Ikiwa unataka tengenezewa Blog, Tukiko lolote la Harusi,Msiba, Mahafali, Tamasha, Matangazo auHabari yoyote usisite kututumia kupitia whatsapp 0765056399 au Barua Pepe fredynjeje@live.com. Follow me instagram @fredynjejeblog Twitter @Fredynjej
Think Twice Before Clicking
As in most other industries, attacks aimed at fooling victims into
opening malicious documents or clicking on links to malicious sites are
proving very successful in retail.
The intent is almost always to have the victim download malware. These
attacks accounted for nearly 18 percent of the total attacks observed
targeting retail in 2015, according to the IBM data.
The Gift You Don’t Want That Keeps on Giving
Cybercriminals see no need to reinvent the wheel; proven attack vectors such as Shellshock and SQL injection
continue to plague retailers. Although it’s been around since 1995, SQL
injection is still one of the most common attacks on Web assets. It is
also the second-most common known attack type associated with retail
security breaches.
Named one of the threat game changers for 2014, the Shellshock
vulnerability is now the No. 3 attack vector. It accounted for over 13
percent of the attacks in the retail industry in 2015.
Shifting Focus: Attackers Targeting Smaller Businesses
With security controls tightened in large enterprises, attackers are
going after smaller businesses. The payoff per target may be lower, but
the targets are easier and far more numerous. Analysts are finding it
difficult to assess the true impact of this shift because many smaller
retailers aren’t reporting the number of compromised records in their
disclosures.
No Major Uptick in Retail Attacks Over Black Friday/Cyber Monday
IBM also assessed attack data from the Black Friday/Cyber Monday
weekend. Those days might seem like a good time for increased attacks,
but historically we haven’t seen a sharp uptick.
This year fared no differently, with the daily average number of
attacks that weekend only slightly above the daily average for the year.
The Financial Damage Is Escalating
As the 2015 Cost of Data Breach Study: Global Analysis
reported, “While the cost of data breach stayed relatively constant for
most industries, the retail sector experienced a significant increase,
from $105 [per record] in 2014 to $165 in 2015.” Given the sheer volume
of breaches — almost 236 million records are known to have been
compromised since 2011 — that means losses in the billions.
With all the concerns plaguing the retail industry, organizations
need to understand the trends and make the security investments that
best respond to them. The IBM recommendations are meant to optimize
security programs to stop advanced threats and protect the crown jewels.
No comments:
Post a Comment