First the good news: The number of cyber attacks on retailers dropped by half in 2014. The bad news? The thieves are escaping with much bigger hauls as assaults show a greater degree of sophistication.
According to data amassed by IBM, US retailers experienced a 50% decline in cyber attacks during 2014. However, the hackers still managed to plunder more than 61 million records, using new techniques to obtain massive amounts of confidential records with increased efficiency.
“The threat from organised cyber crime rings remains the largest security challenge for retailers,” says Kris Lovejoy, general manager, IBM Security Services. “It is imperative that security leaders and CISOs in particular, use their growing influence to ensure they have the right people, processes and technology in place to take on these growing threats.”
Despite the apparent “cyber threat slow down”, the retail and wholesale industries emerged as the top industry target for attackers in 2014, a potential result of the wave of successful high profile incidents among name brand retailers.
Attackers secured more than 61 million records in 2014, down from almost 73 million in 2013. However, when the data was narrowed to only incidents involving less than 10 million records (which excludes the massive hacks against Target and Home Depot), the figures show a different story - the number of retail records compromised in 2014 increased by more than 43% over 2013.
While IBM pinpointed a rise in the number of Point of Sale (POS) malware attacks, the vast majority of incidents targeting the retail sector involved Command Injection or SQL injection.
The complexity of SQL deployments and the lack of data validation performed by security administrators made retail databases a primary target, says the vendor. Over 2014, this Command Injection method was used in nearly 6000 attacks against retailers. Additional methods include Shellshock as well as POS malware such as BlackPOS, Dexter, vSkimmer, Alina and Citadel.