E-commerce sites involved in most data breaches investigated by Trustwave

E-commerce sites involved in most data breaches investigated by Trustwave

“Breaches at the point of sale, where customers enter payment information at physical stores, accounted for 33.0% of data breach investigations. 54.0% of the breaches happened on e-commerce web sites, and 10% happened at data centers. The remaining 3.0% happened through other channels. “In addition to brick-and-mortar locations, databases involved in e-commerce payments continue to be common targets of attack,” the report says. “As has been the case for more than 15 years, poor coding and data storage practices have left sites vulnerable to SQL injection, whereby criminal hackers gain access to cardholder data stored in databases.” In an SQL injection, attackers insert bits of malicious code that allow them to download the contents of a database.”

The problems associated with cyber crime are getting worse and there are a number of reasons for this.   The attitude for software developers to get software to the market in a hurry is allowing it to be sold in an incomplete and insecure state.   This creates opportunities for the cyber criminals.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.