A data breach investigations report was recently presented by Verizon. It was a 60-page document that contained compiled and analyzed 63,000 security breach incidents and 1,300 confirmed data breaches that came from some 50 companies worldwide. This is a summary of the four categories of cyber security issues faced by major businesses, as acknowledged in the report.
Point-of-Sale (POS) Intrusions
Hotels, restaurants, grocery stores, and other retailers are all big targets of most POS intrusions. With regards to the means of attack, the POS machine should be compromised first, to be able to install some sort of a malware that is designed to collect magnetic strip data from credit cards as they are processed. Retrieval of data comes next to be able to transfer funds or make purchases with the retrieved credit card information.
Almost all POS attacks can be attributed to organized criminal groups operate out of Eastern Europe, according to the report, for monetary gain. Though POS attacks have been dwindling down over the last few years, the report still cautions that the threat is real and still happening and that it is more of a threat that retail security systems should target.
Web App Attacks
The proverbial punching bag of the Internet, as the report refers to web applications, is the most common type of data breach. The methods being used by those with malevolent intent are weaknesses in the application such as inadequate input validation, which are then exploited by the injection or use of malware, phishing methods and just plain guessing at the user’s private information. Hacked credentials that are also being manipulated have access by simply pretending to be a valid user.
The report also stated that two-factor identification is better than single password-based protection.
The report defines crimeware as any malware incident that did not fit other patterns like espionage or POS attacks. Crimeware covers an expansive range of malware attacks that includes getting an online user’s banking information, mounting DoS attacks, spamming, and other unlawful actions. Web downloads and drive-by infections are reported to be the most common ways of infecting a system.
To combat crimeware, it is suggested that keeping software such as browsers up to date or applying security patches as soon as they are released.
Unauthorized network or system access linked to state-affiliated actors has tripled over the last year per the report. Cyber-espionage is actually gaining a wider variety of “threat-actions” pattern which is a cause a great alarm.
Another disturbing fact that the report cited is, once the foreign intruder or intruders have gained access, they can then participate in all kinds of not-so-good activities such as scanning of networks and transferring of sensitive data. China was once considered the only participant until Eastern Europe joined in and has reportedly instigated 21 percent of the reported attacks.
In this present day, Cybercrime is a big business. IT security pros and their retail security systems are being called upon to be watchful in identifying current and new generation of the threats and to continue to work on new and better ways to keep those threats at bay.