Cyber attacks decline, but 61mn records stolen from U.S. retailers: IBM

Despite a 50 percent decline in the number of cyber attacks against U.S retailers since 2012, cyber attackers managed to steal more than 61 million records from retailers, says a report from IBM Security.

Majority of cyber attackers scaled back their hacking efforts around Black Friday and Cyber Monday in 2014 rather than capitalize from the massive spike in retail spending, the report said.


The rising number of stealth incidents show cyber attackers are becoming increasingly more sophisticated, using new techniques to obtain massive amounts of confidential records with increased efficiency. Perpetrators were able to impact a far greater number of victims with each incident.

“The threat from organized cyber crime rings remains the largest security challenge for retailers,” said Kris Lovejoy, general manager, IBM Security Services. “It is imperative that security leaders and CISOs in particular, use their growing influence to ensure they have the right people, processes and technology in place to take on these growing threats.”

IBM’s Digital Analytics Benchmark reveals that cyber attackers reduced their activity across all industries on Black Friday and Cyber Monday, rather than taking action.

The number of daily cyber attacks was 3,043, nearly one third less than the 4,200 average over this period in 2013.

From 2013 and 2014, the number of breaches dropped by more than 50 percent for Black Friday and Cyber Monday.

In 2013, there were more than 20 breaches disclosed including several large breaches that caused the number of records compromised to rise drastically, reaching close to 4 million.

Over the same period in 2014, 10 breaches were disclosed which resulted in just over 72,000 records getting compromised. Manufacturing ranked first amongst the top five attacked industries while the retail and wholesale industry ranked last.

In 2014, the primary mode of attack was unauthorized access via Secure Shell Brute Force attacks, which surpassed malicious code, the top choice in 2012 and 2013.

While there has been a rise in the number of Point of Sale (POS) malware attacks, the vast majority of incidents targeting the retail sector involved Command Injection or SQL injection.

Over 2014, this Command Injection method was used in nearly 6,000 attacks against retailers. Additional methods include Shellshock as well as POS malware such as BlackPOS, Dexter, vSkimmer, Alina and Citadel.

Rajani Baburajan

[email protected]