GO
Loading...

Asian hackers drive spike in cyber-espionage

Gangs and state-backed hackers from east Asian and Russian-speaking countries drove a spike in cyber-spying last year, according to a detailed study, with most online breaches aimed at the U.S.

So-called cyber-espionage incidents – which see online hackers attempt to access secret information - tripled last year to 511, with data accessed in 306 of these cases, Verizon's Data Brach Investigations Report revealed.

It comes as online hacking is in the spotlight after the discovery of a major security flaw – known as the "Heartbleed bug" - which left personal information on websites vulnerable to theft.

Read MoreWeb passwords at risk from 'Heartbleed bug'

franhermenegildo | iStock | Getty Images

Some 49 percent of these cyber-espionage attacks were traced back to east Asia, with the majority coming from China and Korea, Verizon found. Eastern European hackers - particularly Russian-speakers – made up 21 percent of the incidents recorded, while a quarter were unattributed.

Over 85 percent of the hackers were state-backed, according to the report, while 11 percent of the attacks came from organized criminals.

Former employees of companies - as well as business competitors – were also found by Verizon to be carrying out electronic spying.

"We see, across the entire industry, an increase of cyber-espionage incidents being reported," Paul Pratley, global investigations manager of the RISK Team at Verizon, told CNBC in a phone interview.

"We feel… there is more information sharing happening, (and) that's helping to identify and shine a light on these incidents."

Read MoreATMs face hacking threat as Microsoft halts updates

The U.S. was the biggest victim of cyber-espionage in 2013, the Verizon report showed, with 54 percent of attacks targeted at American institutions.

Verizon's report made clear that the rise in cyber-spying could, in part, be attributed to a larger number of data sets included in the report from sources such as McAfee and Kaspersky Labs. Despite this, however, Pratley said there had been an increase in actual incidents.

Public and professional organizations, which include government bodies as well as private companies, were the target of nearly half of all espionage attacks.

And despite numerous complex methods of cyber-espionage, two-thirds of the security breaches were caused by a simple email attachment that contained a malicious link that is used more than two third.

Payment breaches

Verizon's data also revealed that incidents involving so-called "payment-card skimmers" - devices attached to ATMs that can read the magnetic stripe data on a card – rose slightly from from last year, although the overall number remained low at 130.

In the past, hackers using this method would have to return to the scene of the crime to collect the data, and so risk being caught. However more advanced technology means criminals are using remote methods such as Bluetooth to collect the information.

Read MoreCan your fridge be hacked in the 'Internet of things'?

Given the array of cyberthreats to both governments and businesses, Pratley warned that organization are generally unprepared.

"What we see is that organizations still lack a lot in terms of being able to recognise when there has been a breach," Pratley said. "We need to see organizations recognising this themselves, because the longer the incident occurs, the more damage that is done."

Contact Technology

  • CNBC NEWSLETTERS

    Get the best of CNBC in your inbox

    To learn more about how we use your information,
    please read our Privacy Policy.
    › Learn More

Squawk Alley