Upload
robert-lundahl
View
46
Download
1
Embed Size (px)
Citation preview
APPLICATIONEXPLOITS
AUTHENTICATIONACCESS/AUTHORIZATION 2%
2%
Nuspire crunched data for retailersin its customer base over a 6 monthperiod and found that Tickets generat-ed from Security Information Event Management (SIEM) systems have seen a huge increase in the amount of maleware alerts over the last two years.
This shows that hackers are attacking retailers with different variants of maleware in hopes that one will stick and gain access to valuable data. 2014 saw a trend in most retail hacks being maleware based.
BreachHacker steals Credit Card Data
Gift CardsBuyer purchases Retailer Gift Cards using stolen Credit
Online AuctionBuyer uses Gift Cards to purchase items then sell online through eBay or other sites
Web BuyerPurchases validcredit card numbers using Bit Coins
Deep Web Distributor sells cards online through Black Market on “Deep Web”
ReshippedShipper takes original delivery of item and re-ships to online auction buyer
DistributorHacker sells cards in bulk to distributor
101011001010100100100101001010010010101
101010010001101001010010100100101010010
010011101011010011101010101001001000101
101000110101010010101001001010010010101
101011001010100100100101001010010010101
101010010001101001010010100100101010010
010011101011010011101010101001001000101
101000110101010010101001001010010010101
101011001010100100100101001010010010101
101010010001101001010010100100101010010
010011101011010011101010101001001000101
101000110101010010101001001010010010101
1010
1100
1010
1001
0010
0101
0010
1001
0010
101
1010
1001
0001
1010
0101
0010
1001
0010
1010
010
0100
1110
1011
0100
1110
1010
1010
0100
1000
101
1010
0011
0101
0100
1010
1001
0010
1001
0010
101
OF THE
year2014
RETAILDATA BREACH
20 Oct. 2014StaplesBreach Public
10 Oct. 2014KmartBreach Public
02 Sep. 2014Home DepotBreach Public
14 Aug. 2014Jewel - OscoBreach Public
14 Aug. 2014SupervaluBreach Public
21 Jul. 2014GoodwillBreach Public
06 Jun. 2014P.F. ChangBreach Public
03 Mar. 2014Sally BeautyBreach Public
25 Jan. 2014Michaels StoresBreach Public
10 Jan. 2014Neiman MarcusBreach Public
05 Dec. 2014bebe storesBreach Public
Payment information for 56 million credit cards was compromised in a security breach at Home Depot which took place between April and September of 2014
Although o�cial numbers on the Sally Beauty breach are still being investigated, on March 2, a fresh batch of 282,000 stolen credit and debit cards went on sale in a popular under-ground crime store,
On Tuesday, June 10, the U.S. Secret Service alerted P.F. Chang's to a possible security compromise in-volving credit and debit card data stolen from cer-tain P.F. Chang's China Bistro restaurants. 33 restaurants were involved
bebe says its investigation suggests the attack was on data from payment cards swiped in stores between Nov. 8 and Nov. 26. The data may have included cardholder names, ac-count numbers, expiration dates, and veri�cation
1.5%
1.6%
4.7%
9.6%
2014 Percentage of Records Stolen*
Banking/CreditFinancial
Government/Military
Medical/Healthcare
Educational
Incidents of Business/Retail hacking since 2007 has grown by
AFTER CREDIT DATA IS STOLENIT CAN BE LAUNDERED IN MANYWAYS THROUGH BLACK MARKETSON THE
2014 BREACH CATEGORIES
IS YOUR DATA SAFE WHERE YOU SHOP?
DEEP WEB
11.7%
26.1%
13%
7.5%
14.3%
9.3%
InsiderTheft
Hacking
Data onthe Move
AccidentalExposure
3rd PartyContractor
EmployeeNegligence
IF YOU NEED TO PROTECT GEOGRAPHICALLYDISPERSED AND DISTRIBUTED NETWORKS
SUCH AS RETAIL, FRANCHISE AND BRANCH OFFICESFROM TODAY’S THREAT LANDSCAPE, NUSPIRE CAN HELP