Crisis of confidence plagues local retailers according to new survey by online security expert Symantec.cloud.
Targeted online attacks have increased significantly since they were first discovered five years ago. However, in recent months the retail sector has been hit the hardest, with targeted attacks increasing from a steady monthly average of 0.5% of all attacks for the past two years to 25% in the last quarter of 2010.
Hong Kong's vibrant retail sector has not been spared. According to a new survey conducted in January 2011 by the hosted security solution leader Symantec.cloud, over 40% of Hong Kong-based retail industry respondents said their firm had experienced a cyber-attack, with the severity of the impact ranging from:
- Very inconvenient and financially damaging (36.2%), to
- Extremely inconvenient and financially damaging (10.5%)
"The industry clearly recognizes the dangers. More than 66% of our survey respondents rated spam, phishing, malware and other cyber mayhem as serious or very serious threats to their business," say the regional director for Symantec.cloud, Nigel Mendonca. "The problem is that they aren't certain that their organisation is capable of combating these threats."
An average of between 200 and 300 organisations worldwide are targeted each month. However, while the methods sometimes change, the scammers are generally looking for the same thing – sensitive business information that can be sold to other criminals.
"The large number and variety of key loggers and data-stealing malware illustrate the value that attackers place on data. Attackers are getting a great deal of use out of customers' user accounts, passwords, and confidential business information," says Mendonca.
"In essence, any data on the network is valuable to an attacker and might be used for identity theft or in other attacks. But when customer data is lost, the biggest dangers for retail organizations is reputation damage, loss of customer confidence and the loss of clients to competitors."
His view is supported by the new survey data. The vast majority of Hong Kong-based retail industry respondents agreed that their business would be seriously affected if customer information were leaked following a cyberattack. The majority (79%) rated such a leak as very or extremely damaging to their business and reputation.
Mendonca believes that, while most organisations treat online threats as genuine dangers, the retail industry faces a significant shortfall in confidence when it comes to dealing with this increasingly complex issue.
"Only 7% of respondents to the Symantec.cloud survey expressed a high level of confidence that their current security solutions are capable of coping with new email and web threats. What is more alarming is that fully 43% were only moderately confident and 6.4% had no confidence at all," he said.
MORE ARTICLES ON SECURITY