» Subscribe Today!
More of what you want to know.
The Daily News
X

Forgot your password?
Skip Navigation LinksHome >
VOL. 129 | NO. 79 | Wednesday, April 23, 2014

Attacks on Payment Systems Trail Other Cybercrimes

BREE FOWLER | AP Technology Writer

Print | Front Page | Email this story | Comments ()

NEW YORK (AP) – While Target's massive data breach last year caused consumers to panic and drew attention to Internet crime, a new study finds that breaches on retailer payment systems are less common than other kinds of attacks.

More than twice as many of last year's Internet data breaches resulted from various small online acts, such people clicking on malicious Web links and choosing easy-to-guess passwords, according to a worldwide report from Verizon.

The report, considered to be one of the top annual looks at Internet-related crime, includes information from 50 organizations ranging from law enforcement to security companies. The report was due out Wednesday.

Target Corp.'s breach, one of the largest in history, resulted in the thefts of 40 million credit and debit card numbers, along with the personal information of up to 70 million people. Other companies including fellow retailers Neiman Marcus and Michaels Stores Inc. later announced breaches to their systems as well.

But while such large-scale attacks grab headlines, the number of breaches of payment systems has fallen in recent years. In 2013, there were just 198 recorded breaches of payment systems, representing 14 percent of the year's 1,367 confirmed data breaches.

By comparison, data breaches through attacks on Web applications accounted for 490, or 35 percent, and cases of online espionage covered 306 attacks, or 22 percent.

Verizon says its numbers are not comparable with those from previous reports because its research methods and the number of contributors to the report have changed.

Wade Baker, Verizon's managing principal of research and intelligence, said researchers saw a big increase in attacks on smaller retailers a few years ago. But now, he says, it appears that criminals are going after major retailers that handle millions of debit and credit card numbers and leaving the smaller companies alone, even though they are easier to attack.

And regardless of the type of attack and the motivation behind it, cybercrime has gone from a game to a big business.

"It's very industrialized and very sophisticated," he says. "You can buy software packages that are customized. It's never been easier to turn data into money. Those changes are what drive every big-picture trend that we see."

Other findings in the report:

– Web application attacks continue to be popular. Those attacks generally stem from the theft of an authorized person's credentials, which could happen by cracking an easy password or by getting someone to click a link in an email. Criminals also sometimes exploit coding flaws in a system to gain entry.

The reasons behind those attacks vary. According to the report, 65 percent of Web application attacks last year either stemmed from political motivations or were the acts of thrill seekers, while 33 percent were financially motivated.

– Of last year's recorded cyber espionage attacks, 54 percent were targeted at U.S. victims and 87 percent involved foreign governments. In 49 percent of the cases, the people behind the attacks were located in Eastern Asia and 21 percent came from Eastern Europe.

Bree Fowler can be reached at twitter.com/APBreeFowler

Copyright 2014 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Sign-Up For Our Free Email Edition
Get the news first with our daily email


 
Blog Get more from The Daily News
Blog News, Training & Events
RECORD TOTALS DAY WEEK YEAR
PROPERTY SALES 38 349 15,066
MORTGAGES 111 449 19,779
FORECLOSURE NOTICES 33 91 3,886
BUILDING PERMITS 0 512 35,842
BANKRUPTCIES 62 309 14,343
BUSINESS LICENSES 18 138 5,129
UTILITY CONNECTIONS 69 385 21,817
MARRIAGE LICENSES 13 106 4,663

Weekly Edition

Issues | About

The Memphis News: Business, politics, and the public interest.