Retail was the most targeted sector for cybercrime in 2015, new data has revealed.
The 2016 Trustwave Global Security report found that the retail industry made up 23% of Trustware cybercrime investigations in 2015. This was followed by hospitality (14%) and food and beverage (10%).
Of security software applications used by businesses, 97% were found to have at least one vulnerability. Of these, 10% were rated as critical or high risk.
Out of all global security breaches, 12% occurred in Europe, the Middle East and Africa, with the biggest occurrence being in North America at 35%.
Data breaches in corporate and internal networks increased to 40% in 2015, compared with 18% in 2014. Of these, 38% were e-commerce breaches and 22% were point-of-sale.
However, both saw levels drop compared with the previous year, where e-commerce was at 42% and point-of-sale at 40%.
In 60% of cases, attackers were after payment card data, which was closely split between card track (magnetic stripe) data (31%) and card-not-present (CNP) data (29%).
The report also found that the majority of victims (59%) didn’t detect security breaches themselves, which reduces the containment time of a breach. However, self-detection saw an increase in 2015 to 41%, compared with 19% in 2014.
“Cybercriminals have been congregating and organising for years, but 2015 showed a marked increase in the behavior we would normally associate with legitimate businesses,” said Trustwave chief executive and president Robert McCullen. “Based on the study of numerous security incidents, exploit kits and ‘malvertising’ campaigns, our 2016 Trustwave Global Security Report shows businesses how and where these sophisticated criminal organisations are most likely to attack, and more importantly, how to defend their assets.”