My Bad! Employee Slipups Lead to More Government Hacks Than Cyber Espionage

Governments in 2015 suffered more data breaches by goofing up and losing stuff, than by succumbing to the wiles of cyberspies.

That is the finding of security analysts from Verizon, the Homeland Security Department, the Pentagon and dozens of other public and private sector organizations in a report published today.

Often, the accidental breaches were discovered while in the process of dissecting intentional hacks.

The nation state spies "could care less about prosecution, so they step all over things in the crime scene, and in the course of the investigation and mopping up the incident -- then you are going to find evidence of errors and omissions," said Bryan Sartin, managing director of the Verizon RISK Team that authored the annual worldwide breach report.

In 2015, miscellaneous errors were the most common cause of data loss, responsible for 37 percent of confirmed public sector incidents. Cyber espionage came in at a distant 16 percent.

If a government employee delivers data to the wrong person or forgets to change the settings on a router, those easy mistakes could be directly responsible for a breach, according to the report, which Nextgov reviewed early.

"Miscellaneous errors play a very significant role in the federal sector,” Sartin said. “And that's unique.”

But, he adds, keep in mind governments are required to report even minor mishaps that do not result in identity theft or other abuses.

"The nature of the reporting that we're getting from the public sector, in no small degree, is driving up the numbers that we see there," Sartin said.

In the public sector last year, there were 47,237 so-called security events, in which the integrity, confidentiality or availability of data was compromised -- either deliberately or inadvertently.  

When espionage was the motivating factor behind a breach, the hackers were typically state-affiliated groups, but also sometimes competitors or nation states.

The most popular targets for spies were the government and manufacturing sectors, followed by professional firms, like certified public accountants, and information services.

Of note, hackers typically had ulterior motives for striking professional services companies.

"That sector, three years ago, was nonexistent in our data," Sartin said. "Now, it's huge." Today, in particular, state-affiliated bad guys seek information from attorneys and accountants to set the stage for espionage attacks.

If “you want to find an individual that has access to information of value, go into a law firm -- great way to do it,” he said.