One of the services that we provide to members of the SMBKitchen ASP at Third Tier are classified documents prepared by various government agencies relating to IT security. Being aware of the current threats can give you a leg up on protecting your clients. Having access to the research let’s you understand the threats in a way that your competition simple won’t. When you know more, you can provide more value to your clients. It really is that simple.
We’ve never before been able to share this information with the general public but recently this document came to us and was declassified for public consumption. Below is the first page and link to document the full document.
This advisory was prepared in collaboration with the Financial Services Information Sharing and Analysis Center (FS-ISAC), the United States Secret Service (USSS), and the Retail Cyber Intelligence Sharing Center (R-CISC), and is directed towards retailers or companies which are processing financial transactions and managing customer personally identifiable information (PII) during the upcoming holiday season and beyond. This advisory serves to provide information on and recommends possible mitigations for common cyber exploitation tactics, techniques and procedures (TTPs) consistently and successfully leveraged by attackers in the past year. Many of these TTPs have been observed by the FS-ISAC, through its members, and identified in Secret Service investigations.
The TTPs discussed in this report include:
• Exploiting commercial application vulnerabilities
• Unauthorized access via remote access
• Email phishing
• Unsafe web browsing from computer systems used to collect, process, store or transmit customer information
This document provides recommended security controls in these four commonly observed areas to protect customer data and also provides recommendations to smaller merchants who should work with their vendors to implement these recommendations (see Appendix A).
This advisory is not intended to be a robust, all-inclusive list of procedures as attackers will modify TTPs depending upon the target’s network and vulnerabilities. This report does not contain detailed information about memory scraping Point of Sale (PoS) malware that has been used in recent high- profile data breaches. Secret Service investigations of many of the recent PoS data breaches have identified customized malware only being used once per target. A list of observed PoS malware families is provided in Appendix B.
These recommendations should be analyzed by cyber threat analysis and fraud investigation teams based on their operational requirements. The information contained in this advisory does not augment, replace or supersede requirements in the Payment Card Industry Data Security Standard (PCI DSS); however, the PCI DSS version 3.0 recommendations are cited when appropriate.1
Not a Third Tier customer yet? Let me introduce: We’re Third Tier. We provide advanced Third Tier support for IT Professionals and MicroStaffing for IT consulting firms. Come on over, create an account (no charge) and follow our social media locations.