Retail: The New Big Target for Cybercrime

April 29, 2016         By: Steven Anderson

An episode of The Simpsons once noted that Springfield was to be considered NWB, or Nuclear Whipping Boy.

In the event of a nuclear attack, all allied countries would fire into Springfield first to calibrate their collective arsenal before firing on enemy targets.

When it comes to cybercrime, there’s a new NWB in town, and where once it was financial institutions, it’s now retailers.

The word came from the NTT 2016 Global Threat Intelligence Report, which showed that retailers were hit nearly three times for every one hit in the financial sector.

Financial industry targets actually dropped 13 places on the list to reach 14 so far this year, and the report covers 8,000 NTT Group clients, so as a barometer of attack patterns, it should do nicely.

Retail clients made prime targets, according to the group, as they were processing increasingly large numbers of credit cards, along with a growing pile of personal information, making it rich ground for cybercriminals to target.

Given that retail features a lot of moving parts—a host of endpoints and point-of-sale systems—that made it even tougher to mount a reasonable defense.

Throw in increasingly sophisticated malware and improving threat infrastructure and the picture only worsens.

Just engaging in perimeter defense is not enough any more. For every antivirus program, every firewall, every mitigation technique there’s a means to beat it, or one will be following in short order.

Thus, businesses need to focus on encryption just as much, or even more than, perimeter defenses. Don’t just make it hard to get in; make it not worth the time to try.

So instead of just trying to keep out unauthorized users, why not deny them a reward for their effort even if they do manage to get through?

Perimeter defense and encryption can work hand in hand to provide the best protections people can enjoy.

With an increasing amount of personal information out there, and more attack systems waiting to step in and seize that information, putting the best protection methods into play possible will be vital going forward. Retail is getting to be a dangerous place, and we all need to do our part.