Father
Professional
- Messages
- 2,602
- Reaction score
- 837
- Points
- 113
Russian retailers and e-commerce are among the top three in terms of the number of leaks.
A study by Positive Technologies revealed an alarming trend - Russian retailers and e-commerce companies have become a favorite target for cybercriminals. These industries are among the top three in terms of the number of confidential data leaks and cases of unauthorized access to infrastructure in the shadow market.
According to the report, the share of incidents related to data theft in retail and e-commerce reached 74% in 2023. The main goal of attackers is to obtain personal information of customers, which was contained in almost half (46%) of all leaks.
Access to corporate networks of trading companies (53%), stolen data (35%), as well as various tools and services for cyber attacks are actively distributed on global hacker forums.
Anna Golushko, a senior analyst at Positive Technologies, explains the high demand for initial access to retailers infrastructure by obsolescence of databases, which forces criminals to look for new ways to get up-to-date information. In addition, the growing shadow market attracts more and more newcomers who specialize in getting initial access for resale to more experienced hackers.
The average price of offers in 2023 did not exceed $ 1,000. However, against the backdrop of geopolitical tensions, hacktivists distribute stolen databases of Russian trading companies for free.
The most common attack methods are malware infection (58%), vulnerability exploitation (42%), and social engineering (39%). Hackers target the CMS systems of online stores, which leads to the theft of customer payment data and penetration into the company's infrastructure. Such attacks undermine consumer confidence and cause serious reputational and financial damage to businesses. In 2023, a third of the world's retailers faced a sales shutdown due to cyber attacks.
Positive Technologies experts attribute the high level of leaks to the growth of data volumes in companies, which often leads to a loss of control over the infrastructure.
To protect their business, companies need to apply modern cybersecurity technologies, such as new-generation firewalls, vulnerability management systems, information security event monitoring, intrusion detection, sandboxes, and solutions for protecting container environments. A comprehensive approach will allow you to build a reliable secure perimeter, ensure infrastructure transparency, and detect malicious activity in a timely manner.
A study by Positive Technologies revealed an alarming trend - Russian retailers and e-commerce companies have become a favorite target for cybercriminals. These industries are among the top three in terms of the number of confidential data leaks and cases of unauthorized access to infrastructure in the shadow market.
According to the report, the share of incidents related to data theft in retail and e-commerce reached 74% in 2023. The main goal of attackers is to obtain personal information of customers, which was contained in almost half (46%) of all leaks.
Access to corporate networks of trading companies (53%), stolen data (35%), as well as various tools and services for cyber attacks are actively distributed on global hacker forums.
Anna Golushko, a senior analyst at Positive Technologies, explains the high demand for initial access to retailers infrastructure by obsolescence of databases, which forces criminals to look for new ways to get up-to-date information. In addition, the growing shadow market attracts more and more newcomers who specialize in getting initial access for resale to more experienced hackers.
The average price of offers in 2023 did not exceed $ 1,000. However, against the backdrop of geopolitical tensions, hacktivists distribute stolen databases of Russian trading companies for free.
The most common attack methods are malware infection (58%), vulnerability exploitation (42%), and social engineering (39%). Hackers target the CMS systems of online stores, which leads to the theft of customer payment data and penetration into the company's infrastructure. Such attacks undermine consumer confidence and cause serious reputational and financial damage to businesses. In 2023, a third of the world's retailers faced a sales shutdown due to cyber attacks.
Positive Technologies experts attribute the high level of leaks to the growth of data volumes in companies, which often leads to a loss of control over the infrastructure.
To protect their business, companies need to apply modern cybersecurity technologies, such as new-generation firewalls, vulnerability management systems, information security event monitoring, intrusion detection, sandboxes, and solutions for protecting container environments. A comprehensive approach will allow you to build a reliable secure perimeter, ensure infrastructure transparency, and detect malicious activity in a timely manner.
