Cyber attacks against retailers worsening

Despite a 50 percent drop in the number of cyber attacks against U.S. retailers since 2012, new research from IBM finds that the number of records stolen from retailers in cyber attacks remains at near-record highs.

Cyber attackers stole than 61 million records from retailers last year, demonstrating their increasing sophistication and efficiency, according to IBM's Managed Security Services' "2014 Retail Research and Intelligence Report"  and "Holiday Trends: Black Friday/Cyber Monday Research and Intelligence Report."

"The threat from organized cyber crime rings remains the largest security challenge for retailers," said Kris Lovejoy, general manager of IBM Security Services. "It is imperative that security leader, and CISOs in particular, use their growing influence to ensure they have the right people, processes and technology in place to take on these growing threats."

Surprisingly, the majority of cyber attackers scaled back their hacking efforts around Black Friday and Cyber Monday in 2014, rather than capitalizing on the massive spike in retail spending, IBM found.

Still, despite the significant drop in the number of incidents, the cybercriminals were able to impact a greater number of victims with each incident. When the data was narrowed down to only incidents involving fewer than 10 million records—which excludes the top two attacks over this timeframe, Target and The Home Depot—the data shows that the number of retail records compromised in 2014 increased by more than 43 percent over 2013.

Target accounted for the largest breach, with more than 70 million records compromised, followed by Home Depot with 56 million compromised.

Even though point-of-sale (POS) malware attacks were in the news, the vast majority of incidents against retailers involved Command Injection or SQL injection. The complexity of SQL deployments and the lack of data validation performed by security administrators made retail databases a primary target, according to IBM. "Over 2014, this Command Injection method was used in nearly 6,000 attacks against retailers," according to an IBM statement.

Additional methods include Shellshock as well as POS malware such as BlackPOS, Dexter, vSkimmer, Alina and Citadel.

For more:
-See this IBM press release
-See this IBM report
-And this IBM report

Related articles:
What retailers can learn from Sony data breach
Retail security still very much under attack
Consumers say card breaches common
Target found negligent in data breach
DDoS attacks are on the rise