E-commerce sites involved in most data breaches investigated by Trustwave
“Breaches at the point of sale, where customers enter payment information at physical stores, accounted for 33.0% of data breach investigations. 54.0% of the breaches happened on e-commerce web sites, and 10% happened at data centers. The remaining 3.0% happened through other channels. “In addition to brick-and-mortar locations, databases involved in e-commerce payments continue to be common targets of attack,” the report says. “As has been the case for more than 15 years, poor coding and data storage practices have left sites vulnerable to SQL injection, whereby criminal hackers gain access to cardholder data stored in databases.” In an SQL injection, attackers insert bits of malicious code that allow them to download the contents of a database.”
The problems associated with cyber crime are getting worse and there are a number of reasons for this. The attitude for software developers to get software to the market in a hurry is allowing it to be sold in an incomplete and insecure state. This creates opportunities for the cyber criminals.