retail trends
Technology

Company News • 14.01.2015

Number of cyber attacks on retailers drops by half

Despite an 50 percent decline in the number of cyber attacks against U.S. retailers, the number of records stolen from them remains at near record highs. IBM Security researchers report that in 2014, cyber attackers still managed to steal more than 61 million records from retailers despite the decline in attacks, demonstrating cyber criminal's increasing sophistication and efficiency.

Contrary to what most would expect, the majority of cyber attackers scaled back their hacking efforts around Black Friday and Cyber Monday in 2014 rather than capitalize from the massive spike in retail spending. The 2014 Retail Research and Intelligence Report and the Holiday Trends: Black Friday/Cyber Monday Research and Intelligence Report were created by IBM's Managed Security Services team of analysts, who monitor more than 20 billion security incidents every day.

According to the research, cyber attackers are becoming increasingly more sophisticated, using new techniques to obtain massive amounts of confidential records with increased efficiency. Since 2012, the number of breaches reported by retailers dropped by 50 percent. Despite this decline, the perpetrators were able to impact a far greater number of victims with each incident.

"The threat from organized cyber crime rings remains the largest security challenge for retailers," said Kris Lovejoy, General Manager, IBM Security Services. "It is imperative that security leaders and CISOs in particular, use their growing influence to ensure they have the right people, processes and technology in place to take on these growing threats."

Black Friday and Cyber Monday

Identified as the two biggest shopping days of the year by IBM's Digital Analytics Benchmark, cyber attackers reduced their activity across all industries on Black Friday and Cyber Monday, rather than taking action. When looking at the two week period (Nov 24 - Dec 5) around these days, the data shows the following activity across all industries:

  • The number of daily cyber attacks was 3,043, nearly one third less than the 4,200 average over this period in 2013.
  • From 2013 and 2014, the number of breaches dropped by more than 50 percent for Black Friday and Cyber Monday.
  • In 2013, there were more than 20 breaches disclosed including several large breaches that caused the number of records compromised to rise drastically, reaching close to 4 million.
  • Over the same period in 2014, 10 breaches were disclosed which resulted in just over 72,000 records getting compromised

Despite this "cyber threat slow down," the retail and wholesale industries emerged as the top industry target for attackers in 2014, a potential result of the wave of high profile incidents impacting name brand retailers. In the two years prior, manufacturing ranked first amongst the top five attacked industries while the retail and wholesale industry ranked last. This past year, the primary mode of attack was unauthorized access via Secure Shell Brute Force attacks, which surpassed malicious code, the top choice in 2012 and 2013.

Top breaches overshadow growing trend

Attackers secured more than 61 million records in 2014, down from almost 73 million in 2013. However, when the data was narrowed down to only incidents involving less than 10 million records (which excludes the top two attacks over this timeframe, Target Corporation and The Home Depot), the data shows a different story--the number of retail records compromised in 2014 increased by more than 43 percent over 2013.

Sophisticated methods of attack

While there has been a rise in the number of Point of Sale (POS) malware attacks, the vast majority of incidents targeting the retail sector involved Command Injection or SQL injection. The complexity of SQL deployments and the lack of data validation performed by security administrators made retail databases a primary target. Over 2014, this Command Injection method was used in nearly 6,000 attacks against retailers. Additional methods include Shellshock as well as POS malware such as BlackPOS, Dexter, vSkimmer, Alina and Citadel.

The data for the number of records compromised and breaches disclosed was analyzed by IBM security experts and was made publically available by Privacy Rights Clearinghouse. The remaining data came from IBM's Managed Security services team.

Source: IBM Security

channels: data analysis, database security

related articles:

popular articles:

Thumbnail-Photo: Fashion retail: mobile discovery, more convenient shopping...
04.07.2024   #online trading #brick and mortar retail

Fashion retail: mobile discovery, more convenient shopping

How Breuninger is breaking boundaries with omnichannel

Breuninger, with twelve stores in Germany and another in Luxembourg, provides a traditional shopping experience ...

