Cyber criminals have shifted their focus from traditional financial markets to the retail sector, according to new research published in the annual NTT 2016 Global Threat Intelligence Report.
Retail organisations experienced nearly three times as many cyber attacks as those in the finance sector, which was top of the list of cyber attacks on organisations in the 2015 report.
Cyber attacks on the financial industry dropped significantly to fourteenth position, the report found. The retail sector, on the other hand, was the most targeted industry, topping the list with just under 11% of all cyber security attacks in this year’s report, knocking the finance sector out of first place.
Matthew Gyde, Dimension Data group executive - security, says, “The retail and financial sectors process large volumes of personal information and credit card data. Gaining access to these organisations enables cyber criminals to monetise sensitive data such as credit card details in the black market, which validates that cyber criminals are motivated by the rewards of financial crime.”
Mark Thomas, Dimension Data group cyber security strategist, added, “To put it simply, cyber attackers are adapting. While it is credit card data and personal information cyber criminals are after, it is far more viable to penetrate the defences of organisations which have less robust security programmes. The retail industry has not been as cognisant of the threats, and offers attackers an easier avenue to steal the same information, with much less work.”
Other highlights in the NTT 2016 Global Threat Intelligence Report include:
- 65% of attacks originated from IP addresses within the US. However, these attackers could be located anywhere in the world. Cyber criminals are adopting low-cost, highly available, and geographically strategic infrastructure to perpetrate malicious activities.
- Cyber criminals are increasingly leveraging malware to breach the perimeter defences of organisations. In 2015 there was an 18% increase in malware across all industries, excluding the education sector.
- The frequency and complexity of malware is becoming more stealthy and sophisticated: while organisations are developing sandboxes to better understand cybercriminals’ tactics to protect themselves from attacks, at the same time, malware developers are aggressively developing anti-sandbox techniques.
- Analysis of honeynet attacks in organisations reveals that attackers are making use of telcos and hosting providers to conduct their operations.
NTT’s annual Global Threat Intelligence Report contains security threats gathered during 2015 from 8,000 clients of NTT Group security companies including Dimension Data, Solutionary, NTT Com Security, NTT R&D, and NTT Innovation Institute (NTTi3). This year’s data is based on 3.5 trillion security logs and 6.2 billion attacks. Data is also gathered from 24 Security Operations Centres and seven research and development centres of the NTT Group.