Point-of-sale devices make prime malware targets

An increasing number of retail transactions are performed either online or with debit and credit cards. The digital age has afforded a great deal of convenience for modern consumers, and paying for goods and services in cash is viewed as a greater hassle than it is worth in many instances. As a result, point-of-sale systems are increasingly being integrated more deeply with company computers, allowing for advanced organization and improved customer satisfaction.

But with these conveniences comes a new set of considerations that have to be made. Presently, cybersecurity is an incredibly pertinent issue. There have been a number of reported security breaches and malware infections involving retail POS systems, most significantly the incident that occurred in 2013 within Target.

As the headlines have illustrated, the possibility of a an attack on a retail POS is very real. Stronger security provisions will need to be made if they haven’t already – and in some cases even if they have.

Recent malware infections illustrate global scope
Cybercrime is a global affair. Criminals will often target their victims from halfway across the world. In fact, two recently-identified malware campaigns have been spreading through POS systems around the globe – “@-brt” and “POSCLOUD.Backdoor/Agent.”

In the instance of @-brt, the attackers are believed have experience and to be operating out of either Eastern Europe, Ukraine or Russia.

“As part of a global botnet operation dating back to May, attackers are infecting thousands of computers around the world with malware and are using the compromised machines to identify and brute-force point-of-sale (POS) systems utilizing remote desktop protocols (RDP),” SC Magazine contributor Adam Greenberg reported.

The POSCLOUD campaign is similar in scope, but was reported to be much different in its approach. The malware secretly engages in keylogging and taking screenshots – something that other “classic” malware methods have not tried.

Stopping malware before it starts
All organizations need to up their defenses in the face of modern threats. As such, it is important to have layered security – or more than one kind of protection. Faronics Deep Freeze can help with that.

A vast majority of computer issues can, in fact, be rectified by rebooting the machine in question. In the past, however, this has been found to be cumbersome due to the loss of settings – many of which, regardless of how critical they are, can be easily overlooked when getting back up to speed. But Deep Freeze takes snapshots of system settings, preserving them in the instance that a malware infection occurs. This way, a reboot to restore operation can be performed with ease by employees themselves without causing unnecessary downtime.

About The Author

Matt Williams

A self-proclaimed ‘tech geek’, Matt has worked in technology for a decade and divides his time between blogging and working in IT. A huge New York Giants fan, expert on Reboot Restore Technology when not watching football Matt gets his game on playing Call of Duty with his friends and other tech bloggers.

Sign Up For A 30-Day Trial


Deep Freeze Enterprise

Centralized deployment and management as well as a host of configuration options for the Enterprise.

  • This field is for validation purposes and should be left unchanged.
Ready to find out more about Faronics? Let us know how to reach you.

We're here to help you in any way possible.