Cyber Security News / Retail/Restaurants/Convenience

Cybersecurity after Target: Getting the Facts about POS Attacks

The holidays are a time to celebrate and rejoice with family and friends. However, during the most recent holiday shopping season, many found themselves worrying whether or not the gift they purchased for a loved one put them in jeopardy due to cyber-attacks.

In December, Target announced that more than 110 million customers – almost one third of the U.S. population – had their data compromised in a large-scale breach of the company’s point-of-sale (POS) network. Cyber thieves stole cardholder names, card numbers and three-digit security codes between November 27 and December 15, as well as addresses and phone numbers. As the extent of Target’s breach started to unfold, high-end retailer Neiman Marcus announced that their POS network had also been compromised between July and October of 2013, and unauthorized purchases associated with the stolen data had been made during the holiday season.

According to a recent report from Javelin Strategy & Research, the number of people notified after a data breach that they were victims of fraud rose by 340 percent between 2010 and 2012. Data breaches such as Target and Neiman Marcus, as well as a handful of other well-known retailers, point to the shift in cybercrime and show that data breaches are becoming the new world order. No longer are attacks considered isolated incidents – they are now a common threat and all enterprises and small businesses  alike need to take note.

In the case of the Target breach, the vulnerability of the POS network was exploited by advanced persistent threats (APTs) for a few milliseconds when the malware hit. The APTs found a small crack in the network and deployed the malware, which then decrypted the sensitive information. That’s what hackers have mastered – exploiting vulnerability and using APTs as a way to do it.

There are two distinct differences between an APT and a traditional attack. First, the attack is targeted at strategic users to access key information. Second, the botnet of the APT is disguised as legitimate data traffic and can go undetected for a substantial period of time. This dramatic shift in cybercrime forces retailers to reevaluate the security of current POS networks. Even more challenging is that APTs can fly under the radar for long periods of time before an organization even knows it’s under attack.

Historically, POS networks have been regarded as proprietary systems immune to targeted network attacks. However, the recent data breaches of Target and Neiman Marcus have proven that no longer to be true – POS networks are just as vulnerable to targeted attacks as any other network.

As the POS systems have become more complex and organizations have begun allowing third-party vendor’s access to networks, more vigilance in monitoring the behavior of outside sources is needed. Traditionally, organizations have been focused on security risks from risky employee behavior or outside direct attacks; however, as digital interactions become more frequent, the growing risk of untraditional threats has grown. As such, retailers should consider a security approach similar to a traditional enterprise network comprised of desktops, laptops and mobile devices.

The solution isn’t easy, but it is feasible. It starts with the business network and implementing a comprehensive approach to network security, including securing network endpoints, implementing an intrusion prevention system and establishing an incident response plan. By securing network endpoints, advanced malware and suspicious traffic can be easily identified by the network.

While early detection of threats can help combat an attack, network administrators need to be educated on suspicious traffic and vulnerable systems. As for retailers, they need to re-evaluate their security strategy to look not only at protecting cardholder data for compliance purposes, but to ensure that ALL of the data they are collecting – from customer information to shopping trends – remains private. 

Did you enjoy this article? Click here to subscribe to Security Magazine. 

You must login or register in order to post a comment.

Multimedia

Videos

Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.

Podcasts

Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

September 2014

2014 September

In the September issue of Security Magazine, find out who this year's most influential people are in the security industry are. Also, take a peek at the technology products that ASIS 2014 will be showcasing at the upcoming event. Read about the lessons learned from security at the World Cup, find out why tactical medical training is a must for your enterprise and how Atlanta increased security by sharing surveillance.
Table Of Contents Subscribe

Adopting New Technology

How long do you wait before adopting a new technology?
View Results Poll Archive

THE SECURITY STORE

comptiahighriseproductphoto
CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.  

STAY CONNECTED

Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+