Retail cyber attacks drop by half despite rising data theft: IBM

Hackers managed to steal more than 61 million records from retailers in 2014, even though the overall number of cyber attacks dropped by 50 percent.

ibm1.jpg

A report released Monday from IBM security researchers suggests that, overall, cyber attacks against retailers are on the decline, even though the total amount of data compromised continues to steadily rise.

According to the IBM research and intelligence report, the number of retail cyber attacks have dropped by 50 percent since 2012. But even with that significant decrease, hackers still managed to steal more than 61 million records from retailers -- a rise of roughly 43 percent since 2013. And that's not including either the Target or the Home Depot breaches.

The disconnect in the figures suggests that hackers are becoming more pointed and sophisticated in their attacks, doing more damage in fewer places.

As for mode of attack preferred by hackers, 2014 was the year of Secure Shell Brute Force, overtaking the malicious code method that prevailed for the two years prior.

And although there has been a rise in POS malware, the retail sector found itself particularly vulnerable to Command Injection attacks, which were used in nearly 6,000 retail hacks throughout 2014. IBM attributes the complexity of SQL deployments and the lack of data validation performed by security administrators as reasons why retail databases are the primary targets for these types of attacks.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All