Richer pickings: Cybercriminals moving from finance to retail sector

  • Retail sector experienced almost 3x as many attacks as financial sector
  • Both process large volumes of personal information and credit card data
Richer pickings: Cybercriminals moving from finance to retail sector

 
CYBERCRIMINALS have shifted their focus from traditional financial markets to targeting the retail sector, according to the annual NTT 2016 Global Threat Intelligence Report.
 
Retail organisations experienced nearly three times as many cyberattacks as those in the finance sector, which was top of the list of cyberattacks on organisations in the 2015 report, NTT subsidiary Dimension Data said in a statement.
 
Cyberattacks on financial industry dropped significantly to 14th position, the company added.
 
READ ALSO: Mission Impossible? Bridging the cyber-physical divide in security
 
“The retail and financial sectors process large volumes of personal information and credit card data,” said Matthew Gyde, Dimension Data’s group executive of security.
 
“Gaining access to these organisations enables cybercriminals to monetise sensitive data such as credit card details in the black market, which validates that cybercriminals are motivated by the rewards of financial crime,” he added.
 
NTT’s annual Global Threat Intelligence Report contains security threats gathered during 2015 from 8,000 clients of NTT Group security companies including Dimension Data, Solutionary, NTT Com Security, NTT R&D, and NTT Innovation Institute (NTTi3).
 
This year’s data is based on 3.5 trillion security logs and 6.2 billion attacks. Data is also gathered from 24 security operations centres and seven research and development centres of the NTT Group, Dimension Data said.
 
The retail sector topped the list of all cybersecurity attacks on all sectors at just under 11% in this year’s report, knocking the finance sector out of first place.
 

Richer pickings: Cybercriminals moving from finance to retail sector

“Retail companies are becoming increasingly popular targets as most process large volumes of personal information, including credit card data, in highly distributed environments with many endpoints and point-of-service devices,” said Dimension Data Asia Pacific’s security general manager Guido Crucq.
 
“Such diverse environments can be difficult to protect,” he added.
 
Other highlights in the NTT 2016 Global Threat Intelligence Report include:
 

  • 65% of attacks originated from IP (Internet Protocol) addresses within the United States. However, these IP addresses which could be located anywhere in the world. Cybercriminals are adopting low-cost, highly available, and geographically strategic infrastructure to perpetrate malicious activities.
  • Cybercriminals are increasingly leveraging malware to breach the perimeter defences of organisations. In 2015 there was an 18% increase in malware across all industries, excluding the education sector.
  • The frequency and complexity of malware is becoming more stealthy and sophisticated. While organisations are developing sandboxes to better understand cybercriminal’s tactics to protect themselves from attacks, at the same time, malware developers are aggressively developing anti-sandbox techniques.
  • Analysis of honeynet attacks in organisations reveals that attackers are making use of telcos and hosting providers to conduct their operations.

Related Stories:
 
Asian banks being targeted, time to get holistic on security
 
Cybercriminals going back to ‘old school’ techniques: Dell
 
Target: Learning from security breaches on POS systems
 
 
For more technology news and the latest updates, follow us on TwitterLinkedIn or Like us on Facebook.
 

 
Keyword(s) :
 
Author Name :
 

By commenting below, you agree to abide by our ground rules.

Subscribe to SNAP
Download Digerati50 2018-2019 PDF

Digerati50 2018-2019

Get and download a digital copy of Digerati50 2018-2019