Don’t Let Your POS Be Your Point of Failure
By Greg Barrette on October 13, 2015
In the retail industry, the biggest threat is compromise of point-of-sale (POS) systems.
If breached through its POS system, a retailer could face multiple security and business issues including exposure of personally identifiable information (PII) of employees and customers and the resultant regulatory fines; stolen credit card information; reputational damage; and a potentially big loss of revenues when customers become wary and shop elsewhere, if orders can’t be processed due to a disruption of the network, or the cost of cleaning up the breach and implementing new software or hardware overtakes any profits gained.
Complicating matters further, the threats are never the same. Attack vectors are always changing.
Is it email?
Will it be drive-by attacks?
Web application attacks?
It’s important for retailers to be able to identify up and coming threats, but they can’t ignore dormant tried and true attacks that have proven devastating and may resurface without warning, unless you know where to look.
It’s very hard to keep pace with all the information about past, present, and future threats. A million different publications, websites, forums, and other sources abound. For many organizations, collecting threat-relevant information is still a very manual labor-intensive process that takes significant time, and often the person or team collecting data has myriad information security or IT responsibilities.
In an ideal world, retailers would receive only relevant, consolidated threat information that provides the technical details necessary to determine if and how a response should occur. Understanding the emerging indicators of compromise (IOCs) allows retailers to focus on the most imminent threats and act accordingly.
Some of the top threats to retail are POS malware, phishing attacks, and email scams. Retailers must know which threats have potential to impact the organization and its employees and customers. A proactive organization also recognizes the necessity of seeing threat data across the industry, understanding what methods of attack are in use, and receiving real-time alerts when heightened activity around an attacker and or an exploit materializes. The ability to customize how and when this data is available allows organizations to create an effective threat intelligence program.
An integral part of an effective threat intelligence program is having a single, automated source that collects, organizes, contextualizes, and presents accurate and actionable data. Retailers don’t have time to collect and analyze this intelligence from the Web; their focus must be on providing the goods and services that keep business profitable.
Recorded Future does the heavy lifting for retailers, combing through Web sources, forums, and paste sites to see what’s happening and what’s important.
With Recorded Future a retailer can be alerted in real time about leaked credentials or vulnerabilities that allow an attacker to access the back end of the POS system, new POS exploits, or emerging POS malware. Details about another retail compromise could indicate a threat.
Information on industry executives that are being targeted could mean the organization should reinforce protections around that executive’s systems and applications. When retail store employees are the victims of phishing scams, knowing what’s happening instantly and being able to educate and inform relevant parties can save the organization from compromise or help stop the spread before too much damage is done.
You can’t stop what you don’t know, though.
In this demo, see how Recorded Future can provide real-time threat intelligence into targets of POS malware, as well as observable technical indicators.
Recorded Future real-time threat intelligence for point of sale is helping retail organizations find emerging indicators of compromise. Through customized alerts and dashboards, retailers’ security teams have a “single pane of glass” through which they can view emerging threats on the Web that could cripple POS systems.
Our Web Intelligence Engine scours over 700,000 sources on the Web to find the most relevant information that will become the backbone of the threat intelligence program.
To be more proactive – accurately and quickly identify emerging threats – contact us for a personalized demo.