It’s challenging for a company in any industry to stay on top of the ever-increasing range of methods through which fraudsters might attempt to access its data, but Verizon has zeroed in on three particular types for which retail merchants ought to be on the lookout.
Via Chain Store Age comes news that the communications company has released a study entitled “Data Breach Digest,” which details 18 different data breach scenarios that appeared in the company’s analysis of more than 1,200 companies worldwide over the past three years.
Noting in the report that “there is a lot more commonality than most people realize,” Chris Novak, director of investigative response at Verizon Enterprise Solutions, cites the three breach methods that are most likely to affect retailers: POS intrusion, peripheral tampering and SQL injection. The CSA story summarizes each of those types in turn.
POS intrusion — which Verizon calls the “leaky boot,” notes CSA — relies upon malware that extracts specific data and is frequently used by both organized criminal networks and independent fraudsters. Retailers that fall victim to POS intrusion attacks are usually made aware of that fact by their financial services provider or by law enforcement, as the Verizon study shows that it can take weeks to months for such a discovery to occur and additional days to weeks to put a stop to the intrusion.
Peripheral tampering, as the name implies, involves the tampering of hardware that is connected to a retailer’s (or any type of company’s) computer system. According to Verizon, criminal groups that utilize the method in the U.S. are often based overseas. While discovering peripheral tampering doesn’t take very long (days, if not hours), CSA shares Verizon’s assessment that containing it can take months.
SQL injection — or “snakebite,” as Verizon also refers to it — goes after the point of interaction between an application, particularly an online one, and its back-end database. Discovering (and then containing) this method, notes the report, can often be time-consuming in that there is no standard pattern by which to trace any one such attack’s point of origin.