According to a report issued by the US-listed security company FireEye, Britain and Germany were the most targeted EMEA countries in the first half of 2014. Nearly 17 percent of so-called advanced persistent threats (APT) were directed against Britain, 12 percent were aimed at Germany. In total, the number of APTs have nearly doubled in the first half of 2014. An APT is a complex network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. APT attacks aim at stealing data rather than to cause damage to the network or organization. Motivated by numerous goals and objectives, hackers are evolving the level of sophistication to steal personal data and business strategies, gain a competitive advantage or degrade operational reliability. Government, financial services, telecommunications and energy were the most targeted verticals. Britain and Germany were at the top of the EMEA list because many international companies have headquarters there. Their economies are appealing to hackers who are looking for financial gain. Due to the increasing threat for the local economies, law makers have started to implement counter measures:
- As reported in a previous post, on 20 August 2014, the German Federal Ministry of the Interior presented a draft legislation that introduces mandatory IT and cyber security measures designed to ensure the protection of IT systems. The Draft IT Security Act is part of the Federal Government’s “Digital Agenda 2014-2017”, and provides for binding minimum IT security standards for “critical infrastructures”.
- The European Union has implemented a Cybersecurity Strategy for the European Union and drafted a Directive on Network and Information Security.
- In April 2014, the US Securities and Exchange Commission recently announced a program of inspections regarding the cyber security measures.
- The UK have issued a Cyber Security Strategy. It has launched schemes to encourage companies to improve their cyber security.