Hacking attacks against sales terminals have risen by nearly a third last year, and the US is still leading the way in being insecure.
Incidents affecting sales tills and payment systems increased to 31 per cent in 2016, according to research by security firm Trustwave, while incidents affecting e-commerce environments fell to 26 per cent from 38 per cent. Incidents involving sales registers were most common in the US, thanks to its tardy adoption of EMV chip technology and a reliance on chip and signature rather than chip and PIN payment.
Half (49 per cent) of data breaches investigated by Trustwave were in North America, while 21 per cent were in Asia-Pacific, 20 per cent in Europe, Middle East and Africa, and 10 per cent in Latin America. The largest single share of incidents involved the retail industry, at 22 per cent, followed closely by the food and beverage industry, at nearly 20 per cent.
More than half of the incidents investigated by Trustwave targeted payment card data:
- Card track (also called magnetic stripe) data, at 33 per cent of incidents, primarily came from point-of-sale environments.
- Card-not-present (CNP) data, at 30 per cent, mostly came from e-commerce transactions.
- Financial credentials, including account names and passwords for banks and other financial institutions, accounted for 18 per cent of incidents.
Andrew Komarov, chief intelligence officer at InfoArmor, told El Reg that his threat intelligence firm was seeing the same trend of increased payment terminal-related malfeasance.
"The number of point-of-sale breaches and network intrusion attempts against retailers is rapidly growing," Komarov said. "The US is one of the most affected geographies ... because of the scale of its retail economy with over 15 million point-of-sale terminals, and huge penetration of IT in it.
"The threat actors started to use more advanced tactics, and to focus on SaaS services and platforms, providing solutions for the point-of-sale market, which may lead to large-scale data breaches. The industry is aware about EMV, but it will take time to distribute this technology in bigger scale," he added.
The latest edition of Trustwave's Global Security Report (available here, registration required) also chronicles a disruption in the exploit marketplace. The most common exploit kits in the world – Angler, Magnitude and Nuclear – disappeared or went private in 2016, leading to a shakeup of the exploit kit market. ®