According to Verizon's 2014 Data Breach investigations Report (DBiR), 2013 can also be termed at the year of retailer breach and can also be considered as the year of transition from geopolitical attacks to large-scale attacks on payment card systems.
The 2014 DBIR analyses over 1,300 confirmed data breaches and more than 63,000 reported security incidents from last year.
Cyber-espionage is up again in 2014 report, representing a more than three-fold increase compared with the 2013 report, with 511 incidents partially due to a bigger dataset. Besides, these attacks were found to be the most complex and diverse, with a long list of threat patterns, the report said.
"As it did last year, China still leads as the site of the most cyber espionage activity, but the other regions of the world are represented, including Eastern Europe with more than 20 per cent," it claims.
The report reveals that 2013 may be remembered as the 'year of the retailer breach'.
"But a comprehensive assessment suggests it was a year of transition from geopolitical attacks to large-scale attacks on payment card systems," it added.
Financially motivated attackers are hyper-focused on gaining access to the money, so it follows that their two primary target industries are the financial and retail industries
"Within the financial industry, they focus on gaining access to the user interface of the web (banking) application more so than exploiting the web application itself, because the application grants logical access to the money," the report revealed.
This means they target user credentials and simply use web applications protected with a single factor (password) as the conduit to their goal," it said.
The retail industry faced a total of 467 security incidents last year, while the financial sector face 856 such incidents in 2013, the report revealed.
Verizon Enterprise Solutions Head Global Consulting and Integration Services (India and South Asia) Ashish Thapar said that cyber criminals have become more smart and are targeting not just organisations but individuals too.
"Organisations need to realise that no one is immune from data breach. It is taking longer to identify compromises in an organisation, often weeks or months, whereas, penetrating can take minutes or hours," he added.
Cyber criminals are becoming more sophisticated and are employing highly complex and diverse methods to breach a network, Thapar said.