Tech Support

Trustwave Report: Malware Continues to Exploit Unsecured Vendor Access

Unsecured remote access accounted for 29.7% of network compromises in 2016, more than double than the year prior, according to findings from the Trustwave Global Security Report.

Source: 2017 Trustwave Global Security Report

The number of incidents in corporate and internal network environments increased from 41% in 2015 to 43% in 2016, indicating companies need to review and improve network security controls to ensure their data is guarded against cyber-attacks.

The incidents affecting POS systems increased significantly from 22% in 2015 to 31% in 2016, raising a warning for the retail industry and other industries using POS terminals.

Source: 2017 Trustwave Global Security Report

Furthermore, malicious remote access represents “a significant hazard with networked POS devices,” accounting for 62% of incidents within POS environments.

Source: 2017 Trustwave Global Security Report

Considering “the cost and effort of securing a network against a data compromise pales in comparison to the cost and effort of cleaning up after a breach,” the Trustwave investigators recommend organizations handling sensitive data adopt security measures based on the Payment Card Industry Data Security Standard (PCI DSS). They provide a list of measures, including recommendations regarding remote access solutions:

  • Enforce multi-factor authentication for 3rd parties
  • On-demand remote access for 3rd parties
  • Extensive auditing and logging for remote access

You can read the complete 2017 Trustwave Global Security Report here.

Secure remote access into your IT infrastructure for 3rd parties

Securing remote access paths into your IT infrastructure for 3rd parties will prevent the proliferation of malware and should be standard practice at every business. Your retail network security strategy should account for remote access by employees and trusted third parties, and your remote support software solution should support multiple security configurations.

Next week we’ll dive deeper into the risk of unsecured remote vendor access in regard to the recent barrage of ransomware attacks. Should you need additional information to help you secure remote access within your network, don’t be shy, contact us.

Related

December 4, 2018 at 2:25 PM
In "rdp hack", "data breach", "credit card hack", "data security", "Credit card data theft", "credit card breach"
November 29, 2018 at 2:01 PM
In "secure remote support software", "Enterprise Remote Support", "Financial Technology", "Financial Services", "financial security", "remote support for atms", "remote access for atms", "atm support", "secure remote control", "Secure remote access"
October 2, 2018 at 11:12 AM
In "IT Security", "rdp security", "RDP ransomware", "RDP security risk", "rdp hack", "RDP attack vector", "rdp", "Secure remote access"

Subscribe to Email Updates

OUR LOCATIONS

Birkerød, DK
Portland, OR, US
Bucharest, RO
Manila, PH

Americas: +1 866 725 7833
Worldwide: +45 8987 4424

Our Tweets

RECENT POSTS