While the number of cyber-attacks in the US retail industry decreased significantly in 2014, the number of records compromised increased by 43%*, research by IBM shows. This data indicates that sophisticated cybercrime units are getting away with increased numbers of consumer records as their methods are becoming more efficient.
The biggest security issue facing retailers is no longer petty theft or white collar fraud, but protecting the transaction information of their online customers. Highly sophisticated cybercrime units are increasingly breaking into online stores and taking large numbers of financial and personal records. While large stores are becoming more aware of the threat, cyber criminals too are developing more sophisticated tools to break into customer records and take highly sensitive credit card details as well as other personally identifiable information on customers.
IBM Security, the security platform of IT-giant IBM, recently released its “2014 Retail Research and Intelligence Report” which aims at identifying a trend in the cyber threats the retail industry in the US faced in 2014.
According to the findings of the firm, the number of identified cyber-attacks dropped with 50% from its peak in 2012. The number of records stolen from retailers also decreased from 73 million in 2013 to 61 million in 2014, which is a decrease of 16.5%. The fact that the decrease in records stolen is significantly smaller than the decrease in cyber-attacks, suggests that while fewer breaches were reported in the last two years, these breaches were significant and wide-reaching in terms of victims affected. IBM states that this demonstrates the increasing sophistication and efficiency of cybercriminals.
When examining the data narrowed down to only incidents involving less than 10 million records*, this conclusion is increasingly strengthened as the number retail records compromised in these attacks increased by more than 43% in 2014 over 2013.
IBM concludes that despite the cyber threat slowdown (described as the decreased number of breaches), the retail industry emerged as a top industry target for cybercriminals, a trend the industry should respond to. “The threat from organised cyber-crime rings remains the largest security challenge for retailers,” says Kris Lovejoy, General Manager at IBM Security Services. “It is imperative that security leaders and CISOs in particular, use their growing influence to ensure they have the right people, processes and technology in place to take on these growing threats.”
* This excludes the top two attacks over the timeframe: Target Corporation and The Home Depot.