Retailers are top target for cybercriminals

Retail was the most targeted sector for cybercrime in 2015, new data has revealed.

The 2016 Trustwave Global Security report found that the retail industry made up 23 per cent of Trustware cybercrime investigations in 2015. This was followed by hospitality (14 per cent) and food and beverage (10 per cent).

Of security software applications used by businesses, 97 per cent were found to have at least one vulnerability. Of these, 10 per cent were rated as critical or high risk.

Out of all global security breaches, 12 per cent occurred in Europe, the Middle East and Africa, with the biggest occurrence being in North America with 35 per cent.

Data breaches in corporate and internal networks increased to 40 per cent in 2015, compared with 18 per cent in 2014. Of these, 38 per cent were e-commerce breaches and 22 per cent were point-of-sale.

However, both saw levels drop compared with the previous year, where e-commerce was at 42 per cent and point-of-sale at 40 per cent.

In 60 per cent of cases, attackers were after payment card data, which was closely split between card track (magnetic stripe) data (31 per cent) and card-not-present (CNP) data (29 per cent).

The report also found that the majority of victims (59 per cent) didn’t detect security breaches themselves, which reduces the containment time of a breach. However, self-detection saw an increase in 2015 to 41 per cent, compared with 19 per cent in 2014.

“Cybercriminals have been congregating and organising for years, but 2015 showed a marked increase in the behavior we would normally associate with legitimate businesses,” said Trustwave chief executive and president Robert McCullen. “Based on the study of numerous security incidents, exploit kits and ‘malvertising’ campaigns, our 2016 Trustwave Global Security Report shows businesses how and where these sophisticated criminal organisations are most likely to attack, and more importantly, how to defend their assets.”