IBM Security, profile picture
Uploaded byIBM Security
PDF, PPTX3,102 views

Security Trends in the Retail Industry

The document discusses security trends in the retail industry, highlighting an upward trend in attack success rates despite fewer overall incidents in 2014, with malware being a significant threat. It outlines prevalent attack vectors targeting retailers in 2015, the shift in focus towards smaller businesses by attackers, and provides recommendations for enhancing cybersecurity. Notably, it emphasizes the impact of point-of-sale malware on payment data security and introduces strategies to mitigate fraud-related risks in the retail sector.

Embed presentation

Download as PDF, PPTX
Š 2016 IBM Corporation Nick Bradley Sr. Manager and Practice Lead, MSS Threat Research IBM Security Michelle Alvarez Researcher and Editor, MSS Threat Research IBM Security Security Trends in the Retail Industry
2© 2016 IBM Corporation Today’s panelists Nick Bradley Practice Leader Threat Research Group IBM Security https://securityintelligence.com/author/nick-bradley/ https://www.linkedin.com/in/nick-bradley-3406442 Michelle Alvarez Threat Researcher, Publisher and Editor Managed Security Services IBM Security securityintelligence.com/author/michelle-alvarez/ linkedin.com/pub/michelle-alvarez/65/867/445
3© 2016 IBM Corporation !  2014 review !  2015 findings –  Attack types targeting retailers –  Black Friday/Cyber Monday trends !  A look at Data Breaches: Attackers are shifting their focus !  POS Malware !  Potential actions for defense !  Addressing fraud Agenda
4Š 2016 IBM Corporation In 2014, the retail industry remained fourth overall in incident rates, but with an upward trend year-to-year over 2013 Source: IBM Managed Security Services data
5© 2016 IBM Corporation !  Although the retail industry experienced fewer events than average, the numbers of attacks and incidents were higher than average 2014 saw attackers having a higher success rate with retailers than the cross-industry average Source: IBM Managed Security Services data
6© 2016 IBM Corporation Prevalent attack vectors targeting the retail industry in 2015 !  Analysis of IBM MSS data accumulated between January 1 2015 and November 30 2015 reveals attack vectors affecting the retail industry. Attacks from the Tor network Malicious documents introduce malware Shellshock !  Criminals often use the Tor network to trade with each other and to launch attacks against surface targets !  5% of attacks against retailers came from the Tor network—a higher percentage than any other industry 2 !  A vulnerability in the GNU Bash shell widely used on Linux, Solaris and Mac OS systems !  The number three attack vector, making up just over 13% of the attacks !  Remains a significant and persistent threat across all industries in 2015 3 4 !  The number one attack vector, making up almost 18% of the attacks !  Attackers trick victims into opening malicious documents or clicking on links to malicious sites !  Intent is almost always to have the victim download malware, which is the largest single attack type !  The number two attack vector, making up just over 14% of the attacks !  Also the number two attack type associated with retail security breaches !  Weak SQL database security policy is a common denominator in successful attacks SQL injection 1
7© 2016 IBM Corporation !  Attackers do exploit the holiday season via spam, phishing and compromised websites !  However, on average there is no significant uptick in attack activity in the Black Friday/Cyber Monday period !  While traffic may appear to have spiked on Cyber Monday in 2015, the spike is only slightly above average for the holiday timeframe Black Friday/Cyber Monday: attackers were shopping, not attacking Source: IBM Managed Security Services data
8© 2016 IBM Corporation !  The IBM X-Force Interactive Security Incidents tool on the web provides a continuously updated view of notable security incidents across all industries Retail security incidents occur at a consistent rate throughout the year Source: IBM X-Force Security Incidents data (January 1 2014 – November 31 2015). http://www-03.ibm.com/security/xforce/xfisi/ Note: Data is a sampling of notable incidents for each year and not a full representation of all incidents.
9© 2016 IBM Corporation !  The number of records reported is down…but the number of incidents is up In 2015, breaches were occurring at a high rate, but companies were not reporting the number of records compromised Records not reported 70% 2015 rate of reporting records compromised in a breach Source: IBM X-Force Interactive Security Incidents data (January 1, 2013 – November 30, 2015). http://www-03.ibm.com/security/xforce/xfisi/ Source: IBM X-Force Interactive Security Incidents data (January 1, 2015 – November 30, 2015). http://www-03.ibm.com/security/xforce/xfisi/
10© 2016 IBM Corporation !  Attackers are shifting from targeting a few large organizations to targeting a large number of smaller businesses !  A lot of little payoffs can add up to the same $$$ as a few big ones –  Payment card records sell for between $1 and $25 on the black market !  Large breaches can be less effective because compromised credit cards get cancelled faster when the target is a large company that reports all affected credit cards to banks !  Smaller companies may also lack the resources to discover compromises quickly Attackers are shifting their focus to smaller businesses
