New research published in the NTT 2016 Global Threat Intelligence Report reveals that cyber criminals have shifted their focus from traditional financial markets to targeting the retail sector. The report contains security threats gathered during 2015 from 8,000 clients of NTT Group security companies including Dimension Data, Solutionary, NTT Com Security, NTT R&D, and NTT Innovation Institute (NTTi3).
“Retail companies are becoming increasingly popular targets as most process large volumes of personal information, including credit card data, in highly distributed environments with many endpoints and point-of-service devices,” said Rory Duncan, Head of Security Business Unit at Dimension Data UK. “Such diverse environments can be difficult to protect.”
65% of attacks originated from IP addresses within the US. However, the hackers behind these attacks could be located anywhere in the world. Cybercriminals are adopting low-cost, highly available, and geographically strategic infrastructure to perpetrate malicious activities.
“The retail and financial sectors process large volumes of personal information and credit card data,” said Matthew Gyde, Dimension Data’s Group Executive – Security. “Gaining access to these organizations enables cybercriminals to monetize sensitive data such as credit card details in the black market, which validates that cybercriminals are motivated by the rewards of financial crime.”
Cybercriminals are increasingly leveraging malware to breach the perimeter defenses of organizations. In 2015 there was an 18% increase in malware across all industries, excluding the education sector.
The frequency and complexity of malware is becoming more stealthy and sophisticated: while organizations are developing sandboxes (software that executes suspicious code in a highly protected environment and examines its activities) to better understand cybercriminal’s tactics to protect themselves from attacks, at the same time, malware developers are aggressively developing anti-sandbox techniques.