Remember who it is making these claims...
http://washington.cbslocal.com/2012/12/04/they-can-hear-you-now-verizon-patent-listens-in-on-customers/
Spooks carrying out state-sponsored cyber-espionage were responsible for one in five data breaches last year, researchers have claimed. New statistics contained in Verizon’s Data Breach Investigation Report 2012 found that 19 per cent of all attacks were carried out by agents acting on behalf of their government. Researchers …
And they're an US company. If they detected a hack that traced back to the US government, would they be allowed to talk about it? Even if they were legally allowed to - would they risk being branded un-American and losing that market?
Somehow, I doubt that China is the lone player in government-backed hacking. Maybe they're the least competent one, so they get detected, and can't put enough pressure to keep it under wrap.
Of course, that could just mean that the Chinese state-backed cyber-spies are particularly inept and leave obvious trails back home.
The states that are really behind 96% of cyber-spying have spies that don't get spotted at all.
China isn't incompetent at all. The reason they represent the largest percent is they are doing this on the largest scale (and typically targeting US and EU). I would like to see everyone do what I'm doing (at home at on my corporate network). Drop all packets unacknowledged originating from China subnets. My company doesn't do any business with any Chinese companies and it's amazing how quiet your IDS gets once you just block those addresses. I realize they can use proxies to get to me, but if EVERYONE would do this, they wouldn't have very many avenues to use. Let's build a new Great firewall of China! (BTW, let's also add Russia and Nigeria).
Unfortunately, large countries with well maintained networks must also use APNIC allocations. Blocking the constant stream of intrusion attempts from China, Korea, and Taiwan isn't as simple as adding a bunch of /8 CIDRs. Australia, New Zealand, and Japan should tell APNIC to get their crap together and release all of those giant IPv4 blocks with invalid registrations. Electronic intrusions and espionage attempts would drop instantly.
How many of these attacks are from organizations working for the Chinese government, and how many are from poorly secured residential machines that are being controlled by parties unknown?
From a practical perspective, it really does not matter unless pursuing the perps. If all you are concerned about is defending against the attacks and blocking these addresses stops that without causing problems, then this is the way to go.
> New statistics contained in [ the american company ] Verizon’s ...
Or is there actually an espionage gap? One that represents as big a threat as the missile gap, the bomber gap or the mineshaft gap ( 'pollies to Dr. Strangelove for that last one ). If so, what is the United States of Merkins going to do to close the gap. One must assume a rapid deployment of hackers on their part to catch up.
Unless there is no gap and the USA-ian hackers just don't get caught, or have a blind eye turned (or maybe even hacked the survey?).
Pot, meet kettle. Seriously, is there a little sampling bias here? There were recent reports of a Chinese General complaining about attacks from the US. Both US and China have active cyber "defence" units.
What is more interesting in the report is that most of the attacks are criminal, only a fifth are government-backed.
@steve 124 - if you build your great firewall, where are you going to buy your iPhones and other cheap electronics from?
"Some 21 percent of the attacks were carried out by state-affiliated hackers on espionage missions, 96 percent of which could be tracked back to China."
So some 79% of the attacks are unaccounted for. And Verizon would have you believe that that is all the work of free-lance hackers.
Poppycock.
Does anyone here besides Matt Bryant believe that? Does anyone besides MB believe that Verizon!!! would tell you the truth about what percentage of the attacks came from the US and its henchnations. Even if Verizon determined, located and knew the US attacks/espionage, they would bury that number in a different designation, like kindergarten attack sector or church choir attack sector.
If China has 96% state sponsored cyber-spying, does that mean that the US, the UK, German, France, Israel et alia share the remaining FOUR PERCENT?
Lord, save me from gullible dimwits who take as gospel the word of a mobile phone carrier.
the local tin foil wearing "the CIA is behind it all" nut cases are out in full force today.
Listen dimwits , what verizon is saying is that the attacks of WESTERN companies are coming
from China , not whether China is being hacked , how the flyin F , would they know or care! What the CIA is going to hack China for what , their industrial secrets? GET A GRIP and I'm pretty damn sure the CIA is not intrested in hackin tibetan freedom organisations either.
But now you can get back to fighting running dog imperialists, the builderburg group an the jews as we all know they are the secret elite running the world........idiots!