11© 2016 IBM Corporation Source: IBM X-Force Security Incidents data (January 1 2011 – November 31 2015). http://www-03.ibm.com/security/xforce/xfisi/ Note: Data is a sampling of notable incidents for each year and not a full representation of all incidents. !  In 44% of the retail breaches sampled, malware was the most relevant attack type !  In 42% of breaches, victim organizations have not to date disclosed exactly what type of attack they sustained !  The banking Trojan “Shifu” scans for POS endpoints and, when it finds one, uses a RAM-scraping plug-in to siphon payment card data !  The Dyre malware, used by cybercrime gangs to attack bank accounts, is adding retail targets to its configuration file, preying on online customer orders Malware “planted” via malicious documents and links is the leading cause of retail breaches in 2015
12© 2016 IBM Corporation !  POS malware is designed to extract customer payment card (credit and debit) data and send it back to the attacker’s command and control server !  Half of the ten largest retail breaches recorded since 2011 were caused by POS malware. !  These compromises resulted in the theft of nearly 195 million records, the majority containing credit card data. In the retail industry, malware attacks against point-of-sale (POS) systems directly target payment card data Source: IBM X-Force Security Incidents data (January 1 2011 – November 31 2015). http://www-03.ibm.com/security/xforce/xfisi/ Note: Data is a sampling of notable incidents for each year and not a full representation of all incidents.
13Š 2016 IBM Corporation Recommendations for protecting enterprise and POS systems Update POS software Use endpoint protection Restrict access to the Internet Disallow remote access Segment POS networks Physically protect POS systems Use strong passwords Educate users
14© 2016 IBM Corporation !  October 2015 in US liability for fraud shifted from card issuers to merchants not using EMV !  Current debate: Which is more secure, chip-and-PIN or chip-and-signature? –  Chip-and-PIN vulnerability: PIN is encoded in magnetic stripe –  Chip-and-signature vulnerability: Signatures are easy to “scribble” !  Will virtual payments replace cards…and present a whole new set of security challenges? Addressing retail fraud: PIN vs signature or physical vs virtual?
15© 2016 IBM Corporation What you can do to help protect against fraud •  Encourage awareness of “lurkers” •  Consider point-to-point encryption •  Consider contactless POS systems •  Report lost or stolen cards promptly •  Record all your account numbers and their phone numbers •  Don’t lend your cards or leave them unprotected Retailers Consumers
16© 2016 IBM Corporation !  This and other IBM® X-Force® threat research reports can be downloaded here Get the complete picture About this report This IBM X-Force report was created by the IBM Managed Security Services Threat Research group, a team of experienced and skilled security analysts working diligently to keep IBM clients informed and prepared for the latest cybersecurity threats. This research team analyzes security data from many internal and external sources including event data, activity, and trends sourced from thousands of endpoints managed and monitored by IBM for Managed Security Services accounts around the globe.
17© 2016 IBM Corporation !  IBM offers key security services to help you address these challenges How IBM can help IBM Security Framework and Risk Assessment IBM Incident Response Planning IBM Managed Security Services IBM Emergency Response Services Assess Plan Respond Manage
18© 2016 IBM Corporation Learn more about IBM Security V2015-11-23 countries where IBM delivers managed security services industry analyst reports rank IBM Security as a LEADER enterprise security vendor in total revenue clients protected including… 130+ 25 No. 1 12K+ 90% of the Fortune 100 companies Join IBM X-Force Exchange xforce.ibmcloud.com Visit our website ibm.com/security Watch our videos on YouTube IBM Security Channel Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity
© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOUwww.ibm.com/security
© 2016 IBM Corporation Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third- party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. Other company, product, or service names may be trademarks or service marks of others. A current list of IBM trademarks is available at “Copyright and trademark information” www.ibm.com/legal/copytrade.shtml Copyright © 2016 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS document is distributed "AS IS" without any warranty, either express or implied. In no event shall IBM be liable for any damage arising from the use of this information, including but not limited to, loss of data, business interruption, loss of profit or loss of opportunity. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM’s future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer’s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law. Legal notices and disclaimers

