Dell announced the results of its annual Threat Report, which leverages research from Dell’s Global Response Intelligence Defense (GRID) network and telemetry data from Dell SonicWALL network traffic to identify emerging threats and equip organizations of all sizes with insights to improve their security posture.
Analyzing Dell data sources and the 2014 threat landscape, this year’s report found a surge in point-of-sale (POS) malware, increased malware traffic within encrypted (https) web protocols, as well as twice the number of attacks on supervisory control and data acquisition (SCADA) systems over 2013. The Dell Security Threat Report aims to equip organizations with practical, evidence-based advice to help them more effectively prepare for and prevent attacks, even from threat sources yet to emerge.
“Everyone knows the threats are real and the consequences are dire, so we can no longer blame lack of awareness for the attacks that succeed,” said Patrick Sweeney, executive director, Dell Security. “Hacks and attacks continue to occur, not because companies aren’t taking security measures, but because they aren’t taking the right ones.”
The retail industry was shaken to its core in 2014 after several major brands experienced highly publicized POS breaches, exposing millions of consumers to potential fraudulent purchases and risk for identity theft. Forrester Research notes, “The major breaches of 2013 and 2014 brought to the fore the lack of security surrounding point of sale (POS) systems, the risks involved with third parties and trusted business partners, and the new attack vectors opened through critical vulnerabilities such as Heartbleed.”
The report shows that these retailers were not the only targets, as Dell also saw a rise in POS attacks attempted among Dell SonicWALL customers.
“Malware targeting point-of-sale systems is evolving drastically, and new trends like memory scraping and the use of encryption to avoid detection from firewalls are on the rise,” said Sweeney. “To guard against the rising tide of breaches, retailers should implement more stringent training and firewall policies, as well as re-examine their data policies with partners and suppliers.”
Murli Mohan, Director and General Manager, Dell Software Group, India, said, “Companies more often focus on protecting against existing security (cyber) issues and the known vulnerabilities, the next gen threats have become turned out to be advanced and hazardous. Mega trend such as BYOD, big data, cloud, mobile computing, Internet of things, and mobile apps continue to disrupt the cyber behavior. Today, organizations need to be well-equipped to ensure protection from both existing and previously undetected threats and a predictive and context aware security fabric that will evolve and adapt to business needs.”