Verizon Security Report Finds China Responsible for Nearly All Cyber Espionage Cases

The Verizon RISK (Research Investigations Solutions Knowledge) Team today released its annual Data Breach Investigations Report (DBIR) for 2013, which represents data collected from 19 global organizations, including the Australian Federal Police, National Cybersecurity and Communications Integration Center, U.S. Secret Service, and more. In it, Verizon highlights a growing number of hacker attacks originating from China, the country of origin of nearly all cyber espionage attempts.

"96 percent of espionage cases were attributed to threat actors in China and the remaining 4 percent were unknown," Verizon wrote it in its report. "This may mean that other threat groups perform their activities with greater stealth and subterfuge. But it could also mean that China is, in fact, the most active source of national and industrial espionage in the world today."

Verizon's report is the latest to call out China as a hotspot for hacker activity. A 60-page study released earlier this year by Mandiant, an American cyber security company, pinpointed an alarming number of attacks originating from a 12-story officer tower in Shanghai's Pudong district where a unit of China's People's Liberation Army (PLA) systematically stole hundreds of terabytes of data from at least 141 organizations.

China Police

"Chinese military forces have never supported any hacking activities," Geng Yangsheng, a spokesman for China's Ministry of National Defense, said in a statement regarding Mandiant's report. "The claim by the Mandiant company that the Chinese military engages in Internet espionage has no foundation in fact."

Verizon's report notes that the efforts by state-affiliated actors in China to steal IP compromise about one-fifth of all breaches. Be that as it may, the in-depth report wasn't a lengthy condemnation of China's hacking efforts, but a review of the entire threat landscape.

"The 2012 combined dataset represents the largest we have ever covered in any single year, spanning 47,000+ reported security incidents, 621 confirmed data disclosures, and at least 44 million compromised records (that we were able to quantify," Verizon stated.