One hack after the next, large-scale data breaches, and high-risk vulnerabilities, are just a few of the many major security issues that have been chronically compromising organizations, users, and other businesses in 2014. Before we look forward to the rest of 2015, here's a recap of last year's biggest security stories—the ones that impacted a large number of users and various industries—so we can learn from past incidents.
Indeed, the year 2014 can be described as an explosion of data breaches and PoS RAM scrapers. High –profile targets in various industries, including retail and hospitality were victimized by PoS malware, causing an increase in the number of infected PoS systems in 2014 increased throughout the year.
Number of Systems detected with POS Malware in 2014
In a data breach incident that happened during the holiday season of 2013, major U.S. retailer Target reported losing personal information, including names, mailing addresses, phone numbers or email addresses, of up to 70 million individuals. Other large-scale PoS breaches victimized customers of Home Depot and Kmart.
PoS malware has been in use for years now. Looking back, the earliest evidence of PoS RAM scraping was in Visa’s Data Security Alert issued on October 2, 2008. Senior threat researcher Numaan Huq talked about how PoS RAM scrapers started by installing debugging tools, and has since evolved to include multiple components, single binary packaging, networking, bot or C&C commands, kill switch functions, data encryption, customized binaries, and multiple exfiltration techniques.
Evolution of Point-of-Sale (PoS) Malware
Trend Micro data shows that infected PoS systems in 2014 were evenly distributed across countries. Roughly one in three infected systems can be found in the United States.
Country Distribution of Systems Where PoS Malware Were Found in 2014
BlackPoS, the popular malware variant that was used to attack Target and Home Depot systems, is the most used PoS malware family in 2014. Since the original version leaked out, this malware had been passed along in underground environments for revisions. Version 2.0 of this malware has been found disguising itself as a known antivirus software to avoid detection.
PoS Malware Family Distribution, 2013 vs 2014
Knowing these, companies that use PoS systems should be aware of the various threats that infiltrate their network with the goal of gathering financial information from their clients. PoS systems are generally an easy target considering the wide use of unprotected systems around the world. However, there are advanced security technologies now available, such as application control and advanced network threat detection, which can help detect intrusion in time.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.