How you can avoid being the next victim.

This article is an excerpt from our ebook, Current Hacking Trends. To download your free copy of the complete ebook, click here.

The recent outbreak of highly publicized breaches (we’re looking at you Target and Neiman Marcus) has processors, merchants, and consumers losing sleep over payment card security.


To help further the fight against fraudsters and data thieves, the SecurityMetrics Forensic Investigation team has identified several common attack types associated with recent breaches.

The remote access and VPN attack

Whether it’s to work from home or allow a service provider offsite network access, remote access offers flexibility, convenience, and outsourcing opportunities that benefit many businesses. However, remote access isn’t just convenient for business owners. Virtual Private Network (VPN) and remote access technology can also provide hackers an open door to business systems.

One of the main concerns with remote access is that while you may be able to manage security on one end, there is no guarantee of security on the remote user’s side. Hackers may use a remote user as a Trojan horse to gain access to the business network. This is only one example of the many ways VPN and remote access technology can be used against you.

Did you hear about Buffalo Wild Wings, Taco Bell, and Dairy Queen POS breach that stemmed because of insecure remote access?

How to protect against these attacks:

  1. Double-check the doors. Run a port scan to determine if you currently have open VPN or remote access ports.
  2. Take control of your security. Don’t simply trust the security of remote users. Implementstrong authentication processes to keep remote access secure.
  3. Update your firewall. Make sure to regularly update your firewall and ensure that inbound rules provide adequate protection.
As hackers continue to evolve their attack methods, it’s important for businesses to protect against current threats.

Take a look at current forensic trends with Aaron Willis, SecurityMetrics Forensic Analyst in this webinar.


This article is an excerpt from our ebook, Current Hacking Trends. To download your free copy of the complete ebook, click here.

Monday, August 25, 2014