Trustwave Reveals Increase in Cyber Attacks Targeting Retailers, Mobile Devices and E-Commerce

Feb. 19, 2013 - PRLog -- Johannesburg - February 12, 2013 – Trustwave, a leading provider of cloud-based compliance and information security solutions, today unveiled key results from the 2013 Trustwave Global Security Report. The report highlights details and trends from more than 450 global data breach investigations, more than 2,500 penetration tests, more than nine million Web application attacks, more than two million network and vulnerability scans, more than five million malicious websites, more than 20 billion e-mails as well as extensive research and analysis of zero-day security threats. All of the information is Trustwave’s own data collected and analyzed by Trustwave security experts—not surveys. Throughout 2012, Trustwave security experts and consultants tested, analyzed and discovered the top vulnerabilities and threats that have the most potential to negatively impact multi-national corporations, independent merchants and government entities.

This year’s findings revealed the retail industry is now the top target for cyber-criminals.  For the first time, the retail industry made up 45 percent of Trustwave data breach investigations (a 15 percent increase from 2011) with e-commerce attacks emerging as a growing trend surpassing the amount of point-of-sales attacks. Additionally, mobile malware increased 400 percent, with malware found on Android devices growing from 50,000 to more than 200,000 samples. The report also revealed that out of three million user passwords analyzed, 50 percent of business users are still using easily-guessed passwords—the most common being “Password1” because it often meets the minimum standard for acceptable passwords. The findings indicated that in 2012, nearly every industry, country and type of data was involved in a breach of some kind with cyber-security threats increasing as quickly as businesses can implement measures against them.

“Cyber-criminals will never stop trying to compromise systems to obtain valuable information such as customer and private user data, corporate trade secrets and payment card information,” said Robert J. McCullen, Chairman, Chief Executive Officer and President of Trustwave. “This year’s Global Security Report pulls back the curtain revealing how breaches happen and how potential victims around the world can protect themselves so that they stay one step ahead and eliminate potential security threats. After reading this report, businesses and government agencies will be one step closer to building a comprehensive security strategy to reduce risk, protect data and safeguard their reputation.”

Other Key Report Findings

·         Applications emerged as the most popular attack vector. E-commerce sites were the number one targeted asset accounting for 48 percent of all investigations.

·         64 percent of organizations attacked took more than 90 days to detect an intrusion with the average time for detection being 210 days -- 35 days longer than in 2011; 5 percent took more than three years to identify the criminal activity. Most victim organizations still rely on third parties, customers, law enforcement or a regulatory body to notify them a breach has occurred – a worldwide security problem.

·         Employees leave the door open to further attacks. Whether due to lack of education or policy enforcement, employees pick weak passwords, click on phishing links and share company information on social and public platforms.  

·         Attacks were discovered in 29 different countries. The largest percentage, 34.4 percent, originated in Romania.

·         Spam volume shrank in 2012 but still represents 75.2% percent of a typical organization’s inbound e-mail and roughly 10 percent of spam messages are malicious.

·         Businesses seem to be rapidly adopting an outsourced, third-party information technology operations model. 63 percent of investigations revealed a third party responsible for system support, development or maintenance, introduced security deficiencies easily exploited by hackers.

·         The two most noteworthy methods of intrusion, SQL injection and remote access, made up 73 percent of the infiltration methods used by criminals in 2012.

·         Out of the 450 cases investigated in 2012, about 40 variations of malware were found. Trustwave attributed the 40 unique types of malware to six criminal groups. Three criminal teams caused the majority of payment of service credit card breaches.  Russia and the U.S. are the largest contributors when it comes to malware attacks making up 39.4 percent and 19.7 percent of hosted malware, respectively.

“Businesses should take a step back and re-evaluate their security posture,” added McCullen.  “All developers, particularly in the e-commerce industry, should implement a full lifecycle security plan that includes thoroughly educating themselves and their employees, equipping themselves with the best tools to protect themselves against attacks and making sure they are using the most reliable resources for zero day detection.

“There is no ‘if’ you will be attacked, only ‘when’ which is why it is crucial for organizations to follow security best practices and recommendations,” said Andrew Kirkland, country manger Trustwave South Africa.  “Cyber-attacks are increasing with little sign of abatement. Valuable data makes businesses a target. By learning from the good and bad experiences of others and beginning to apply both tactical and strategic changes outlined in this report, organizations worldwide can build stronger and more multi-faceted security programs in order to protect their businesses, users and customers.”

The 2013 Trustwave Global Security Report will be available to the public prior to the RSA Conference in San Francisco, February 25. Sign up to receive a complementary digital copy of the report when it becomes generally available here: https://www.trustwave.com/2013GSR.