<img height="1" width="1" style="display:none;" src="https://www.facebook.com/tr?id=1924329124555630&amp;ev=PageView&amp;noscript=1">

Is Your POS Under Attack from Malware?

Posted by Bryan Wang
If you think the threat of POS malware attacks is overstated, then you only need to look at the damage done to major brands that have been successfully attacked with POS malware. Target is a prime example of the damage that can be done by an attack. They saw a 46% drop in profits after their attack, which saw 70 million records stolen that included the name, address, email and phone number of Target customers. Home Depot garnered the same negative press coverage Target did when 56 million customer debit and credit card numbers were stolen from its system requiring $62 million to recover from the incident.

Clearly a POS malware is something you should be concerned about as a business owner.

Now you may be worried, wondering if you have covered your bases and know enough about POS security.

 Here we outline 5 key things you need to know to lower your chances of being successfully attacked:

1)    There are always new threats–

Two recent types of POS malware which have been found are LogPOS and PwnPOS. What is different about them is that they use one component to find card data and another to send this data to cybertheives. LogPOS uses a Windows programming feature named mailslots which lets programs communicate with each other without having to store data in files. PwnPOS meanwhile takes card numbers into a log file while the malware’s memory scraper periodically uninstalls itself making it difficult for antivirus tools to spot. POS malware and those that create these malware are growing more sophisticated. It is important to have a role in your organization which is responsible for information security. Target did not have the appropriate staff to oversee information security and as we mentioned above they paid the price. Beyond this make sure your legacy system is not vulnerable to POS malware attacks. One way to accomplish this is to consider a POS that does not run on Windows XP which a lot of legacy systems do run on. Windows XP is no longer supported by Microsoft who no longer give technical support or provide security software updates to those using XP. XP had faced a series of attacks and was proving to not be very secure. Nowadays there are many alternatives which don’t use Windows.

2)    POS systems are the prime targets of credit card information thieves –

Credit card data stolen from the internet has a limited shelf life as credit card companies are quick to identify suspicious spending. This means credit card info thieves always need a steady stream of new credit card numbers. Your POS is an excellent place to mine for this info.  Not only are there new numbers but chances are that there are a lot of them. Techniques used by malware (that are known of) to attack your POS are varied. RAM scraping/memory dumping is one technique. This is when the information on memory modules is copied to a log file and periodically transmitted to a command and control server run by cyber-thieves. A good way to combat this type of attack is to regularly monitor your network for unusual traffic. Another technique used to attack you POS is keylogging. This entails keeping track of information entered through a keyboard or bar-code scanner, even taking screenshots from an attached camera. Monitoring network traffic is also how to watch out for this threat. The third way POS malware attacks is through network sniffers which are used to locate and identify POS systems on the network. There are a wide variety of technologies which can be used to detect these and other types of threats. Deep packet inspection tools can be used to monitor networks traffic for unusual activity related to these types of attacks.

3)    You have be especially careful if you are a big business –

Do not think that you are immune to POS malware attacks because you are a big business. While criminals started off targeting small businesses they have now expanded to regularly targeting large organizations. Recent POS malware attacks have targeted huge brands such as Home Depot, Target, Neiman Marcus and Michaels. What is also important is how you react if you are attacked. Big businesses who are attacked can be accused of being cavalier with customer information and inadvertently reinforce the perception of large corporations as uncaring. UPS for example kept their security breach quiet for months after it happened contributing to the impression that they did not want to own up to their apparent mistakes. Make sure you have a crisis communications plan in place in case of attack to curb pervasive negative media coverage and a contingency plan which deals with how and when to notify customers of a security breach.

4)    EMV matters–

Know that October 2015 is the deadline in the United States for merchants to be compliant with the new Europay, Mastercard, and Visa (EMV) standards requiring a shift from magnetic-stripe credit cards to chip-and-pin cards. Why does this matter? It matters because a major type of malware known as Backoff functioned by scraping or taking credit card information stored in the magnetic stripe on the back of credit cards when they are swiped. EMV belies the need for the magnetic strip mitigating many common POS attacks. EMV cards are also less attractive to attackers as they are hard to clone. It’s important to pick a POS such as Vexilor which is already EMV compliant allowing you to avoid costly and cumbersome updates to your POS system.

5)    It’s in your hands –

Whether or not you are vulnerable to a POS malware attack is in your control. This is good news. It means that you don’t have to be a helpless victim. Firstly know that if you are using a legacy system this means you are on track for costly upgrades that may not even protect you once a new threat emerges. Other protective measures to take are implementing firewalls for network segmenting so that POS systems are isolated from other networks as much as possible (even pick a POS like Vexilor that doesn’t even store credit card information making it hard to steal this data). Try point-to-point encryption if possible. Also get security software with advanced monitoring, vulnerability management and applications control capabilities and anti-fraud functions. Also use two-factor authentication at all entry points. Also alert employees to the possibility of contracting POS malware via internet surfing on their downtime. It is important that you are and remain PCI compliant. This is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment. A knowledgeable POS provider such a Givex will be able to go over PCI compliance and its requirements with you.

Contact Givex to receive the latest information on POS security. It’s important for your brand and for your continued success.

Topics: Point of Sale