Cybercriminals target retail industry

The retail industry is now the top target for cybercriminals, says Trustwave, a provider of cloud-based compliance and information security solutions.

Through its report “2013 Trustwave Global Security Report”, Trustwave disclosed that cyber attacks on retailers have increased 45 per cent while e-commerce attacks emerged as a growing trend surpassing the amount of point-of-sales attacks.

Additionally, mobile malware increased 400 per cent, with malware found on Android devices growing from 50,000 to more than 200,000 samples.

“Cybercriminals will never stop trying to compromise systems to obtain valuable information such as customer and private user data, corporate-trade secrets and payment-card information,” said Robert McCullen, chairman, CEO and president of Trustwave.

The report found out that e-commerce sites were the number one targeted asset accounting for 48 per cent of all investigations.

While spam volume shrank in 2012, it still represents 75.2 per cent of a typical organisation’s inbound email and roughly 10 per cent of spam messages are malicious, report says.

Employees who leave the door open to further attacks are blamed for the rise in cyber attacks. Whether due to lack of education or policy enforcement, employees pick weak passwords, click on phishing links and share company information on social and public platforms.

“Businesses should take a step back and re-evaluate their security posture,” said McCullen.

“All developers, particularly in the e-commerce industry, should implement a full lifecycle-security plan that includes educating themselves and their employees thoroughly, equipping themselves with the best tools to protect themselves against attacks, and making sure they are using the most reliable resources for zero-day detection,” he said.

To improve security posture, Trustwave recommends six focus areas for organisations:

  • Educate Employees. Employees are the first line of defence against attackers. Organisations should conduct security-awareness training on a regular basis for all existing and new employees.
  • Identify Users. Every user-initiated action should be tagged to a specific person, whether in a physical or digital environment. Every year, a significant number of data breaches occur as the result of an attacker obtaining access to a user’s account.
  • Register Assets. With the increase of bring-your-own-device (BYOD), it is more important than ever to have a complete inventory or registry of valid devices. A device should never be allowed access to a controlled environment unless it is registered and known. In addition, the patch levels and vulnerabilities should be assessed on a regular basis, not only to work to improve the security of those in the environment, but also to understand what risks exist when issues cannot be resolved in the short term.
  • Protect Data. Attacks are more sophisticated than ever, and keeping cybercriminals out requires a multi-faceted approach. Businesses should implement a “more than technology” approach to security that includes team training and education, secure code review, and periodic penetration and vulnerability testing for e-commerce web applications – as well as a data-lifecycle methodology that governs data from creation to destruction. They should also create resiliency in systems by layering proven technologies, such as a powerful secure-web gateway and a web-application firewall that can be deployed to improve protection and performance of business-critical applications, with virtual-patching capabilities that combat threats in real time.
  • Unify Activity Logs. Most businesses today treat physical and information-security controls separately. Badge systems, HR records, and even loss prevention are not tied typically to the same team that monitors firewalls, intrusion detection and other security technology. Businesses should employ technology like security information and event management (SIEM) to take over the processing of these logs.
  • Visualise Events. The ultimate goal for organisations should be to develop an environment in which security threats are discovered innately by both responsible security professionals and others in the organisation. Security-event visualisation allows businesses to identify patterns, emerging vulnerabilities and attacks, and respond quickly and decisively across the organisation when an attack does occur. Using the right data sources, advanced SIEM analytics, and data modelling, security-event visualisation prepares businesses to mitigate current and future threats effectively.

You have 7 articles remaining. Unlock 15 free articles a month, it’s free.