Point-of-Sale Breaches, Spam on the Rise, Trustwave Reports | eWeek

PoS Attacks on the Rise and Spam Rebounds, Trustwave Reports

Server breach 2
Jun 21, 2017
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More


PoS Attacks on the Rise and Spam Rebounds, Trustwave Reports

1 - PoS Attacks on the Rise and Spam Rebounds, Trustwave Reports

Security services firm Trustwave released its 92-page 2017 Global Security Report on June 20, providing insight into security trends observed by the firm from data breach investigations conducted around the world. One trend was a growing volume of point-of-sale (PoS) system breaches, which grew to 31 percent of breached environments analyzed by Trustwave in 2016, up from 22 percent in 2015. “Cybersecurity in 2016 had both highlights and lowlights,” Trustwave CEO and President Robert J. McCullen said in a statement. In this slide show, eWEEK looks at both the highlights and the lowlights of the 2017 Trustwave Global Security Report.


PoS Attacks Growing

2 - PoS Attacks Growing

The most common environment compromised by the breaches analyzed by Trustwave in 2016 were corporate and internal networks. The second most common were point-of-sale (PoS) systems at 31 percent, up from 22 percent in 2015.


IT Environment Compromises Vary by Industry

3 - IT Environment Compromises Vary by Industry

Different industries have different risk factors and were found to be breached in different ways. In the retail industry, e-commerce breaches were the most common, while in the financial services industry corporate/internal network compromises were the most common.


Time to Detection Declined

4 - Time to Detection Declined

According to Trustwave’s analysis, the median time between an attacker intrusion and detection in 2016 was 49 days, down from 80.5 days in 2015.


Advertisement

What’s Faster, Internal or External Breach Detection?

5 - What's Faster, Internal or External Breach Detection?

The time it takes for an organization to discover an intrusion is typically significantly faster when the organization is able to detect a breach on its own. According to Trustwave, the median time between an intrusion and internal detection was 16 days in 2016. In contrast, if the breach was externally detected, the median was 65 days.


Breach Containment Slower When Intrusion Is Externally Detected

6 - Breach Containment Slower When Intrusion Is Externally Detected

When a breach was discovered by an organization’s internal resources, the median time between detection and containment was only two days. When a breach was externally detected, that time rose to a median of 22 days.


XSS Is the Leading Web Attack

7 - XSS Is the Leading Web Attack

Looking specifically at web attacks, Trustwave found that Cross-Site Scripting (XSS) is the top attack, representing 20.1 percent of the top 10 attacks and approximately 13 percent of all attacks analyzed.


Penetration Testing Reveals Authentication Bypass Risks

8 - Penetration Testing Reveals Authentication Bypass Risks

As part of its penetration (pen) testing engagements, Trustwave was able to discover different critical vulnerabilities. The most common vulnerability discovered through pen testing was authentication bypass flaws, which enable attackers to get access to a system or application without being properly authenticated.


Spam Rebounds

9 - Spam Rebounds

After a steady decline in spam from 2010 to 2015, Trustwave reported that the trend changed direction in 2016. According to Trustwave’s analysis, 59.8 percent of all inbound email was spam in 2016, up from 54.1 percent in 2015.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.