Cybercrims targeting retail

Cybercriminals are shifting their focus from traditional financial markets to the retail sector, according to new research published today in the NTT 2016 Global Threat Intelligence Report.

Topping the list in this year’s report, retail organisations experienced nearly 11% of all cybersecurity attacks, and nearly three times as many attacks as those in the finance sector, which was the most targeted industry in 2015.

The NTT report contains security threats gathered during 2015 from 8000 clients of NTT Group security companies, including Dimension Data, Solutionary, NTT Com Security, NTT R&D, and NTT Innovation Institute (NTTi3).

This year’s data is based on 3.5 trillion security logs and 6.2 billion attacks.

Image courtesy of Dimension Data.

Matthew Gyde, Dimension Data’s Group Executive – Security said one of the main reasons the retail and financial sectors are so targeted is because they process large volumes of personal information and credit card data.

“Gaining access to these organisations enables cybercriminals to monetise sensitive data such as credit card details in the black market, which validates that cybercriminals are motivated by the rewards of financial crime,” said Gyde.

Cyber attacks on the financial industry, however, have dropped significantly since 2015 with the sector now in fourteenth position in the latest report.

Dimension Data Group Cybersecurity Strategist Mark Thomas explained: “To put it simply, cyber attackers are adapting. While it is credit card data and personal information cybercriminals are after, it is far more viable to penetrate the defences of organisations which have less robust security programs. The retail industry has not been as cognisant of the threats, and offers attackers an easier avenue to steal the same information, with much less work.”

The report also states that the frequency and complexity of malware is becoming more stealthy and sophisticated, and while organisations are developing sandboxes to better understand cybercriminals’ tactics to protect themselves from attacks, at the same time, malware developers are aggressively developing anti-sandbox techniques.

Other highlights in the NTT 2016 Global Threat Intelligence Report include:

• 65% of attacks originated from IP addresses within the US. However, these attackers could be located anywhere in the world. Cybercriminals are adopting low-cost, highly available and geographically strategic infrastructure to perpetrate malicious activities.
• Cybercriminals are increasingly leveraging malware to breach the perimeter defences of organisations. In 2015 there was an 18% increase in malware across all industries, excluding the education sector.
• Analysis of honeynet attacks in organisations reveals that attackers are making use of telcos and hosting providers to conduct their operations.

To download the Executive Guide to the 2016 NTT Global Threat Intelligence Report, click here.

Image courtesy of Firelknot under CC-BY-2.0