Cyber-Espionage Report

Verizon
November 19, 2020

REPORT Details

Compass points and decoder keys

Welcome to the Cyber-Espionage Report (CER), our first-ever data-driven publication on advanced cyberattacks. The CER is one of the most comprehensive overviews of the Cyber- Espionage landscape, offering a deep dive into attackers, their motives, their methods and the victims who they target. The report serves as a tool for better understanding these threat actors and what organizations can do to hunt, detect and respond to Cyber-Espionage attacks.

This data-driven report draws from seven years of Data Breach Investigations Report (DBIR) content as well as more than 14 years of Verizon Threat Research Advisory Center (VTRAC) Cyber-Espionage data breach response expertise. The CER serves as a guide for cybersecurity professionals looking to bolster their organization’s cyberdefense posture and incident response (IR) capabilities against Cyber-Espionage attacks.

More specifically, the CER is an elaboration of the “Cyber-Espionage” Incident Classification Pattern as reflected in the 2020 DBIR. And as with the DBIR, we use the same naming conventions, terms and definitions. Content in this section and in “Appendix A: Frameworks” will help serve as your compass points and decoder keys for the rest of the report.

 Using this report

Throughout the CER, we present and compare findings from a seven-year perspective (content from the 2014 DBIR through the 2020 DBIR): Cyber-Espionage breaches vs. all breaches. At times, we also address findings from a one-year (2020 DBIR) perspective: Cyber-Espionage breaches vs. all breaches. All references to years in this report are in DBIR years. For example, “2020 DBIR timeframe” refers to DBIR year 2020, which in turn correlates with the DBIR dataset timeframe of October 2018 to October 2019.

Data Breach Investigations Report

The 2020 DBIR is our 13th edition, covering global cybercrime trends. The DBIR combines real data from scores of sources and provides actionable insight into tackling cybercrime.

VERIS framework

The Vocabulary for Event Recording and Incident Sharing (VERIS) framework is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. See “Appendix A: Frameworks”

Incident Classification Patterns

Way back in 2014, to help us better understand and communicate the DBIR dataset, we grouped “like” incidents together and called them “Incident Classification Patterns.” Nine patterns comprised the majority of data breaches back then and still do so today. These patterns are Crimeware, Cyber-Espionage, Denial of Service, Lost and Stolen Assets, Miscellaneous Errors, Payment Card Skimmers, Point of Sale, Privilege Misuse, Web Applications and the catchall Everything Else. For definitions and summaries, see pages 36 to 37 of the 2020 DBIR.

Cyber-Espionage pattern

The DBIR Cyber-Espionage pattern consists of espionage enabled via unauthorized network or system access. Nation-state or state-affiliated threat actors looking for those oh-so-juicy secrets primarily fall within this pattern.

Industry labels

We align the CER with the North American Industry Classification System (NAICS), a standard for categorizing victim organizations. NAICS uses two- to six-digit codes to classify organizations. For the CER, we use the two-digit classification level. We provide detailed analyses for seven NAICS-coded industries in “Appendix B: Industry dossiers.”

NIST Cybersecurity Framework

We use the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) in this report. Specifically, we use the five functional areas of Identify, Protect, Detect, Respond and Recover. See “Appendix A: Frameworks”

CIS Critical Security Controls

We also use the 20 Center for Internet Security (CIS) Critical Security Controls (CSCs) in this report. See “Appendix A: Frameworks”

Publisher's website.

DOWNLOAD

Price: FREE

DOWNLOAD COUNT: 1,230

SHARE:
Share on linkedin
Share on facebook
Share on twitter
Share on email

DOWNLOAD

Price: FREE

COVER

PROVIDER

Verizon
Verizon is a global leader delivering innovative communications and technology solutions that improve the way our customers live, work and play.

TOPICS

more from this PUBLISHER

2020 Payment Security Report
Wed, Oct 07
Free Direct Download
2020 Payment Security Report
Verizon
2020 Data Breach Investigations Report
Wed, May 20
Free Direct Download
2020 Data Breach Investigations Report
Verizon
Verizon Mobile Security Index
Tue, Feb 25
Direct Download
Verizon Mobile Security Index
Verizon
2019 Payment Security Report
Wed, Nov 13
2019 Payment Security Report
Verizon

MORE FOR YOU

Acronis Cyberthreats Report 2020
Thu, Dec 03
Free Direct Download
Acronis Cyberthreats Report 2020
Acronis
Executive Predictions 2021
Wed, Dec 02
Free Direct Download
Executive Predictions 2021
Splunk
2020 Update to Australia’s Cyber Security Competitiveness Plan
Mon, Nov 30
Free Direct Download
2020 Update to Australia’s Cyber Security Competitiveness Plan
AustCyber
How Australians are Connecting: Connectivity Report 2020
Thu, Nov 26
Free Direct Download
How Australians are Connecting: Connectivity Report 2020
Zoom

TRENDING NOW IN THE MARKETPLACE

Acronis Cyberthreats Report 2020
Thu, Dec 03
Free Direct Download
Acronis Cyberthreats Report 2020
Acronis
Executive Predictions 2021
Wed, Dec 02
Free Direct Download
Executive Predictions 2021
Splunk
2020 Update to Australia’s Cyber Security Competitiveness Plan
Mon, Nov 30
Free Direct Download
2020 Update to Australia’s Cyber Security Competitiveness Plan
AustCyber
How Australians are Connecting: Connectivity Report 2020
Thu, Nov 26
Free Direct Download
How Australians are Connecting: Connectivity Report 2020
Zoom
Scroll to Top