Cyber crims put feet up for Chrimbo: 2014's seasonal retail breaches fell

The bad news? Attacks are continuing to evolve

The MSN Santa (unconfirmed)

Shoppers flocked online for retail bargains during Black Friday and Cyber Monday 2014, but cyber criminals seemingly decided not to join the scrum.

Despite a record-breaking surge in online shopping during late November’s online discount binge, cyber breaches actually fell, according to IBM.

That’s the good news. The bad?

Retail is now the crooks’ number-one target for attacks, with their tactics for online assaults becoming more sophisticated.

The message for retailers is clear: don’t become complacent. Also, look out for gaps in your systems that may have been overlooked.

Daily cyber attacks were down nearly a third between 24 November to 5 December to 3,043, according to IBM’s managed security services team.

Breaches fell by more than half for Black Friday and Cyber Monday - the two busiest shopping days of the year, and which this year broke records as retailers maxed out on offers and discounts.

IBM reported just 10 disclosed breaches resulting in 72,000 compromised records. But rather than give up on retail, attackers are doubling down.

Retail shot to the top of hackers target list during 2014, elbowing aside manufacturing, which had been the preferred target.

IBM doesn’t account for the surge, but retail’s profile has increased thanks to recent headline-grabbing attacks on Home Depot and Target in the US that saw details of more than 120m shoppers slurped from POS terminals.

Most attackers are thinking small - far smaller than the Home Depot and Target jobs.

According to IBM, the number of incidents involving the loss of less than 10m records increased by more than 43 per cent last year.

The tactics are also changing: online, Secure Shell Brute Force was the top weapon of 2014 displacing king-pin malicious code.

While POS attacks at Home Depot and Target were big in the headlines, the vast majority of attacks were done using Command Injection or SQL Injection.

Command Injection was used in nearly 6,000 attacks on retailers during 2014.

Criminals capitalised on weak points overlooked in complex SQL deployments and sysadmins not performing necessary data validation.

Shellshock – the Bash Unix vulnerability uncovered last year – also got a look-in along with BlackPOS, which felled Home Depot. ®


Biting the hand that feeds IT © 1998–2017