Retail sector hit hardest by targetted cyber attacks in October, report reveals

Such attacks are up from one or two a week in 2005 to 77 attacks a day in the past month.

For the first time, targetted attacks hit the retail sector hardest, increasing from a steady monthly average of 0.5% of all attacks over the past two years, to 25% in October, when one in 1.26 million emails was linked to a targetted attack.

While targeted e-mails are typically in low volume, they are one of the most damaging types of malicious attacks, said Paul Wood, senior analyst at MessageLabs Intelligence.

"We have seen a constant influx of targetted attacks over the past six months with the type of organisation targetted changing on a monthly basis and the number of targetted users increasing each month", he said.

Although the number of unique attack exploits being deployed has diminished slightly, said Wood, the number of attacks used by each exploit has increased.

In October, the number of targetted attacks aimed at businesses in the retail sector rose considerably above the monthly average of one in 1.26 million, increasing the likelihood of an attack by a factor of almost 6.3 times.

The number of attacks against the retail sector also jumped to 516 in the past month, compared with just seven attacks a month for much of 2010.

"The spear phishing attacks, launched in three waves each one week apart, used social engineering techniques to distribute legitimate-looking e-mails with malicious attachments that appeared to be from HR and IT staff of the targeted organisation," said Wood.

This story was first published by Computer Weekly

What’s hot on Infosecurity Magazine?