Despite a dip of more than 50% in the number of cyber-attacks between 2012 and 2014, retailers in 2014 suffered the theft of more than 61 million customer records, according to a report by IBM Security released Monday. Not surprisingly, retailers remain cyber-thieves’ top targets.
Daily attacks were also down: In 2013, there were 4,200 daily cyber-attacks, and 3,043 in 2014. Cyber-crime at retailers actually declined during this past holiday season, IBM found.
As for the mode of attack preferred by hackers, Secure Shell Brute Force was used more often in 2014 than the malicious code method that had been popular in previous years. There’s been an increase in POS malware as well, and retail databases were increasingly vulnerable.
Retailers are hackers’ favorite target because, of course, they have access to millions of people’s financial information. It’s a bit of an arms race, with thieves changing up their methods as retail cyber-security experts react to previous attacks. Cyber-security expert John Pirc noted to Forbes magazine that the problem cannot be addressed with technology alone.
“Combating the current cyber threats of today and the future will require investment in innovations focused on the human element,” Pirc says. “Large corporations spend millions of dollars on security products and services but fail to invest the resources necessary to create an agile organization of well trained and equipped talent.”