Dell Threat Report Finds POS, SSL, SCADA attacks on the Rise

Security threats centering around point-of-sale (POS) breaches and encrypted data continue to rise despite the IT industry’s increased effort to thwart attackers, according to new research from Dell.

The company released its 2015 Dell Security Annual Threat Report this week, which found that both businesses and individuals increasingly are falling victim to malicious attacks from several key areas, including POS malware variants and attacks from SSL/TLS encrypted protocols. Dell also found a 100 percent increase in attacks against industrial control systems during this year’s analysis.

“Everyone knows the threats are real and the consequences are dire, so we can no longer blame lack of awareness for the attacks that succeed,” said Patrick Sweeney, executive director of Dell Security, in a statement. “Hacks and attacks continue to occur, not because companies aren’t taking security measures, but because they aren’t taking the right ones.”

The frequency of POS malware variants on consumer payment information was among the largest security issues of 2014, with major breaches from companies including Target, Home Depot, Michaels and Staples being top of mind, according to the report. Dell SonicWall created 13 POS malware signatures in 2014 compared to three signatures in 2013, signaling a 333 percent increase in POS malware countermeasures developed and deployed, according to the company. The increase in POS attacks was led by the use of new tactics including memory scraping and the use of encryption to hide malware from firewall detection.

Dell also reported a surge in malware being encrypted through SSL and TSL traffic, which usually are associated with secure HTTPS websites. With the number of websites using secure encryption rising by more than 100 percent last year, Dell discovered hackers have begun encrypting their malware to avoid detection from corporate firewalls.

Finally, Dell found that attacks have doubled on supervisory control and data acquisition systems, which control remote equipment and collect performance data. The majority of these attacks targeted SCADA systems in the United States, United Kingdom and Finland, according to the report.

While attackers continue to find new ways to exploit sensitive information and systems, there are ways businesses and individuals can protect against the threat of attack. Dell recommends enterprises develop multiple layers of protection for their corporate networks to lessen the chance of malicious software reaching sensitive information. Several basic methods of protection include expanding employee education and training, setting up next-generation firewalls and protecting endpoints from attack. The company also recommended enterprises invest in SSL/TLS inspection capabilities to detect malware hidden in encrypted traffic, as well as to ensure that mobile solutions and remote work environments are protected.

Results from this year’s Threat Report were gathered via research from Dell’s Global Response Intelligence Defense network and telemetry data from Dell SonicWall network traffic.

Dell’s findings are in line with many other similar studies on IT security, including CompTIA’s recent Trends in Information Security study, which found the increased availability of hacking tools and the growing sophistication of hackers are among the most worrisome risks to enterprise security.

While it’s unlikely that cybersecurity threats will ever cease to be a problem for enterprises and individuals altogether, it’s important to remember there are tried-and-true ways to protect against the likelihood of attacks, so long as we are vigilant in exercising them. As any security provider worth their salt would say, the true danger lies in complacency; security should always be top of mind, because hackers don’t take vacations.