PoS Attacks on the Rise and Spam Rebounds, Trustwave Reports

Security services firm Trustwave released its 92-page 2017 Global Security Report on June 20, providing insight into security trends observed by the firm from data breach investigations conducted around the world. One trend was a growing volume of point-of-sale (PoS) system breaches, which grew to 31 percent of breached environments analyzed by Trustwave in 2016, up from 22 percent in 2015. “Cybersecurity in 2016 had both highlights and lowlights,” Trustwave CEO and President Robert J. McCullen said in a statement. In this slide show, eWEEK looks at both the highlights and the lowlights of the 2017 Trustwave Global Security Report.

The most common environment compromised by the breaches analyzed by Trustwave in 2016 were corporate and internal networks. The second most common were point-of-sale (PoS) systems at 31 percent, up from 22 percent in 2015.

Different industries have different risk factors and were found to be breached in different ways. In the retail industry, e-commerce breaches were the most common, while in the financial services industry corporate/internal network compromises were the most common.

According to Trustwave’s analysis, the median time between an attacker intrusion and detection in 2016 was 49 days, down from 80.5 days in 2015.

The time it takes for an organization to discover an intrusion is typically significantly faster when the organization is able to detect a breach on its own. According to Trustwave, the median time between an intrusion and internal detection was 16 days in 2016. In contrast, if the breach was externally detected, the median was 65 days.

When a breach was discovered by an organization’s internal resources, the median time between detection and containment was only two days. When a breach was externally detected, that time rose to a median of 22 days.

Looking specifically at web attacks, Trustwave found that Cross-Site Scripting (XSS) is the top attack, representing 20.1 percent of the top 10 attacks and approximately 13 percent of all attacks analyzed.

As part of its penetration (pen) testing engagements, Trustwave was able to discover different critical vulnerabilities. The most common vulnerability discovered through pen testing was authentication bypass flaws, which enable attackers to get access to a system or application without being properly authenticated.

After a steady decline in spam from 2010 to 2015, Trustwave reported that the trend changed direction in 2016. According to Trustwave’s analysis, 59.8 percent of all inbound email was spam in 2016, up from 54.1 percent in 2015.