Of confirmed breaches, 18 percent were caused by cyberespionage, which accounted for 0.8 percent of total incidents. The attacks were targeted primarily at the manufacturing, public-sector and professional industries, looking to gain secrets, credentials, internal and systems data. However, of the 548 total incidents, only one-third of them had attacker attribution. The breaches were primarily carried out using email attachments, email links and web drive-by. In order to prevent cyberespionage attacks, the report recommended collecting data, including email transaction logs, attachment records and links in emails. While that likely won't stop an intent state-sponsored attack, the report said these steps could help defend the organization against its repercussions.