Cybercrime is typically characterized as the work of data thieves either working alone or as part of a larger syndicate that wants to break into a network and steal personal or financial information. However, this does not account for all data breach incidents. A significant portion of cyberattacks are the work of foreign agents attempting to infiltrate the networks of rival nations. Verizon's annual Data Breach Investigations Report found that 19 percent of the 621 incidents identified by researchers could be characterized as cyber espionage.
By and large, the greatest culprit of these cyberspying incidents was the Chinese government. The vast majority, 96 percent, of the state-backed data breaches identified in the study were reported to have originated in China. The other four percent could not be identified, although the news outlet noted that countries such as Israel, France and Russia have all been known to engage in cyber espionage.
China has long been suspected by American cybersecurity experts of waging attacks against other nations' networks, especially those belonging to U.S.-based enterprises. For instance, a recent cybersecurity report alleged that an organization within the Chinese military known as Unit 61398 was responsible for more than 140 data breaches reported by corporations within the U.S. as well as other nations. Chinese officials denied the allegations upon the report's release, but this recent evidence lends support to the notion that state-backed cyber espionage is on the rise within the Chinese government and presents a very real threat to the data security of various North American interests.
Information gathering drives cyber espionage
Some say that the main driving force behind these types of data breaches was to acquire information that would support China's own national interests. This included the attempted theft of classified information, source code, trade secrets and sensitive military data. Past cyber espionage incidents have also been known to target the disruption of key infrastructure and industries, including financial centers, government agencies and academic research centers.
Cyber espionage campaigns can include the deployment of extremely damaging malware. For instance, a recent campaign purportedly launched by a state-backed Chinese group to acquire unmanned aircraft technology involved the use of an application that infected a user's computer and sent sensitive data files back to the source. To protect their proprietary and personal information, enterprises should implement measures that prevent malware from running on company machines. Using an application control program, IT teams can ensure that only the programs they authorize will launch.