Verizon’s annual Data Breach Investigations Report is out and several headlines have pointed to it highlighting China once again as the biggest source of global cyber espionage threats, however we need to be careful drawing such conclusions.
The report revealed that when it comes to cyber espionage, the majority (87%) is state affiliated rather than committed by organised crime (11%) and is targeted at victim organisations outside of the country of origin.
When it comes to “victim countries”, the US (54%) accounts for by far the majority, followed by South Korea (6%) and Japan (3%), although this is more of a reflection of the intelligence sources that inform the report than anything else.
More interestingly, it pegged “external actors” operating from Eastern Asia – mainly China and North Korea – as the most prolific worldwide, accounting for 49%.
Eastern Europe was next (21%), followed by Western Asia (4%), while North America and Europe were way down with just 1% each.
So what does this tell us? Well, those looking to prove that China is once again the arch bogeyman when it comes to global state-sponsored attacks should think twice, according to Verizon.
Report co-author and senior analyst, Kevin Thompson, told me that the results reflect the fact that large numbers of North American companies participate in the study and relatively few hail from East Asia – with none from China and Japan.
“We have been trying to recruit a partner organisation from China, Japan, or South Korea to increase our visibility into that part of the world,” he added. “Since many of our partners that investigate cyber espionage are based in North America they tend to only see attacks that are aimed at North American companies.”
Also, out of 511 total cyber espionage incidents recorded, more than half (281) were removed because no country could be attributed as the source of an attack.
“East Asia is the most commonly seen espionage actor when our partners are able to identify the country at all, which is not even half of the time,” Thompson explained.
“There tends to be more research around East Asian espionage than other countries, especially among North American partner organisations. Since there is more research in that area, it is easier for a partner to identify espionage from those regions while espionage from North America or Europe might be labelled ‘Unknown’ and would not be included in figure 59 of the report.”
If the NSA revelations have taught us anything it’s that the 1% figure for North America-based attacks is likely to be way smaller than in reality.
Verizon also claimed in the report that “the percentage of incidents attributed to East Asia is much less predominant in this year’s dataset”.
The real growth in activity is actually coming from Eastern European attackers, it said, adding the following:
At a high level, there doesn’t seem to be much difference in the industries targeted by East Asian and Eastern European groups. Chinese actors appeared to target a greater breadth of industries, but that’s because there were more campaigns attributed to them.
Malicious email attachment (78%) and web drive-by (20%) are still the most popular method of gaining access to a victim’s environment.
As for advice on how to lower the risk of a compromise, Verizon reiterated the basics.
These include: patch all systems and software so they’re fully up-to-date; use and keep an updated anti-malware solution; maintain user training and awareness programs; segment your network; log system, network, and application activity; monitor outbound traffic for data exfiltration; and use 2FA to stop lateral movement inside the network.
This week news emerged that the Indonesian government is planning to levy a 20 per cent luxury goods sales tax on all smartphones made outside the country. It’s an old fashioned piece of protectionism which could hit mobile phone makers in the region pretty hard and is unlikely to have the desired outcome.
As I mentioned in my story for The Register, Indonesia is a growing smartphone market with massive potential – as the world’s fourth most populous nation.
Firms that might be particularly dismayed by the tax include BlackBerry, which counts Indonesia as one of its few remaining strongholds, and Apple, which only recently restarted iPhone 4 production to target budget conscious locals.
If the rumours are true it can be seen less as an attempt to spur local handset makers, of which there are few, and more as a means to persuade more global manufacturers to locate facilities in the country.
Foxconn has already stolen a march on its rivals here by announcing a $1bn investment in facilities there.
Canalys analyst Jessica Kwee told me that, seeing as most domestic smartphone makers are focused on cheap, low-end handsets it’s unlikely that high-end users will be persuaded by the tax to buy local.
“What I think is more likely to happen is that the extremely wealthy would continue to buy their premium phones as is,” she said.
“Then other users will resort to the grey market to source their high-end phones – either via grey importers, by buying when they travel to nearby countries like Singapore or Malaysia, or by requesting from their friends etc. The latter would certainly not benefit the government.”
It’ll be interesting to see whether the government follows through with its plans. After all, at one stage it was mooting the tax only on handsets over Rp 5 million (£260), which I still reckon is the most likely outcome.
IT offshoring; not the most exciting topic in the world but a vital contributor to the global IT economy. Last week Gartner released a new report detailing the challenges and opportunities facing Asian locations and warned that while emerging stars such as Indonesia and Vietnam offer great cost savings, there are risks.
Primary among these, as I noted for The Reg, is that none are doing well when it comes to their Data/IP Security and Privacy rating.
Indonesia, Thailand, Sri Lanka, Bangladesh and Vietnam all ranked “poor”, while more mature markets China, Philippines, India and Malaysia only did one better at “fair”.
Report author Jim Longwood also told me that despite ostensibly low costs, some emerging destinations may incur hidden “soft costs”.
“In some countries, for example, you might have to use a local joint venture; or for manufacturing pay additional fees to ensure a higher level of continuity of power supply than local businesses and homes might receive to avoid ‘brown outs’,” he said.
“Another soft cost is building a local brand, to enable the captive to attract a better quality of resources, e.g. when competing against the well-known global brands like of IBM, HP, Microsoft, SAP & Oracle for local talent. Part of this may well be investing building campus type facilities as the Indian providers have done.”
So, which will emerge as the favourite place to offshore IT services in the future?
Well, there are a number of locations vying for the business of MNCs, the analyst told me. Vietnam Bangladesh and Indonesia are leading the pack of emerging Asian countries thanks to strong government support for the first two and “more adhoc local entrepreneurial means” in the latter.
As for China, well it is certainly creeping up fast on India, and was rated by Gartner as the sub-continent’s number one challenger in terms of scale.
However, India has won the “current battle” in terms of horizontal IT services for apps and business processes and will not be overtaken by the Middle Kingdom anytime soon.
“However, versus India, China has certainly won the ‘battle’ to be a leading global site for manufacturing technology whether for TVs, telecommunications or IT hardware componentry,” he added.