POS fraud - trends and counter-actions to mass fraud

Presented at VB2015, Oct. 1, 2015, 10 a.m. (30 minutes)

Point-of-sale (POS) ecrime fraud was of little discussion until the fall of 2013. Since that time a large number of retail stores in the US have announced major breaches. The number of infected organizations is in the thousands, with credit card breaches reaching new heights. Some fraudsters have even captured PIN values associated with credit cards. In some incidents, POS fraud took place on networks for months prior to companies realizing they had a security breach. In multiple cases it took weeks to properly identify and mitigate sophisticated POS malware from compromised networks.

POS fraud didn't start in 2013 but many years prior. Just as has been seen in other emergent markets, including botnets and rootkits, POS fraud is now reaching an apex of emergence for maximum profits. A new industry group has been formed to help battle POS fraud, but will it help? Major credit card companies in the US have stated they are moving to 'chip-and-PIN' technology, but will it stop fraud? How have fraudsters already adjusted to counter-ecrime efforts seen globally as POS fraud has emerged and how does that paint a picture of what will happen in the next five years for POS fraud?


Presenters:

  • Ken Dunham - iSIGHT Partners
    Ken Dunham Ken Dunham has over two decades of experience on the front lines of information security. He currently works as a Principle Engineer on the International Incident Intelligence Team for iSIGHT Partners and as CEO of the non-profit Rampart Research (of which he is also founder) and consulting firm 4D5A Security Inc. He regularly briefs top level executives and officials in Fortune 500 companies and manages major newsworthy incidents globally. Formerly, Mr Dunham led training efforts as a contractor for the USAF for the U-2 reconnaissance, Warthog Fighter, and Predator (UAV) programs. Concurrently he also authored top websites, freeware anti-virus and other software, and taught at multiple levels on a diverse range of topics. Mr Dunham is the author of multiple books, is a regular columnist, and has authored thousands of incident and threat reports over the past two decades. He holds a Master's of Teacher Education degree and several certifications: CISSP, GCFA Gold (forensics), GCIH Gold (Honors) (incident handling), GSEC (network security), GREM Gold (reverse engineering) and GCIA (intrusion detection). He is also the founder and former President of Idaho InfraGard and Boise ISSA, is a member of multiple security organizations globally, and a former Wildlist Organization reporter. In 2014, Mr Dunham was awarded the esteemed ISSA International Distinguished Fellow status reserved for one per cent of security experts globally within the organization.

Links:

Similar Presentations: