New research published in the NTT 2016 Global Threat Intelligence Report reveals that cybercriminals have shifted their focus from traditional financial markets to the retail sector.

According to a press release, retail organizations experienced nearly three times as many cyberattacks as those in the finance sector, which last year topped the list of organizations most often attacked. In 2016, cyberattacks against financial industry targets dropped to 14th place.

The annual Global Threat Intelligence Report covers security threats experienced by 8,000 NTT Group clients during 2015.

This year’s data are based on 3.5 trillion security logs and 6.2 billion attacks, the release said. Data are also gathered from 24 security operations centers and seven research and development centers of the NTT Group.

Rory Duncan, Head of Security Business Unit at Dimension Data UK, an NTT company, explained how retail ended up on top of the 2015 list:

"Retail companies are becoming increasingly popular targets as most process large volumes of personal information, including credit card data, in highly distributed environments with many endpoints and point-of-service devices. Such diverse environments can be difficult to protect."

Other findings in the NTT 2016 Global Threat Intelligence Report:

Sixty-five percent of attacks originated from IP addresses within the U.S. However, the hackers behind these attacks could be located anywhere in the world. Cybercriminals are adopting low-cost, highly available and geographically strategic infrastructure to perpetrate malicious activities.

Cybercriminals are increasingly leveraging malware to breach organizations' perimeter defenses. Excluding the education sector, malware increased 18 percent across all categories.

Malware is becoming more stealthy and sophisticated, and at the same time that organizations are developing sandboxes to better understand cybercriminal tactics and protect themselves from attacks, malware developers are aggressively developing anti-sandbox techniques.