Thumbnail-Photo: Cash Management with the apg® Note Acceptor...
06.08.2024   #security #cashpoints

Cash Management with the apg® Note Acceptor

Stand-alone or as addition to the smarttill® Suite

Theft and counterfeit fraud are significant threats to retailers, underscoring the need for secure cash management solutions.For reliable bill validation and secure storage of high-volume bills, the apg® Note Acceptor is an essential tool. It ...

Thumbnail-Photo: Hanshow Awarded FY24 China Top ISV Partner by Microsoft for Innovative...
04.09.2024   #artificial intelligence #cloud computing

Hanshow Awarded FY24 China Top ISV Partner by Microsoft for Innovative Retail Solutions

Hanshow, a leading provider of retail digital store solutions, has been awarded the "FY24 China Top ISV Partner" by Microsoft. The award recognizes Hanshow's innovative technologies and deep cooperation with Microsoft in the field of ...

Thumbnail-Photo: Time saving made easy
18.07.2024   #brick and mortar retail #software applications

Time saving made easy

Use of technology in retail: focus on increasing efficiency and customer satisfaction

Task management software is one of the retail solutions designed to help shops save time and ...

Thumbnail-Photo: Successful customer loyalty in times of change: how to win with...
31.07.2024   #brick and mortar retail #sustainability

Successful customer loyalty in times of change: how to win with omnichannel

Challenges and trends in a cross-channel strategy

How has customer loyalty changed? Why is a well thought-out omnichannel strategy crucial ...

Thumbnail-Photo: Intelligent shopping assistant: how can it help in the store?...
26.06.2024   #brick and mortar retail #app

Intelligent shopping assistant: how can it help in the store?

Practical examples of use in DIY stores and fashion stores

Product search, navigation, shopping basket management and checkout: intelligent shopping assistants can now be integrated into ...

Thumbnail-Photo: Introducing the Salto Glass XS Reader Series...
10.07.2024   #RFID (radio frequency identification) #access control systems

Introducing the Salto Glass XS Reader Series

Redefining Smart Access Control

Salto proudly unveils the Glass XS Reader Series, an innovative line of products ...

Thumbnail-Photo: ITL showcase age & identity technology at Seamless Europe...
09.09.2024   #brick and mortar retail #access control

ITL showcase age & identity technology at Seamless Europe

Innovative Technology offer a range of products that are ideal for retailers who are looking to implement age estimation technology ...

Thumbnail-Photo: Zebra: Using transparency to combat losses and shrinkage...
24.05.2024   #Tech in Retail #personnel management

Zebra: Using transparency to combat losses and shrinkage

Companies in the retail sector like Lowes Food, Belk’s and Vera Bradley are gearing themselves up for the future with cost optimisation strategies.

Loss prevention is playing an increasingly important role in reducing inventory discrepancies.Inventory is a major challenge for companies in the retail sector: 82% of retailers in Zebra's latest 16th Annual Global Shopper Study say that ...

Thumbnail-Photo: Introducing the Design XS Keypad Wall Reader Series...
23.07.2024   #access control #authentication

Introducing the Design XS Keypad Wall Reader Series

A New Level of Security and Convenience for Access Control

Leading global access solutions provider Salto Systems, part of SALTO WECOSYSTEM, is thrilled ...

Supplier

SALTO Systems GmbH
SALTO Systems GmbH
Schwelmer Str. 245
42389 Wuppertal
Innovative Technology Ltd.
Innovative Technology Ltd.
Innovative Business Park
OL1 4EQ Oldham
Zebra Technologies Germany GmbH
Zebra Technologies Germany GmbH
Ernst-Dietrich-Platz 2
40882 Ratingen
apg Solutions EMEA Ltd.
apg Solutions EMEA Ltd.
4 The Drove
BN9 0LA Newhaven