14 DAY TRIAL // Dell SecureWorks revealed a report that shows a considerable increase of 43% in attacks against retailers in the first nine months of 2011, compared to the first part of 2010.
"Based on the attacks we detected in the first nine months of this year, criminals are more aggressively using the web as a primary attack vector for both clients and servers," Dell SecureWorks CTO, Jon Ramsey, said.
"We saw a significant increase in SQL Injection attacks against servers and exploit packs hosted on web sites, which contributed to the overall rise in retail attacks."
It seems there are three main methods deployed by hackers in the attempt to fill their pockets and one of the more popular ones involves an SQL injection attack.
The study gives only an example, but that's enough to see the magnitude of the damage caused by these types of hits. One of the biggest heists involved a Georgia man who managed to steal $36 million (25 million EUR) by launching such an attack on the customers of some financial institutions.
Web-based exploit kits are also widely utilized. These exploit kits usually hide behind colorful advertisements which masquerade malicious elements that flood the infected machine with all sorts of things such as bank account-stealing Trojans, DDoS Trojans and rogue anti-virus applications.
Shady pay-per-install affiliates often spread downloader Trojan attacks which after they take out your AV, they download further malevolent components that take over the system entirely.
"Server protection requires strong secure software development practices, as well as detection and prevention controls," added Ramsey. "Client protection requires good system hygiene and detection and prevention controls that limit exposure to attacks from malicious websites."
The research also advises retailers to deploy Intrusion Prevention Solutions (IPS) that can protect a device against the afore-mentioned threats. Other recommendations for securing a network include a web application firewall, server and security device monitoring, regular vulnerability scans, penetration tests and content filtering.