More Related Content

PDF
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
byIBM Security
 
PDF
10 Security Essentials Every CxO Should Know
byIBM Security
 
PPTX
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
byIBM Security
 
PDF
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
byIBM Security
 
PPTX
4 Ways to Build your Immunity to Cyberthreats
byIBM Security
 
PDF
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
byIBM Security
 
PPTX
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
byIBM Security
 
PPTX
QRadar & XGS: Stopping Attacks with a Click of the Mouse
byIBM Security
 
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
byIBM Security
 
10 Security Essentials Every CxO Should Know
byIBM Security
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
byIBM Security
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
byIBM Security
 
4 Ways to Build your Immunity to Cyberthreats
byIBM Security
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
byIBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
byIBM Security
 
QRadar & XGS: Stopping Attacks with a Click of the Mouse
byIBM Security
 

What's hot

PDF
The 2016 Ponemon Cost of a Data Breach Study
byIBM Security
 
PDF
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
byIBM Security
 
PPTX
Bordless Breaches and Migrating Malware
bySarah Freemantle
 
PPTX
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
byIBM Security
 
PPTX
See How You Measure Up With MaaS360 Mobile Metrics
byIBM Security
 
PPTX
Attack Autopsy: A Study of the Dynamic Attack Chain
byIBM Security
 
PDF
Top 12 Cybersecurity Predictions for 2017
byIBM Security
 
PPTX
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
byIBM Security
 
PPTX
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
byIBM Security
 
PDF
Cutting Through the Software License Jungle: Stay Safe and Control Costs
byIBM Security
 
PDF
Recent ECB/ EBA regulations how they will impact European banks in 2016
byIBM Security
 
PPTX
Compete To Win: Don’t Just Be Compliant – Be Secure!
byIBM Security
 
PPTX
Tolly Report: Stopping Attacks You Can't See
byIBM Security
 
PDF
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
byIBM Security
 
PDF
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
byIBM Security
 
PPTX
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
byIBM Security
 
PPTX
Valuing Data in the Age of Ransomware
byIBM Security
 
PPTX
Top 2016 Mobile Security Threats and your Employees
byNeil Kemp
 
PDF
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
byIBM Security
 
PPTX
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
byIBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
byIBM Security
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
byIBM Security
 
Bordless Breaches and Migrating Malware
bySarah Freemantle
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
byIBM Security
 
See How You Measure Up With MaaS360 Mobile Metrics
byIBM Security
 
Attack Autopsy: A Study of the Dynamic Attack Chain
byIBM Security
 
Top 12 Cybersecurity Predictions for 2017
byIBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
byIBM Security
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
byIBM Security
 
Cutting Through the Software License Jungle: Stay Safe and Control Costs
byIBM Security
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
byIBM Security
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
byIBM Security
 
Tolly Report: Stopping Attacks You Can't See
byIBM Security
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
byIBM Security
 
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
byIBM Security
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
byIBM Security
 
Valuing Data in the Age of Ransomware
byIBM Security
 
Top 2016 Mobile Security Threats and your Employees
byNeil Kemp
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
byIBM Security
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
byIBM Security
 

Viewers also liked

PDF
Retail Security in India
byProfusion India Consulting
 
PDF
Retail Loss Prevention
byCurtisBaillie
 
PDF
Top Cyber Security Trends for 2016
byImperva
 
PDF
Bill Stankiewicz Copy Scope 2010 Tyco Sourcing And Transportation
byBillStankiewicz
 
PDF
TycoIS Business Security Tips
byRoy Kisner
 
PPTX
FootfallCam- People Counting Solution
byFootfallCam
 
PDF
Who is the next target proactive approaches to data security
byUlf Mattsson
 
PDF
How Vulnerable Is Your Industry to Cyber Crime?
byDavid Hunt
 
PDF
How to choose the right penetration testing company
byPenetration_Testing
 
PDF
Food and Beverage Transportation: 5 Tips for Sourcing Excellence
byCombineNet, Inc.
 
