Verizon Releases Breach Report, POS and DDOS Dominate

From what the international telco gathered in their data, it seems that the three most popular (and destructive) attack vectors of last year were DDoS attacks, POS hacks, and good old fashioned webpage-based cracks.

Those were the primary lessons to be learned from Verizon’s 2014 Data Breach Investigations Report released today, which had 50 global companies contributing 1,367 confirmed data breaches and 63,437 security incidents.

Instead of laying out a simple “top-10” list of every problem sysadmins should be on the lookout for in 2014, Verizon broke up the various threats into categories, ranking each by how much of a concern it should be for the industries recorded, and what they can do to prevent any problems from popping up on their networks in the future

A researcher close to the project spoke about Target’s woes announced in December:

“From an attack pattern standpoint, the most simplistic narrative is as follows: compromise the POS device, install malware to collect magnetic stripe data in process, retrieve data, and cash in. All of these attacks share financial gain as a motive, and most can be conclusively attributed (and the rest most likely as well) to organized criminal groups operating out of Eastern Europe.

Such groups are very efficient at what they do; they eat POSs like yours for breakfast, then wash ‘em down with a shot of vodka. While the majority of these cases look very much alike, the steps taken to compromise the point-of-sale environment offer some interesting variations.”

For the enterprise set, the results paint a multi-faceted picture which suggests that while certain businesses may only need to worry about the security of their point of sale systems (restaurants, bars), others may have to lock down the Wi-Fi in their stores to prevent drive by hacks like those most recently seen at chains like Michael’s.

For users, the report recommends standard methods of protection including using two-step password authentication whenever possible, automatically patch any software that asks you to, and use firewalls/AV programs which can effectively monitor your communications and notify you if anything fishy comes out of the blue.