Retail Breaches Now Cause 59 Percent Of ID Exposures

The year 2014 saw far-reaching vulnerabilities, faster attacks when those security holes became public, files held for ransom and far more malware than ever before — and retailers were among the hardest hit, according to Symantec’s “2015 Internet Security Threat Report.”

Retailers represented 11 percent of all breaches Symantec recorded in 2014 — only health care was harder hit, with 37 percent. Financial organizations came in fifth with 6 percent, while hospitality came in seventh with 4 percent.

And when it came to the number of identities exposed in those breaches, retail represented a breathtaking 59 percent, with financial at 23 percent, software vendors at 10 percent, and no other category accounting for more than 3 percent. And the percentage of all breaches in which financial information was exposed doubled from 18 percent in 2013 to 36 percent in 2014.

Overall, Symantec counted 23 percent more breaches during the year, but the speed of attacks may have been more notable. For example, within four hours of the Heartbleed vulnerability becoming public, the security company saw a surge in attacks exploiting it. Worse still, software vendors were slower to patch the 24 zero-day vulnerabilities that surfaced in 2014. While the average time to patch a zero-day in 2013 was four days, the three most exploited zero-days of 2014 took 204 days, 22 days and 53 days for vendors to patch.

Spear-phishing was up 8 percent, but cybercrooks were more efficient about it: They sent 14 percent fewer emails to 20 percent fewer targets. And 60 percent of targeted attacks were aimed at small and medium-size organizations, which are typically less effective when it comes to dealing with attacks like Trojanized software updates and cyberthieves who build custom attack software inside their victim’s network on their victim’s own servers.

(However, financial Trojans dropped off dramatically over the course of the year, according to a separate Symantec report.)

Non-targeted attacks still made up most of 2014’s malware. They rose by 26 percent, with 317 million new pieces of malware, or nearly a million per day. Ransomware attacks grew by 113 percent, but the version that encrypts files for ransom exploded by more than 4,000 percent.