PPTX
Big Data Use Cases for Different Verticals and Adoption Patterns - Impetus We...
byImpetus Technologies
 
PPTX
India electronic security market report 2020 |India CCTV Market |India Video...
byKen Research Pvt ltd.
 
PPTX
Retail Store Security
byRuby Smith
 
PPT
Breaking down the cyber security framework closing critical it security gaps
byIBM Security
 
PPTX
Hack the Hackers 2012: Client Side Hacking – Targeting the User
byNew Horizons Bulgaria
 
PDF
Key Findings from the 2015 IBM Cyber Security Intelligence Index
byIBM Security
 
PPTX
Indian retail market, ayu
byAyush khandelwal
 
PPT
Loss Prevention Presentation
byjpmcafee
 
PPTX
Indian retail ppt
byRamendra Tripathi
 
PDF
Internet of Things - Privacy and Security issues
byPierluigi Paganini
 
Retail Security in India
byProfusion India Consulting
 
Retail Loss Prevention
byCurtisBaillie
 
Top Cyber Security Trends for 2016
byImperva
 
Bill Stankiewicz Copy Scope 2010 Tyco Sourcing And Transportation
byBillStankiewicz
 
TycoIS Business Security Tips
byRoy Kisner
 
FootfallCam- People Counting Solution
byFootfallCam
 
Who is the next target proactive approaches to data security
byUlf Mattsson
 
How Vulnerable Is Your Industry to Cyber Crime?
byDavid Hunt
 
How to choose the right penetration testing company
byPenetration_Testing
 
Food and Beverage Transportation: 5 Tips for Sourcing Excellence
byCombineNet, Inc.
 
Big Data Use Cases for Different Verticals and Adoption Patterns - Impetus We...
byImpetus Technologies
 
India electronic security market report 2020 |India CCTV Market |India Video...
byKen Research Pvt ltd.
 
Retail Store Security
byRuby Smith
 
Breaking down the cyber security framework closing critical it security gaps
byIBM Security
 
Hack the Hackers 2012: Client Side Hacking – Targeting the User
byNew Horizons Bulgaria
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
byIBM Security
 
Indian retail market, ayu
byAyush khandelwal
 
Loss Prevention Presentation
byjpmcafee
 
Indian retail ppt
byRamendra Tripathi
 
Internet of Things - Privacy and Security issues
byPierluigi Paganini
 

Similar to Security Trends in the Retail Industry

PPTX
Anatomy of an Advanced Retail Breach
byIBM Security
 
PPT
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
byUISGCON
 
PPTX
Supersized Security Threats – Can You Stop 2016 from Repeating?
byValerie Lanzone
 
PPT
PresentaciĂłn AMIB Los Cabos
byJuan Carlos Carrillo
 
PDF
IBM Security Services Overview
byCasey Lucas
 
PDF
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
byNorth Texas Chapter of the ISSA
 
PDF
Sel03129 usen
byAndrey Apuhtin
 
PDF
IBM X Force threat intelligence quarterly 1Q 2014
byIBM Software India
 
PDF
IBM 2015 Cyber Security Intelligence Index
byAndreanne Clarke
 
PPTX
Follow the Money, Follow the Crime
byIBM Security
 
PPTX
Current Threat Landscape, Global Trends and Best Practices within Financial F...
byIBM Sverige
 
PDF
IBM X-Force Threat Intelligence Report 2016
bythinkASG
 
PDF
IBM - IAM Security and Trends
byIBM Sverige
 
PDF
The challenges of Retail Security
byIBM Software India
 
PPTX
2015 Cybercrime Trends – Things are Going to Get Interesting
byIBM Security
 
PPTX
Data Breaches: Is IBM i Really at Risk?
byHelpSystems
 
PDF
Security Trends and Risk Mitigation for the Public Sector
byIBMGovernmentCA
 
PPT
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
byAndris Soroka
 
PPT
IBM security systems overview v1.0 - rohit nagarajan
byShwetank Jayaswal
 
PDF
Managed security services for financial services firms
byJake Weaver
 
Anatomy of an Advanced Retail Breach
byIBM Security
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
byUISGCON
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
byValerie Lanzone
 
