses seven years (2014 to 2020) of Verizon Business Data Breach Investigations Report (DBIR) content.

It contains recommendations for organisations to better defend and recover from cyber-espionage attacks, including regular security awareness training, strengthening boundary defenses, MDR and DLP.

Regular security awareness training acknowledges that employees are the first-line of defense.

Social engineering, or phishing, is a common method cyber spies use to gain access into sensitive systems, the research states, therefore it is crucial that employees undertake regular security awareness training.

Effective boundary defenses, such as network segmentation, and stronger access management capabilities, such as access granted on a need-to-know basis, can mitigate cyber-espionage attacks.

A robust Managed detection and response (MDR) offering can identify indicators of compromise on the network and the endpoints.

Essential components of MDR include security information and event management (SIEM) technologies; threat intelligence; user and entity behavior analytics (UEBA); and threat hunting capabilities, as well as integrations with endpoint detection and response (EDR), network detection and response (NDR), and deception technologies.

Data leakage/loss prevention (DLP) can flag sensitive data being snuck out the back door.

Finally optimising cyber threat intelligence can help an organisation to recognise indicators of compromise; leveraging tactics, techniques and procedures; and implementing a strong incident response plan are also important strategies for combating cyber-espionage.

Approach cyber-espionage head-on

John Grim, lead author of the Verizon Cyber-Espionage Report, says, “Cybercrime comes in all shapes and sizes, but fighting and preventing it is of equal importance. Defenses and detection and response plans should be tested regularly and optimised to confront cyber threats head-on.

“This is particularly important for cyber-espionage breaches, which typically involve advanced threats targeting specific data and operating in ways to avoid detection and deny cyber defenders effective response.”

Story image
SASE vs zero trust – or the best of both worlds
Zero trust and SASE work together by converging a least-privilege access strategy with an architecture that simplifies how highly distributed users, BYOD, and cloud resources are secured.More
Story image
As digital transformation grows in A/NZ companies, misconceptions about their role in cloud security abound
While an 81% majority of A/NZ organisations are accelerating their digital transformation, a giant 99% of surveyed respondents say they believe their cloud security provider provides enough protection, according to a Trend Micro study. More
Story image
The current state of ransomware — and its future
Discoveries made by analysts at Sophos have unearthed a new development: ransomware code appears to have been shared across ‘families’, and some of the ransomware groups seemed to work in collaboration more than in competition with one another. More
Story image
Emotet remains leading malware in global threat index
The malware has impacted 7% of organisations globally, following a spam campaign which targeted more than 100,000 users per day during the holiday season.More
Story image
Scammers target victims using COVID vaccine news
Security experts are warning consumers to watch for phishing attempts linked to vaccine news. More
Story image
Check Point exposes Android malware vendor using dark net to rebrand products
Check Point security researchers have exposed an Android malware vendor using a marketer on the dark net to rebrand its products, with the intention of supercharging business and throwing off security vendors. More