Big Brands Defenseless Against POS Malware

February 3, 2014 in Data Breach, Malware

2014 could go down as one of the most significant years in the world of cybersecurity, and malware in particular. It wasn’t just the small window that revealed data breaches at Target, Neiman Marcus, Michaels Craft Stores and potentially dozens of other retailers. Nor was it the fact that this explosion in data breaches could all be the work of a seventeen-year-old.

What’s really troubling about the last 30 days is how defenseless some of the biggest brand names seem to be against to this new strain of malware. A strain that may not actually be that new after all, but which has security experts around the world worried if their networks and systems could already be infected with the same kind of malware.

Here’s what we know, or at least we think we know, so far. A young programmer in Russia, who’s either 24-years-old or seventeen-years-old depending on which investigator you listen to, developed a malware kit that focused on intercepting credit and debit cards at the moment they were swiped by customer at Point of Sale (PoS) systems and cash registers.

The malware was so good it was easily able to avoid the security of encryption by grabbing the data in that millisecond of time when the data had yet to be encrypted. But that wasn’t the best, or worst part. The best, or worst, part, depending on your perspective, is that crooks were able to get this malware into the networks of Target and other stores undetected.

And not just into their networks and servers, but all the way to the end of the line and to thousands of PoS systems in stores across the country. Security experts agree that in spite of the tens of millions of dollars companies like Target and Neiman Marcus invest in security every year, they were still pretty much defenseless against this attack.

And as researchers dig even deeper into the remnants of the attack, suspicions are beginning to fall on one of Target’s vendors as the weak link that was exploited by the hackers as a way to plant the malware.

So in spite of all the money spent on security, in this case absolutely none of it seemed to work. And that’s what really has security experts worried. Because it’s not an isolated case. When Chinese hackers attacked the website of the New York Times last year, they were successful in the attack because out of the 44 different types of malware they used, the New York Times antivirus software was only able to detect one of the malware strains. Whether it was because the security defenses failed, or the hackers got lucky with a careless vendor, it should be a wake-up call for all business owners.

Most small firms are unlikely to be targeted by attacks or malware as customized and specific as this, and malware detection and prevention are getting much better every day. But it’s a reminder of the need for constant vigilance, the latest technologies, and multiple security layers. As well as a reminder that the security practices of your vendors should be as important to you as your own.

So what can you do?

  • Rethink your security and make sure you’ve covered every possible vulnerability.
  • Layer your security so that your entire plan doesn’t rely on the strength of just one security layer.
  • Encrypt every piece of data you can so that it’s of no use to a thief who gets past all the other security.
  • Minimize the amount of data you keep. If you don’t have it, they can’t steal it.
  • Lock down your own website so that even if you’re not the ultimate target, your website can’t be used to spread this new and lethal infection to others.
  • Make sure your vendors and partners don’t create an easy back-door to your business, and that they take security as seriously as you do.
  • Consider regular and even unannounced security audits of your vendors and partners, to make sure they’re putting any claimed defenses into practice.

The best thing you can do to defend your business and strengthen your website security is to be aware, of what your vulnerabilities are (all of them) and how to protect them. To get a free website security evaluation call 855.378.6200 or contact SiteLock today.

Latest Articles
Follow SiteLock