Sharing Threat Intelligence at Both Ends of the Chain

An SC Magazine e-book came out recently, dubbed “Retail Retaliation,” which gives a good summation of some of the issues facing retailers these days. It’s an oversimplification to say it’s all about that POS, but we certainly know that attackers are going to keep exploiting vulnerabilities where the transactions occur.

Ranging from physical compromise of the POS system to malware drops, lateral attacks across the network, supply chain tampering, and application-level fraud, there are multiple layers and vectors to monitor. Threat intelligence encompasses much more than machine-readable indicators that go straight into a rule or a filter: it has to include tactics and techniques such as misusing the transaction communication system to send spam, or hijacking customer accounts to commit warranty fraud. While trading indicators on POS malware is important, we need to make sure that the information exchange goes all along the supply chain, the “kill” chain, the transaction chain, and the fraud chain.

More Recent Blog Posts

2024 RH-ISAC Cyber Intelligence Summit logo

Register for RH-ISAC Summit

Our biggest event of the year is coming up soon! Join RH-ISAC April 9-11 in Denver for our annual three-day conference featuring interactive, practitioner-led discussions, breakout sessions, and keynote presentations.