An increasing number of retail transactions are performed either online or with debit and credit cards. The digital age has afforded a great deal of convenience for modern consumers, and paying for goods and services in cash is viewed as a greater hassle than it is worth in many instances. As a result, point-of-sale systems are increasingly being integrated more deeply with company computers, allowing for advanced organization and improved customer satisfaction.
But with these conveniences comes a new set of considerations that have to be made. Presently, cybersecurity is an incredibly pertinent issue. There have been a number of reported security breaches and malware infections involving retail POS systems, most significantly the incident that occurred in 2013 within Target.
As the headlines have illustrated, the possibility of a an attack on a retail POS is very real. Stronger security provisions will need to be made if they haven’t already – and in some cases even if they have.
Recent malware infections illustrate global scope
Cybercrime is a global affair. Criminals will often target their victims from halfway across the world. In fact, two recently-identified malware campaigns have been spreading through POS systems around the globe – “@-brt” and “POSCLOUD.Backdoor/Agent.”
In the instance of @-brt, the attackers are believed have experience and to be operating out of either Eastern Europe, Ukraine or Russia.
“As part of a global botnet operation dating back to May, attackers are infecting thousands of computers around the world with malware and are using the compromised machines to identify and brute-force point-of-sale (POS) systems utilizing remote desktop protocols (RDP),” SC Magazine contributor Adam Greenberg reported.
The POSCLOUD campaign is similar in scope, but was reported to be much different in its approach. The malware secretly engages in keylogging and taking screenshots – something that other “classic” malware methods have not tried.
Stopping malware before it starts
The unfortunate reality is that malware can be acquired easily and unknowingly. While all organizations need to up their defenses in the face of modern threats, it is also important to have layered security – or more than one kind of protection.
Faronics Anti-Executable can help with that. This software only allows approved apps to run – a process known as application whitelisting. This means that even if malware manages to slip past the firewall, there will be another line of defense waiting to stop malicious programs cold.