Surge in POS Malware Leading to Enormous Security Breaches - ABI

Infosecurity-magazine.com reported on 22nd May, 2015 stating that market research firm ABI Research reveals that there has been a huge increase in point-of-sale (PoS) malware leading to major data breaches.

Infosecurity-magazine.com reported on 22nd May, 2015 quoting a report of the firm as "Prominent brands like Neiman Marcus, Target, PF Chang's, Michaels Stores, Staples and Home Depot have all become casualties of PoS security breaches targeting customer payment card data. In most incidents, PoS assaults take place because of malware infections. In the last few years, there has occurred substantial increase in malware families such as POS CardStealer, Alina, vSkimmer, Dexter, ProjectHook, BlackPOS amongst others, many of which can be conveniently bought online."

In fact, the firm estimates that overall number of PoS-related security episodes will touch 600 by the end of 2015 with confirmed exposure of data.

Network segmentation is one of the chief technologies which can be employed to protect POS and that can be achieved by installing a next-generation firewall (NGFW). Once illegal entry is acquired, network segmentation can grant efficient controls to minimize the subsequent step of a network infiltration and restrict further progress across the network.

Monolina Sen, Senior Analyst in Digital Security of ABI Research, says: "The main advantage provided by NGFW for network segmentation is application servers and data can be appointed in different segments based on their threat factors and security classifications, with strongly controlled access to them." ABI Research expects more organisations to migrate from outdated to next-generation firewalls.

Securityweek.com published a report on 25th May, 2015 quoting researchers of FireEye as saying, "Even cybercriminals engaged in unselective spam operations have POS malware available and can deploy it to subset of their victim. Due to extensive use of POS malware, they are ultimately discovered and exposed more. However, this is followed by new development of POS with almost same functions but the detection levels of such new POS are initially quite low in spite of the similarity in their functions which enable cybercriminals to encash this opportunity to exploit the use of new variant. We expect that new versions of POS malware with similar functions will keep on growing to meet the demand in the marketplace of cybercrime.

» SPAMfighter News - 6/4/2015