Dell annual Threat Report today said retailers were not the only targets, as there was a rise in POS attacks attempted among Dell SonicWALL customers.
The Dell SonicWALL Threat Research Team created 13 POS malware signatures in 2014 against three in 2013 for a 333 percent increase in the number of new POS malware countermeasures developed and deployed.
The majority of these POS hits targeted the U.S. retail industry.
In addition to the increased quantity of attacks, Dell threat researchers observed an evolution of POS malware tactics.
For many years, financial institutions and other companies that deal with sensitive information have opted for the secure HTTPS protocol that encrypts information being shared, otherwise known as SSL/TLS encryption. More recently, sites such as Google, Facebook, and Twitter began adopting this practice in response to a growing demand for user privacy and security.
Hackers have identified ways to exploit HTTPS as a means to hide malicious code. Given that data transmitted over HTTPS is encrypted, traditional firewalls fail to detect it. Without a network security system that provides visibility into HTTPS traffic, organizations run the risk of letting malware from sites using HTTPS enter their systems and go undetected.
Dell’s research saw a rise in HTTPS traffic in 2014, which could lead to an increase in attacks leveraging encrypted web traffic in 2015.
Dell noticed a 109 percent increase in the volume of HTTPS web connections from the start of 2014 to the start of 2015.
In December 2014, Forbes’ Thought of the Day interstitial page was hijacked by Chinese hackers to distribute malware over a three-day period.
Industrial operations leverage SCADA systems to control remote equipment and collect data on that equipment’s performance. Attacks against SCADA systems are on the rise, and tend to be political in nature as they target operational capabilities within power plants, factories, and refineries.
Dell SonicWALL saw an increase in SCADA attacks against its customer base this year.
2014 saw a 2x increase in SCADA attacks compared to 2013.
The majority of these attacks targeted Finland, the United Kingdom, and the United States; one likely factor is that SCADA systems are more common in these regions and more likely to be connected to the Internet.
More organizations will enforce security policies that include two-factor authentication. Along with this development we will see an increase in attacks against these technologies.
Dell said Google Android will remain a hot target for malware writers. Dell expects new, more sophisticated techniques to thwart Android malware researchers and users by making the malware hard to identify and research.
The emergence of more malware for Android devices targeting specific apps, banks, and user demographics, along with more malware tailored for specific technologies, such as watches and televisions, is expected.
As wearable technology becomes more widespread in the next year, expect to see the first wave of malware targeting these devices.
Digital currencies including Bitcoin will continue to be targeted; Botnets will be involved in the digital currency mining attacks.
Home routers and home network utilities, such as surveillance systems, will be targeted and perhaps used to assist large DDoS attacks.
Electric vehicles and their operating systems will be targeted.