Home » SME » Dell Annual Threat Report Sheds Light on Emerging Security Risks

Dell Annual Threat Report Sheds Light on Emerging Security Risks

Dell today announced the results of its annual Threat Report, which leverages research from Dell’s Global Response Intelligence Defense (GRID) network and telemetry data from Dell SonicWALL network traffic to identify emerging threats.This year’s report found a surge in point-of-sale (POS) malware, increased malware traffic within encrypted (https) web protocols, as well as twice the number of attacks on supervisory control and data acquisition (SCADA) systems over 2013.

“Everyone knows the threats are real and the consequences are dire, so we can no longer blame lack of awareness for the attacks that succeed,” said Patrick Sweeney, executive director, Dell Security. “Hacks and attacks continue to occur, not because companies aren’t taking security measures, but because they aren’t taking the right ones.”

Retail industry experiences surge in point-of-sale (POS) malware and attacks

The report shows that these retailers were not the only targets, as Dell also saw a rise in POS attacks attempted among Dell SonicWALL customers. The Dell SonicWALL Threat Research Team created 13 POS malware signatures in 2014, compared to three in 2013.   The majority of these POS hits targeted the U.S. retail industry.

More companies exposed to attacks within “secure” HTTPS web protocol

Hackers have identified ways to exploit HTTPS as a means to hide malicious code. Given that data (or in this case malware) transmitted over HTTPS is encrypted, traditional firewalls fail to detect it. Without a network security system that provides visibility into HTTPS traffic, organizations run the risk of letting malware from sites using HTTPS enter their systems and go undetected.

  • Dell saw a 109 percent increase in the volume of HTTPS web connections from the start of 2014 to the start of 2015.
  • Encrypted malware attacks have already begun to target mainstream media sources. In December 2014, Forbes’ Thought of the Day interstitial page was hijacked by Chinese hackers to distribute malware over a three-day period.

Attacks double on supervisory control and data acquisition (SCADA) systems

Industrial operations leverage SCADA systems to control remote equipment and collect data on that equipment’s performance. Attacks against SCADA systems are on the rise, and tend to be political in nature as they target operational capabilities within power plants, factories, and refineries.

  • 2014 saw a 2x increase in SCADA attacks compared to 2013.
  • The majority of these attacks targeted Finland, the United Kingdom, and the United States; one likely factor is that SCADA systems are more common in these regions and more likely to be connected to the Internet.
  • Buffer overflow vulnerabilities continue to be the primary point of attack.

 

Check Also

An online Special Vendor Development Programme (SVDP) for Micro & Small Enterprises (MSEs) was jointly organized by NTPC MSME Cell- CC&M and National SC-ST Hub (NSSH), NSIC, Okhla in New Delhi.

NTPC MSME cell organized Online Special Vendor Development Programmefor MSEs owned by Women and SC/ST entrepreneurs

An online Special Vendor Development Programme (SVDP) for Micro & Small Enterprises (MSEs) was jointly …

Do NOT follow this link or you will be banned from the site!