April 7, 2011, 12:17 PM

Hackers probing an e-commerce site for consumer data remains a top web threat

But retail sites account for only 4% of web hacking incidents.

Lead Photo

Criminals seeking to steal consumer financial and identity data from e-commerce web sites represent one of the top drivers of web hacking, according to an analysis from Trustwave, an Internet security firm.

13% of web hacking cases analyzed by Trustwave involve such leakage of information, putting it behind site defacement (15%) and site downtime (33%) as the main reasons that hackers attacked web sites in late 2010. Trustwave based the findings for its semiannual report on studies of 75 web hacking incidents that occurred in the second half of 2010. Those 75 incidents are part of a broader set of 222 hacking incidents that Trustwave documented for the full year 2010. Trustwave says the broader set of hacking incidents makes up only a small part of all hacking cases.

“Professional criminals are continuing to use methods to generate revenue from compromising web sites,” the report says. “This data can then be sold on the underground black market for identity theft purposes and fraud.”

Retail sites, however, account for only 4% of hackers’ attack targets, according to the report. By contrast, government sites accounted for 17% of attacks, entertainment sites 15%, and media sites5%. Other attack targets included political, financial and technology sites, and blogs.

Overall, the most common hacker method is distributed denial service of attacks, used in 32% of the analyzed hacking incidents, Trustwave says. Distributed denial of service, or DDOS, attacks occur when perpetrators send a huge volume of traffic to web sites in an effort to overwhelm web servers and prevent shoppers from accessing the sites. A denial of service attack is how a group of WikiLeaks supporters who dub themselves Anonymous took down MasterCard.com and Visa.com late last year after those payment networks cut off donation payments to the document-release site as its founder, Julian Assange, faced increasing legal and political pressure.

By contrast, malware was used in only 1% of the hacking incidents, the Trustwave report says.

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

Deepak Agarwal / E-Commerce

Back-to-school insights from a Top 100 online retailer

It’s the second-largest online shopping season, and one nomorerack.com CEO pays close attention to. Here ...

FPO

Kevin Sterneckert / E-Commerce

The ghost economy: an $800 billion retail data disconnect

A new twist on a classic holiday story that online retailers will relive in the ...

Advertisement