Cyber Crime against Retailers Becomes Industrialized

— November 06, 2012

Analysis from 2011 data breaches reveals that cyber criminals are automating and streamlining powerful high-volume attacks against retailers in increasing numbers. The industrialization of hacking is a new phase of data breach activity that is in part fueled by “hactivists” who are driven by beliefs or disgruntlement that leads to unpredictable protests, retaliation and pranks, according to the “2012 Data Breach Investigations Report” recently released by Verizon.
 
The 92-page report is the most thorough and comprehensively researched report of its kind and a source of invaluable information to retailers. Click here to download the full report.
 
The following are some key findings from this year’s report:
  • Compromised records incidents skyrocketed to 174 million (up from 4 million last year) making 2011 the second highest data loss total
  • 81% of breaches used some form of hacking (up 31%) and 60% incorporated malware (up 20%)
  • 94% of all data compromised involved servers (up 18%)
  • 85% of breaches took weeks or more to discover (up 6%)
  • 96% of incidents were discovered by a third party (up 6%)
  • 97% of breaches were avoidable through simple or intermediate controls (up 1%)
  • 96% of victims subject to PCI DSS had not achieved compliance (up 7%)
  • Attacks on servers were the top targets of breaches achieved by hacking and malware, which was followed closely by attacks on user devices
  • Tips suggested for retailers using POS: change administrative passwords on all POS systems, implement a firewall or access controls on remote access/administrative services, avoid using POS systems to browse the Web, and make sure POS is PCI DSS compliant
  • Top threats against large organizations are: keyloggers and using stolen credentials, backdoors and command control, tampering, pretexting (inventing a scenario to trick target into providing a method to allow attack), phishing, brute force (automated processes) and SQL injection (creating a command within Web page communication)
  • Accommodation and food services are by far the least secure industry accounting for 54% of breaches with retail coming in second with 20%
  • When looking at breaches that remove more than one million records the finance and insurance industry is tops accounting for 40% of these breaches followed by retail with 28%
  • Attacks from internal and partner sources have dropped precipitously since 2009, but external attacks have dramatically increased
  • The top motive for external hacking agents is clearly financial or personal grain with disagreement or protest coming in a distant second place
  • The top country of origin of external attacks is clearly East Europe with North America coming in a distant second
  • The top internal source of attacks is from a cashier/teller/waiter with manager/supervisor coming in a distant second
  • Top hacking methods are exploitation of default or guessable credentials, use of stolen login credentials, brute force and dictionary attacks, and exploitation of backdoor or command control channel
  • Top assets compromised by hackers are POS servers followed by POS terminals
  • Criminals operate on a three-day work week: Saturday, Sunday and Monday
  • Attacks took minutes to break in 70% of the time and extraction of data too minutes 38% of the time
  • Discovery of attacks took months 54% of the time
  • Top method of attack discovery was notification by law enforcement with third-party fraud detection coming in a distant second
Related Stories

Six Steps Toward tighter PCI and Data Security

Barnes & Noble Suffers Credit Card Data Breach at 63 Stores

The Seven Deadly Sins of Data Security Breaches

One in Four Consumers Worldwide Victimized by Payment Card Fraud


POST A COMMENT

comments powered by Disqus

RATE THIS CONTENT (5 Being the Best)

12345
Current rating: 0 (0 ratings)

MOST READ STORIES

topicsMore >

RIS EVENTS

2014 Retail Executive Summit
2014 Retail and Consumer Goods Analytics Summit