POS compromises are increasingly common in the commercial sector but remain rare in the government sector. The POS is the location where money transfers from the buyer to the seller at a retail store. Compromises can include physical tampering with pinpads or cash registers, complicit employees, or computer viruses. The compromise may affect the cash register or the computer that processes the credit card payments, and may target debit cards and pin numbers or credit card information.
“Doxing” is the publication of personally identifiable information (PII) of someone to the internet, generally for malicious purposes. The kinds of information disclosed may include the victim’s home addresses, family members’ information, and financial information.
Hacktivist groups dox government officials in response to perceived injustices with the objective of embarrassing the victim, or providing the information so others may target the victim for malicious activity. In some cases, organized cyber criminal groups and criminals may take advantage of information released during doxing incidents but are not known to conduct the activity themselves.
IoT refers to internet-enabled electronic devices which are not computers, smartphones, or tablets. These may include lightbulbs, refrigerators, coffee makers, and toys, and are internet-enabled to facilitate ease of use for owners. For instance, with a light bulb connected to the internet, it is possible for the owner to use a smartphone application to remotely turn it off and to monitor its power usage. Unfortunately, these devices frequently do not contain security components, so it may be possible for a remote attacker to use such a device to start a fire (e.g.
