Richer pickings: Cybercriminals moving from finance to retail sector
By Digital News Asia April 27, 2016
- Retail sector experienced almost 3x as many attacks as financial sector
- Both process large volumes of personal information and credit card data
CYBERCRIMINALS have shifted their focus from traditional financial markets to targeting the retail sector, according to the annual NTT 2016 Global Threat Intelligence Report.
Retail organisations experienced nearly three times as many cyberattacks as those in the finance sector, which was top of the list of cyberattacks on organisations in the 2015 report, NTT subsidiary Dimension Data said in a statement.
Cyberattacks on financial industry dropped significantly to 14th position, the company added.
READ ALSO: Mission Impossible? Bridging the cyber-physical divide in security
“The retail and financial sectors process large volumes of personal information and credit card data,” said Matthew Gyde, Dimension Data’s group executive of security.
“Gaining access to these organisations enables cybercriminals to monetise sensitive data such as credit card details in the black market, which validates that cybercriminals are motivated by the rewards of financial crime,” he added.
NTT’s annual Global Threat Intelligence Report contains security threats gathered during 2015 from 8,000 clients of NTT Group security companies including Dimension Data, Solutionary, NTT Com Security, NTT R&D, and NTT Innovation Institute (NTTi3).
This year’s data is based on 3.5 trillion security logs and 6.2 billion attacks. Data is also gathered from 24 security operations centres and seven research and development centres of the NTT Group, Dimension Data said.
The retail sector topped the list of all cybersecurity attacks on all sectors at just under 11% in this year’s report, knocking the finance sector out of first place.
“Retail companies are becoming increasingly popular targets as most process large volumes of personal information, including credit card data, in highly distributed environments with many endpoints and point-of-service devices,” said Dimension Data Asia Pacific’s security general manager Guido Crucq.
“Such diverse environments can be difficult to protect,” he added.
Other highlights in the NTT 2016 Global Threat Intelligence Report include:
- 65% of attacks originated from IP (Internet Protocol) addresses within the United States. However, these IP addresses which could be located anywhere in the world. Cybercriminals are adopting low-cost, highly available, and geographically strategic infrastructure to perpetrate malicious activities.
- Cybercriminals are increasingly leveraging malware to breach the perimeter defences of organisations. In 2015 there was an 18% increase in malware across all industries, excluding the education sector.
- The frequency and complexity of malware is becoming more stealthy and sophisticated. While organisations are developing sandboxes to better understand cybercriminal’s tactics to protect themselves from attacks, at the same time, malware developers are aggressively developing anti-sandbox techniques.
- Analysis of honeynet attacks in organisations reveals that attackers are making use of telcos and hosting providers to conduct their operations.
Related Stories:
Asian banks being targeted, time to get holistic on security
Cybercriminals going back to ‘old school’ techniques: Dell
Target: Learning from security breaches on POS systems
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.