PresentaciĂłn AMIB Los Cabos
byJuan Carlos Carrillo
 
IBM Security Services Overview
byCasey Lucas
 
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
byNorth Texas Chapter of the ISSA
 
Sel03129 usen
byAndrey Apuhtin
 
IBM X Force threat intelligence quarterly 1Q 2014
byIBM Software India
 
IBM 2015 Cyber Security Intelligence Index
byAndreanne Clarke
 
Follow the Money, Follow the Crime
byIBM Security
 
Current Threat Landscape, Global Trends and Best Practices within Financial F...
byIBM Sverige
 
IBM X-Force Threat Intelligence Report 2016
bythinkASG
 
IBM - IAM Security and Trends
byIBM Sverige
 
The challenges of Retail Security
byIBM Software India
 
2015 Cybercrime Trends – Things are Going to Get Interesting
byIBM Security
 
Data Breaches: Is IBM i Really at Risk?
byHelpSystems
 
Security Trends and Risk Mitigation for the Public Sector
byIBMGovernmentCA
 
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
byAndris Soroka
 
IBM security systems overview v1.0 - rohit nagarajan
byShwetank Jayaswal
 
Managed security services for financial services firms
byJake Weaver
 

More from IBM Security

PPTX
Automation: Embracing the Future of SecOps
byIBM Security
 
PDF
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
byIBM Security
 
PDF
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
byIBM Security
 
PPTX
Integrated Response with v32 of IBM Resilient
byIBM Security
 
PDF
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
byIBM Security
 
PDF
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
byIBM Security
 
PDF
Accelerating SOC Transformation with IBM Resilient and Carbon Black
byIBM Security
 
PDF
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
byIBM Security
 
PPTX
Are You Ready to Move Your IAM to the Cloud?
byIBM Security
 
PPTX
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
byIBM Security
 
PPTX
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
byIBM Security
 
PPTX
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
byIBM Security
 
PPTX
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
byIBM Security
 
PDF
WannaCry Ransomware Attack: What to Do Now
byIBM Security
 
PPTX
How to Improve Threat Detection & Simplify Security Operations
byIBM Security
 
PPTX
IBM QRadar UBA
byIBM Security
 
PDF
Mobile Vision 2020
byIBM Security
 
PDF
Retail Mobility, Productivity and Security
byIBM Security
 
PDF
Close the Loop on Incident Response
byIBM Security
 
PDF
Orchestrate Your Security Defenses; Protect Against Insider Threats
byIBM Security
 
Automation: Embracing the Future of SecOps
byIBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
byIBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
byIBM Security
 
Integrated Response with v32 of IBM Resilient
byIBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
byIBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
byIBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
byIBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
byIBM Security
 
Are You Ready to Move Your IAM to the Cloud?
byIBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
byIBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
byIBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
byIBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
byIBM Security
 
WannaCry Ransomware Attack: What to Do Now
byIBM Security
 
How to Improve Threat Detection & Simplify Security Operations
byIBM Security
 
IBM QRadar UBA
byIBM Security
 
Mobile Vision 2020
byIBM Security
 
Retail Mobility, Productivity and Security
byIBM Security
 
Close the Loop on Incident Response
byIBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
byIBM Security
 

Recently uploaded

PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PDF
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
PDF
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
PDF
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PDF
Pneumatic Pressure Pump PPP01 for Calibration & Testing
bySERRAX TECHNOLOGIES LLP
 
PDF
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
PDF
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
PPTX
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
PDF
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
PDF
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
PDF
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PDF
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PDF
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
Pneumatic Pressure Pump PPP01 for Calibration & Testing
bySERRAX TECHNOLOGIES LLP
 
