Verizon: Advanced persistant threat is overblown

Verizon analyzes the state of computer security in its annual Data Breach Investigations Report

When Google admitted last year that it had been targeted by sophisticated hackers, possibly from China, it introduced a new term into the high technology lexicon -- the advanced persistent threat. These attacks are sophisticated, targeted, and almost impossible to stop. But according to Verizon, they're also a lot less common than most people think.

In fact, nowadays it's easier for some companies to say they were the victims of an advanced persistent threat (APT) attacks than to admit that their security systems failed, said Bryan Sartin, Verizon's director of investigative response. "It's out there," he said of the APT. "It's just so extremely overhyped."

Sartin, whose team gets called in to find the cause of data breaches, says that he's seen a tendency to label any hacking incident an APT attack play out several times since Google went public with the issue in January last year. Usually it happens about a month or two after his team finishes its analysis. "I get a link sent to me from one of my investigators saying, 'You're not going to believe this.' I open the link and get a statement from the company blaming advanced persistent threat."

Advanced persistent threat attacks are supposed to be sophisticated and highly targeted data exfiltration exercises conducted by spies or agents working on behalf of nation states.

Blaming APT has "become the perfect excuse" for companies recovering from a data breach, Sartin said. "It's almost as if it's become chic in the U.S. to blame it [on APT]," he said.

Part of the problem is confusion over China, the country most commonly associated with APT attacks. China is the source for most online attacks these days, no matter what the motivation. The country has more than 400 million Internet users, and many of them are using computers that don't have up-to-date patches or security software. Those PCs often get hacked and then used as stepping-stones for further attacks.

"China is like the wild west of source IP addresses that can be taken over to stage attacks, " Sartin said. So when attacks happen, "everybody looks at it and says, 'Oh that's the Chinese government.'"

That's a mistake, Sartin said. In fact, the majority of attacks -- 78 percent of all incidents -- result in stolen bank card data. That's not something that APT data-stealers are looking for. Data that's important to national security -- a prime target in the real APT incidents -- is stolen just 3 percent of the time, he said.

Working with the U.S. Secret Service and the Dutch National High Tech Crime Unit, Verizon was able to analyze 760 data breaches that occurred in 2010. Verizon is publishing its Data Breach Investigations Report detailing these findings on Tuesday.

The trend in 2010 was away from the massive data breaches that led to 144 million compromised records in 2009. Instead hackers are hitting a larger number of smaller businesses. The attacks are less sophisticated, but they are also more likely to stay under the radar of law enforcement. Although the total number of incidents counted in the report went up, just four million records were compromised in 2010, according to Verizon's data.

Instead of hitting big companies like TJ Maxx, hackers are more likely to go after smaller companies with less than 100 employees. These are often hotels, restaurants or mom and pop shops with a cash register or computer connected to the Internet. Their security isn't as good, and police are less likely to respond when they get hacked.

Most attackers are not super-sophisticated state-sponsored cyber-criminals. In fact, a lot of the really good criminals are already behind bars, so today's hackers tend to be less sophisticated, Sartin said. In fact, only 3 percent of all incidents were so sophisticated they were considered nearly impossible to stop.

Although many companies worry about insider attacks, 92 percent of the attacks came from outside the institution. Malicious software such as keyloggers and back door programs was involved about half the time.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Join the PC World newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags verizon businesssecuritylegalU.S. Secret Servicecybercrime

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?