Call it the Year of the Hack, the Era of the Data Breach, or simply 12 straight months of bad luck (and poor security!). No matter how you spin it, 2014 will forever be known in the world of web hosting and development as the time when cyberattacks seemed to happen non-stop. However, according to the Retail Research and Intelligence Report of 2014 (backed by IBM), there were actually 50 percent fewer cyberattacks targeting American retailers in 2014. On the other hand, the actual amount of data and records stolen was record breaking.
Sure, there are tips and hacks galore on how to prevent attacks, but is anyone paying attention? The vast majority of attacks in the US were allegedly easy to prevent with things like basic two-factor authentication—or simply updating and upgrading on a routine basis. From the Sony hack to the Target trouble and everything in between, it was a pretty embarrassing year for companies around the US. However, don’t forget about another thorn nestled deep in the sides of businesses: Massive media coverage.
According to the report, a total of 61 million retail records were compromised in 2014. Compare that to 73 million in 2013, and it should look like 2014 was pretty calm. And weren’t there supposed to be more records stolen last year than ever before? Unfortunately the report is putting the cart way before the digital horse here. There are bound to be slews of unreported breaches that will be accounted for soon, and major hacks like Sony likely includes compromised retail records that haven’t been included or aren’t known (yet). Plus, consider the fact that attacks which led to under 10 million records being compromised were up 43 percent from 2013.
Once you take away potential outliers like Home Depot and Target, there’s no denying that hackers are getting better. It also doesn’t help that a number of companies are unknowingly helping hackers steal data, too. According to the General Manager of IBM Security Services Kris Lovejoy, “The threat from organized cyber crime rings remains the largest security challenge for retailers. It is imperative that security leaders and CISOs in particular use their growing influence to ensure they have the right people, processes and technology in place to take on these growing threats.”
Even hackers take a holiday
You’d think the whole holiday hoorah would lead to more retail sales and more attacks, but that just wasn’t the case. Compared to 2013, there were 33 percent fewer holiday-era attacks in 2014. During that time, security breaches went down 50 percent during the Black Friday weekend in 2014 compared to 2013. Looking at 2012, the total records stolen fell 66 percent during the holidays, to 72,000, during the 2014 holiday season.
However, it’s important to note that 2013 numbers are themselves skewed thanks to a breach at Maricopa County Community College. This is where the research data is kept, and 2.5 million records were stolen from the campus. However, IBM is adamant that 2013 remains the actual “winner” when it comes to total retail records compromised (but 2014 will still get all the glory). On the plus side, IBM has also said that in the first few days of 2015, online sales are 8.5 percent higher than last year.
So what should you keep an eye out for in 2015? IBM says Command Injection, SQL Injection and POS malware attacks are on the rise and will be the cause of “the vast majority of incidents” coming your way.