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 

Security Trends in the Retail Industry

  • 1.
    Š 2016 IBMCorporation Nick Bradley Sr. Manager and Practice Lead, MSS Threat Research IBM Security Michelle Alvarez Researcher and Editor, MSS Threat Research IBM Security Security Trends in the Retail Industry
  • 2.
    2© 2016 IBMCorporation Today’s panelists Nick Bradley Practice Leader Threat Research Group IBM Security https://securityintelligence.com/author/nick-bradley/ https://www.linkedin.com/in/nick-bradley-3406442 Michelle Alvarez Threat Researcher, Publisher and Editor Managed Security Services IBM Security securityintelligence.com/author/michelle-alvarez/ linkedin.com/pub/michelle-alvarez/65/867/445
  • 3.
    3© 2016 IBMCorporation !  2014 review !  2015 findings –  Attack types targeting retailers –  Black Friday/Cyber Monday trends !  A look at Data Breaches: Attackers are shifting their focus !  POS Malware !  Potential actions for defense !  Addressing fraud Agenda
  • 4.
    4Š 2016 IBMCorporation In 2014, the retail industry remained fourth overall in incident rates, but with an upward trend year-to-year over 2013 Source: IBM Managed Security Services data
  • 5.
    5© 2016 IBMCorporation !  Although the retail industry experienced fewer events than average, the numbers of attacks and incidents were higher than average 2014 saw attackers having a higher success rate with retailers than the cross-industry average Source: IBM Managed Security Services data
  • 6.
    6© 2016 IBMCorporation Prevalent attack vectors targeting the retail industry in 2015 !  Analysis of IBM MSS data accumulated between January 1 2015 and November 30 2015 reveals attack vectors affecting the retail industry. Attacks from the Tor network Malicious documents introduce malware Shellshock !  Criminals often use the Tor network to trade with each other and to launch attacks against surface targets !  5% of attacks against retailers came from the Tor network—a higher percentage than any other industry 2 !  A vulnerability in the GNU Bash shell widely used on Linux, Solaris and Mac OS systems !  The number three attack vector, making up just over 13% of the attacks !  Remains a significant and persistent threat across all industries in 2015 3 4 !  The number one attack vector, making up almost 18% of the attacks !  Attackers trick victims into opening malicious documents or clicking on links to malicious sites !  Intent is almost always to have the victim download malware, which is the largest single attack type !  The number two attack vector, making up just over 14% of the attacks !  Also the number two attack type associated with retail security breaches !  Weak SQL database security policy is a common denominator in successful attacks SQL injection 1
  • 7.
    7© 2016 IBMCorporation !  Attackers do exploit the holiday season via spam, phishing and compromised websites !  However, on average there is no significant uptick in attack activity in the Black Friday/Cyber Monday period !  While traffic may appear to have spiked on Cyber Monday in 2015, the spike is only slightly above average for the holiday timeframe Black Friday/Cyber Monday: attackers were shopping, not attacking Source: IBM Managed Security Services data
  • 8.
    8© 2016 IBMCorporation !  The IBM X-Force Interactive Security Incidents tool on the web provides a continuously updated view of notable security incidents across all industries Retail security incidents occur at a consistent rate throughout the year Source: IBM X-Force Security Incidents data (January 1 2014 – November 31 2015). http://www-03.ibm.com/security/xforce/xfisi/ Note: Data is a sampling of notable incidents for each year and not a full representation of all incidents.
  • 9.
    9© 2016 IBMCorporation !  The number of records reported is down…but the number of incidents is up In 2015, breaches were occurring at a high rate, but companies were not reporting the number of records compromised Records not reported 70% 2015 rate of reporting records compromised in a breach Source: IBM X-Force Interactive Security Incidents data (January 1, 2013 – November 30, 2015). http://www-03.ibm.com/security/xforce/xfisi/ Source: IBM X-Force Interactive Security Incidents data (January 1, 2015 – November 30, 2015). http://www-03.ibm.com/security/xforce/xfisi/
  • 10.
    10© 2016 IBMCorporation !  Attackers are shifting from targeting a few large organizations to targeting a large number of smaller businesses !  A lot of little payoffs can add up to the same $$$ as a few big ones –  Payment card records sell for between $1 and $25 on the black market !  Large breaches can be less effective because compromised credit cards get cancelled faster when the target is a large company that reports all affected credit cards to banks !  Smaller companies may also lack the resources to discover compromises quickly Attackers are shifting their focus to smaller businesses
  • 11.
