Major Factors in Retail Breaches and Cyber Insecurity
Commonalities underlie many fields of interest. Whether it be in similar story and character beats in books or films, gameplay mechanics in different video games, or a play drawn up for a basketball team; despite seemingly infinite variations and iterations, if you dig down deep enough, it becomes apparent that there are only so many different types of story, or ways to press buttons on a controller.
Digging deep for these similarities is essentially what Verizon has now done for retailer data security vulnerabilities. Releasing a study called “Data Breach Digest,” the company reveals how it examined 18 data breach scenarios across 1,200 companies studied worldwide over the past three years. Furthermore, the Digest Study has identified the most common methods behind retail breaches. Beneath all the exploits, strains of malware, etc., thieves will most often employ Point-of-Sale intrusion, peripheral tampering, or SQL injection.
The first, says Verizon, employs RAM scraping malware to extract data from specific environments like, as the name implies, PoS terminals. Peripheral tampering involves the manipulation of any physical device that connects to a merchant’s computer system, including anything from PIN entry devices to printers (as if those didn’t get screwed up enough). SQL injections, which can take the longest to discover and contain (anywhere from hours to months), take advantage of an application’s interaction with its back-end database, using stolen credentials to modify existing database queries and steal sensitive data. Perpetrators of these types of attack can be activists, organized crime, and even state-sponsored hackers.
These types of breaches, as analyzed by Verizon, specifically pertain to retailers. Every industry, however, is at risk, and, as I’ve written before, awareness of this fact is increasing. It explains why, according to a new Advisen Ltd. report, that 80 of organizations are greatly concerned about breaches, particularly their resources to handle response, and the fines, lawsuits and reputational damage that can ensue. Cyber liability insurance is effective, but sometimes, ironically for covered entities, a breach isn’t even large enough to trigger coverage, leaving the organization to manage the gaps. These main findings of the report—all organizations being at risk but lacking preparation for impact or response, concern for the consequences of a breach, and struggles with gaps in coverage—highlight this anxiety entities have about the state of their system protection, detection capabilities, and response plans.