It is no surprise that the retail industry is often highly targeted when it comes to security breaches and cyber criminals. This is a sector that makes its living by running as many credit card transactions as possible in a single day. This is the perfect opportunity for criminals to breach the network and access a mountain of criminal information right away.
Recently, Verizon released its 2014 Data Breach Investigations Report. It covered the 1,367 confirmed data breaches and 63,437 security incidents that were reported in 2013.
According to the study, the point of sale system was one of the most targeted areas for cyber attacks last year. POS intrusions totaled 14 percent of all breaches. However, that number was lower than has been seen in previous years, specifically 2010 and 2011.
The year looked worse than it actually was because of the highly publicized breaches of major retailers like Target and Neiman Marcus. This resulted in the personal information of 110 million customers becoming vulnerable to an attack. The popularity of the retailer, the fact that it occurred during the holiday shopping season and the number of those effected made sure that everyone was talking about it during holiday dinner.
Just because major companies were affected does not mean that medium and smaller companies should rest easy. The retail industry was the victim of 148 confirmed breaches last year, the third highest collection of the 1,367 breaches that were tracked in the report.
"POS attacks are driven by financial motives and most of them can be attributed to organized criminal groups operating out of Eastern Europe," the report reads. "Such groups are very efficient at what they do; they eat POSs like yours for breakfast, then wash 'em down with a shot of vodka."
The main forms of attack were brute force remote access and using stolen credentials when it comes to POS intrusions in 2013. However, there was also a resurgence of RAM-scraping malware which was fifth-most-common in 2009, dropped below 20 on the list last year and was fourth last year.
The study also found that a majority of these POS breaches were reported to the companies after the fact by a third-party fraud prevention company and law enforcement and was not caught by the merchant themselves. This means that the criminals were able to have more time to exploit the vulnerabilities and it was only after customers also became victims was the breach noticed and plugged.
With the help of a credit card payment processor that understands the latest security threats, any organization will be able to better keep their information secure.