    11© 2016 IBMCorporation Source: IBM X-Force Security Incidents data (January 1 2011 – November 31 2015). http://www-03.ibm.com/security/xforce/xfisi/ Note: Data is a sampling of notable incidents for each year and not a full representation of all incidents. !  In 44% of the retail breaches sampled, malware was the most relevant attack type !  In 42% of breaches, victim organizations have not to date disclosed exactly what type of attack they sustained !  The banking Trojan “Shifu” scans for POS endpoints and, when it finds one, uses a RAM-scraping plug-in to siphon payment card data !  The Dyre malware, used by cybercrime gangs to attack bank accounts, is adding retail targets to its configuration file, preying on online customer orders Malware “planted” via malicious documents and links is the leading cause of retail breaches in 2015
  • 12.
    12© 2016 IBMCorporation !  POS malware is designed to extract customer payment card (credit and debit) data and send it back to the attacker’s command and control server !  Half of the ten largest retail breaches recorded since 2011 were caused by POS malware. !  These compromises resulted in the theft of nearly 195 million records, the majority containing credit card data. In the retail industry, malware attacks against point-of-sale (POS) systems directly target payment card data Source: IBM X-Force Security Incidents data (January 1 2011 – November 31 2015). http://www-03.ibm.com/security/xforce/xfisi/ Note: Data is a sampling of notable incidents for each year and not a full representation of all incidents.
  • 13.
    13Š 2016 IBMCorporation Recommendations for protecting enterprise and POS systems Update POS software Use endpoint protection Restrict access to the Internet Disallow remote access Segment POS networks Physically protect POS systems Use strong passwords Educate users
  • 14.
    14© 2016 IBMCorporation !  October 2015 in US liability for fraud shifted from card issuers to merchants not using EMV !  Current debate: Which is more secure, chip-and-PIN or chip-and-signature? –  Chip-and-PIN vulnerability: PIN is encoded in magnetic stripe –  Chip-and-signature vulnerability: Signatures are easy to “scribble” !  Will virtual payments replace cards…and present a whole new set of security challenges? Addressing retail fraud: PIN vs signature or physical vs virtual?
  • 15.
    15© 2016 IBMCorporation What you can do to help protect against fraud •  Encourage awareness of “lurkers” •  Consider point-to-point encryption •  Consider contactless POS systems •  Report lost or stolen cards promptly •  Record all your account numbers and their phone numbers •  Don’t lend your cards or leave them unprotected Retailers Consumers
  • 16.
    16© 2016 IBMCorporation !  This and other IBM® X-Force® threat research reports can be downloaded here Get the complete picture About this report This IBM X-Force report was created by the IBM Managed Security Services Threat Research group, a team of experienced and skilled security analysts working diligently to keep IBM clients informed and prepared for the latest cybersecurity threats. This research team analyzes security data from many internal and external sources including event data, activity, and trends sourced from thousands of endpoints managed and monitored by IBM for Managed Security Services accounts around the globe.
  • 17.
    17© 2016 IBMCorporation !  IBM offers key security services to help you address these challenges How IBM can help IBM Security Framework and Risk Assessment IBM Incident Response Planning IBM Managed Security Services IBM Emergency Response Services Assess Plan Respond Manage
  • 18.
    18© 2016 IBMCorporation Learn more about IBM Security V2015-11-23 countries where IBM delivers managed security services industry analyst reports rank IBM Security as a LEADER enterprise security vendor in total revenue clients protected including… 130+ 25 No. 1 12K+ 90% of the Fortune 100 companies Join IBM X-Force Exchange xforce.ibmcloud.com Visit our website ibm.com/security Watch our videos on YouTube IBM Security Channel Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity
  • 19.
    © Copyright IBMCorporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOUwww.ibm.com/security
  • 20.
    © 2016 IBMCorporation Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third- party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. Other company, product, or service names may be trademarks or service marks of others. A current list of IBM trademarks is available at “Copyright and trademark information” www.ibm.com/legal/copytrade.shtml Copyright © 2016 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS document is distributed "AS IS" without any warranty, either express or implied. In no event shall IBM be liable for any damage arising from the use of this information, including but not limited to, loss of data, business interruption, loss of profit or loss of opportunity. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM’s future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer’s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law. Legal notices and disclaimers