Security Experts:

Connect with us

Hi, what are you looking for?



Retailers a Top Target for Attackers in 2012, Trustwave Says

Cyber-criminals increasingly targeted retailers more than any other sector in 2012, Trustwave said in its latest report.

Cyber-criminals increasingly targeted retailers more than any other sector in 2012, Trustwave said in its latest report.

Targeted attacks against the retail sector accounted for 45 percent of incidents in Trustwave’s 2013 Global Security Report, released Tuesday. Food & beverage sector was the second most heavily targeted, with 24 percent, followed by hospitality with 9 percent, according to the report. The sheer volume of payment cards used in these industries made them obvious targets, Trustwave said.

The data from the 2013 Global Security Report draws on 450 actual incident-response investigations carried out by Trustwave on the clients’ behalf throughout the year. The report also includes 2,500 penetration tests against websites and Web applications.

Businesses in this sector are vulnerable to targeted attacks because of a “misconception” that they aren’t a target, Trustwave said. And since the business is focused on customer service, not data security, they generally don’t have the expertise to notice when they are under attack, the report found.

The vast majority of the data targeted in these attacks, at about 96 percent, came from customer records such as payment card data, personal identifiable information (PII), and email addresses, the report found. Only 2 percent of the targeted data involved intellectual property, and the remaining 2 percent included electronic protected health information and business financial account numbers.

Outsourcing was a key attack vector in almost two-thirds of security investigations, Trustwave said in its report. Nearly 63 percent of the investigations involved a third-party provider handling IT services for Trustwave’s clients, the report found.

“Many third-party vendors leave the door open for attack, as they don’t necessarily keep client security interests top of mind,” Trustwave said. In some cases, the breach occurred when the client did not realize there was a gap between what the provider was responsible and what remained under the client’s control. This gap was the most evident in the retail and food & beverage sectors, where small shops outsource some or all their IT needs, the report found.

“In some instances, victims were unaware that the third party was responsible only for a subset of security controls, leaving these systems open to attack,” the report noted.

It also took five weeks longer, on average, for organizations to spot a cyber-attack in 2012 than in 2011, Trustwave found. In 2012, the average time from an initial breach to detection was 210 days, with 64 percent of the victims taking over 90 days to uncover a breach. Even more surprisingly, 14 percent of the attacks in the report took two years to be detected. Less than a quarter of the intrusions were detected by the companies themselves, with 48 percent coming from regulatory bodies and law enforcement detecting 25 percent of the incidents.

“Due to advanced subterfuge techniques, malware often goes unnoticed by systems administrators despite being clearly visible to investigators,” the report said.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.