Cyber security sees fewer attacks, record data lost in 2014
Published January 08, 2015
NEWS BRIEF--In the struggle between hackers and IT security—a struggle short on victory for the IT folks—a recent report offers a bittersweet view of the past year in cyber hostility.
Hackers have reduced the frequency of their attacks—but kept up the volume. According to findings released this week by IBM, despite a 50 percent decline in the number of cyber attacks against U.S. retailers, the number of records stolen from them remains at near record highs. IBM security researchers report that in 2014, cyber attackers still managed to steal more than 61 million records from retailers despite the decline in attacks, demonstrating cyber criminals’ increasing sophistication and efficiency.
In cyber security, change, experts agree, is the one constant. In a whitepaper by CA Security Management, Russell Miller observes that “techniques to attack computer networks are never static. Methods and tools evolve, as do the attackers themselves. The attacker landscape from a few years ago—where individuals or small groups attacked organizations for fun and profit—no longer exists.”
According to a release, the majority of cyber attackers scaled back their hacking efforts around Black Friday and Cyber Monday in 2014 rather than capitalize on the massive spike in retail spending. The 2014 Retail Research and Intelligence Report and the Holiday Trends: Black Friday/Cyber Monday Research and Intelligence Report were created by IBM's Managed Security Services team of analysts, who monitor more than 20 billion security incidents every day.
Cyber attackers are becoming increasingly more sophisticated, using new techniques to obtain massive amounts of confidential records with increased efficiency. Since 2012, the number of breaches reported by retailers dropped by 50 percent. Despite this decline, the perpetrators were able to impact a far greater number of victims with each incident.
Attackers secured more than 61 million records in 2014, down from almost 73 million in 2013. However, when the data was narrowed down to only incidents involving less than 10 million records (which excludes the top two attacks over this timeframe, Target Corporation and The Home Depot), the data shows a different story—the number of retail records compromised in 2014 increased by more than 43 percent over 2013.
Sophisticated methods of attack
While there has been a rise in the number of Point of Sale (POS) malware attacks, the vast majority of incidents targeting the retail sector involved “command injection” or SQL injection. The complexity of SQL deployments and the lack of data validation performed by security administrators made retail databases a primary target. Over 2014, this command injection method was used in nearly 6,000 attacks against retailers. Additional methods include “Shellshock” as well as POS malware such as BlackPOS, Dexter, vSkimmer, Alina, and Citadel.
The data for the number of records compromised and breaches disclosed was analyzed by IBM security experts and was made publically available by Privacy Rights Clearinghouse. The remaining data came from IBM's Managed Security services team.