Trustwave Report: Malware Continues to Exploit Unsecured Vendor Access

Unsecured remote access accounted for 29.7% of network compromises in 2016, more than double than the year prior, according to findings from the Trustwave Global Security Report.

Source: 2017 Trustwave Global Security Report

The number of incidents in corporate and internal network environments increased from 41% in 2015 to 43% in 2016, indicating companies need to review and improve network security controls to ensure their data is guarded against cyber-attacks.

The incidents affecting POS systems increased significantly from 22% in 2015 to 31% in 2016, raising a warning for the retail industry and other industries using POS terminals.

Source: 2017 Trustwave Global Security Report

Furthermore, malicious remote access represents “a significant hazard with networked POS devices,” accounting for 62% of incidents within POS environments.

Source: 2017 Trustwave Global Security Report

Considering “the cost and effort of securing a network against a data compromise pales in comparison to the cost and effort of cleaning up after a breach,” the Trustwave investigators recommend organizations handling sensitive data adopt security measures based on the Payment Card Industry Data Security Standard (PCI DSS). They provide a list of measures, including recommendations regarding remote access solutions:

  • Enforce multi-factor authentication for 3rd parties
  • On-demand remote access for 3rd parties
  • Extensive auditing and logging for remote access

You can read the complete 2017 Trustwave Global Security Report here.

Secure remote access into your IT infrastructure for 3rd parties

Securing remote access paths into your IT infrastructure for 3rd parties will prevent the proliferation of malware and should be standard practice at every business. Your retail network security strategy should account for remote access by employees and trusted third parties, and your remote support software solution should support multiple security configurations.

Next week we’ll dive deeper into the risk of unsecured remote vendor access in regard to the recent barrage of ransomware attacks. Should you need additional information to help you secure remote access within your network, don’t be shy, contact us.