SAN FRANCISCO (Reuters) - Hacking for espionage purposes is sharply increasing, with groups or national governments from Eastern Europe playing a growing role, according to one of the most comprehensive annual studies of computer intrusions.
Spying intrusions traced back to any country in 2013 were blamed on residents of China and other East Asian nations 49 percent of the time, but Eastern European countries, especially Russian-speaking nations, were the suspected launching site for 21 percent of breaches, Verizon Communications Inc’s said in its annual Data Breach Investigations Report.
Those were by far the most active areas detected in the sampling, which drew more than half of its data from victims in the United States. About 25 percent of spying incidents could not be attributed to attackers from any country, according to the authors of the report.
Though the overall number of spying incidents studied tripled to 511 from total in the 2013 Verizon report, most of that increase is due to the addition of new data sources. Even looking at just the same contributors as before, however, espionage cases grew, said Verizon investigator Bryan Sartin.
Not all electronic spying was blamed on governments. Investigators from Verizon, Intel Corp’s McAfee, Kaspersky Labs and other private companies and public agencies contributing data ascribed 11 percent of espionage attacks to organized criminals and 87 percent to governments.
In some cases, the criminal gangs were probably looking to sell what they found to governments or competitors of the victims.
“We do see a slight merging between the classic organized criminal and the espionage crook,” Sartin said, adding that he expected that trend to continue.
If the rise of detected Eastern European spying comes as a surprise to those mainly familiar with accusations against China, a bigger surprise might be the study’s findings about attacks on retailers.
Though recent breaches at Target Corp and other retailers through their point-of-sale equipment have dominated the headlines and prompted congressional hearings in the past few months, fewer such intrusions have been reported to the Verizon team than in past years, even as the number of report contributors has multiplied.
“The media frenzy makes quite a splash, but from a frequency standpoint, this largely remains a small-and-medium business issue,” the study says.
The report will be released to the public on Wednesday.
Reporting by Joseph Menn; Editing by Robert Birsel