Many of the notable retail brands across the world have now become victims of point of sale
(POS) security breaches focusing consumer payment card data. In majority of cases, reported in the US, UK, Australia and several Asian countries, POS attacks were due to malware infections.
During the last few years there has been a considerable increase in malware including Dexter, POSCardStealer, Alina, BlackPOS, ProjectHook, vSkimmer and others, experts say.
According to Verizon Data Breach Investigations Report (DBIR), close to 200 incidents of POS intrusions has been reported in 2014. Another report quoting ABI Research saying that the total number of POS security breach incidents with data exposure will reach 600 by 2015 end.
Most of the attacks are highly sophisticated, deploying tough-to-detect and tailor-made malware, which requires substantial lateral movement within the compromised network for detection, experts feel, adding, small businesses which do not have dedicated security resources in their retail environments, are at great risk.
The rising POS-related malware penetration across the globe has increased the demand for security solutions to protect the POS environment. Payment Card Industry (PCI) compliance in the US is a key market driver forcing enterprises to adopt security solutions to protect sensitive card data at POS counters. Similar initiatives should be adopted in other nations too.
Leading data security players Intel Security, VeriFone, Ingenico, Bit9 Carbon Black, HP, Dell SecureWorks, Trend Micro, Cisco, Check Point, Symantec, Fortinet, Juniper Networks and Palo Alto Networks provide innovative security solutions for POS market.
According to digital security experts, one of the important technologies that can be used to protect POS is 'network segmentation' that can be achieved by using next-generation firewall (NGFW).
Once unauthorized access is detected, network segmentation can offer effective controls to avoid the next level of network intrusion and reduce further movement of malware across the system.
"The major advantage of NGFW is that it provides network segmentation through application servers and hence data can be defined in different segments based on the risk factors and security classifications, with access to them being tightly controlled," Monolina Sen, ABI Research's Senior Analyst in Digital Security, said.
Experts believe that in the coming days, enterprises of all sizes will migrate from traditional POS protection mechanisms to next-generation firewalls.