March 24th, 2011
Trustwave, a leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations, released its “Global Security Report 2011″ last week. The report includes Trustwave’s findings after the analysis of over 220 investigations held last year. Including the possibility of the existence of a single organized crime group, responsible for 36% of attacks investigated by SpiderLabs in 2010.
The report suggests that drop in breaches within the hospitality industry(from 38% in 2009 to 10% in 2010) was probably caused by this crime group expanding their list of targets to include food and beverages and retail markets. As with previous years, the majority of cases involved payment card data breaches, accounting for 85% of all types of data breaches seen last year.
The targeting of payment card data is expected, as payment card fraud is an established business, and this data can be easily sold or laundered through established black market networks to realize financial gain. -Trustwave
One point that I found quite interesting is that in 87% of the point-of-sale breaches, third party integrators used some form of default credentials with either remote access systems or at the operating systems layer. This is something people in the hosting industry should also be careful about. Majority of the attacks on hosting accounts occur via third party software installed on that account. Almost all of which have a default username/password pair to be used after installation. Most of them require you to change it after first login, but many do not!
The section that would be of most important to server owners and administrators would be the final “Strategic Initiatives for 2011″. You may already have these systems in place, but according to the report, many of the successful attacks were on organizations that “thought” they were fully covered! So why take a chance? The full report can be found here.
About the Author:
Hamish joined Bobcares in July of 2004, and since then has grown to be well versed in the Control Panels and Operating systems used in the Web Hosting industry today. He is highly passionate about Linux and is a great evangelist of open-source. When not at work, he keeps himself busy populating this blog with both technical and non-technical posts. When he is not on his Xbox, he is an avid movie lover and critic