The ATM celebrates its 50th anniversary this year. Some of the oldest cash machines still in use today date back to an era when network security was relatively unsophisticated. Protecting connections between large numbers of disparate ATMs and the banks’ processing centers using VPNs is relatively straightforward. Yet, some banks have not yet taken adequate protective measures. As the Internet of Things gathers pace, the need to protect machine-to-machine communications is becoming urgent. Cybercriminals’ recent success in carrying out remote attacks on ATMs is a timely reminder of how important secure remote connectivity has become for M2M environments.
People are often quick to adapt – now we don’t seem to blink an eyelid when we read news about another hacked server and the loss of a few million records of personal data. Only the most spectacular cases often attract our attention such as an attack on a high profile target like the German parliament or incidents where vast amounts of data were stolen, for example the Yahoo breach. And the bar is constantly being raised of what needs to happen to catch our attention. News which used to grab headlines throughout the media is now limited to specialist magazines or blogs. Nevertheless, companies are paying attention to such threats as a high priority. A study by PriceWaterhouseCoopers lists cybercrime as the second most reported economic crime. In the study, 32 percent of companies said they had already been victims of cybercrime and 34 percent expected an incident in their company over the next two years. Analysing the development of cybercrime in the last few years reveals interesting trends. A infographic on Bestvpn.com lists the 10 most serious incidents according to the impact or the quantity of stolen data. Although the list is based on incidents in America, the findings are impressive. Even the last place begins at 50 million data records stolen from the retailer Home Depot in 2014.
The threat of cybercrime against retailers is ever present. According to the 2016 Global Threat Intelligence Report, retailers are the top targets and receive up to three times the number of attacks as second placed financial institutions. Around 70% of retailers in Europe admit to being targeted while 45% of the attacks are known to have been successful. In the past 12 months, the US retail sector has also seen repeated attacks on electronic point-of-sale (POS) systems as well as consistently high volumes of phishing emails aimed at tricking insiders into giving access to corporate networks. With online takings expected to account for 21% of overall sales in 2017, cybercriminals will continue to try and profit from any vulnerabilities they can find in retail systems. To counter this, retailers have a variety of mitigation techniques available to them including VPNs. The best security remains multi-layered since no single technology can nullify all threats at all times.
Another first for 2016: at the weekend, another unprecedented event occurred which left significant numbers of Deutsche Telekom customers with difficulties accessing the internet or no internet access at all. As is now widely known, the outage was caused by a malicious attack – which was not entirely successful − rather than a technical fault. The attackers attempted to exploit the TR-069 protocol used on customer routers and add them to a bot net. 900,000 users are reported to have been affected.