With a large amount of data, including names, social security numbers, payment information and more being saved by retailers across the world, it makes a fair amount of sense that cybercriminals would be looking to target these businesses more than others. Trustwave's 2013 Global Security Report said 45 percent of the online crimes in 2012 were perpetrated on retail businesses, about 15 percentage points higher than 2011. This should be a signal for online retailers everywhere that data security must be ramped up as soon as possible. The report adds that this disproves that these stores are not a prime target, as criminals clearly know where the money is in the world of online information.
"Retail was the largest hit due to the massive amount of payment cards used in these industries, making them obvious targets," Ellyne Phneah wrote on ZDNet. "The majority of data targeted by cybercriminals, 96 percent, also came from customer records such as payment card data, personal identifiable information (PII) and e-mail addresses."
EMEA Trustwave Spiderlabs director John Yeo said, according to SC Magazine, that remote access was the most common attack vector, with 47 percent of cyber criminals gaining access this way. This was not a surprise, as these connections are usually only secured via a password. The website also quoted Bob Tarzey, analyst at Quocirca, who said that organizations that have outsourced 99 percent of their IT management are bigger risks for security risks, as taking care of data is out of their own hands and into another's, so this may be risky for companies looking to have the best data protection plan.
The answer for why there are so many security risks, according to TechWorld, is that organizations may be relying too much on automation, firewalls and antivirus software to protect them instead of having multiple layers and a more broad plan for protection.
"All developers, particularly in the ecommerce industry, should implement a full lifecycle security plan that includes thoroughly educating themselves and their employees, equipping themselves with the best tools to protect themselves against attacks and making sure they are using the most reliable resources for zero day detection," commented Trustwave CEO, Robert J. McCullen, according to the news source.
Other sectors that were highly targeted, according to the Trustwave survey, include:
- Food and beverage at 24 percent
- Hospitality at 9 percent
- Financial services at 7 percent
- Nonprofit at 3 percent
Data Security News from SimplySecurity.com by Trend Micro.