By now, nearly every retailer in the physical and virtual space has heard about the cybersecurity woes incurred by Target after last year’s breach. The attack resulted in the compromise of millions of customers’ data which the vendor is still trying to recover from. Now, the Payment Card Industry Security Standards Council is warning other retailers to protect themselves against the malware sample responsible for Target’s breach, dubbed Backoff.
The PCI SSC issued a notification alerting vendors about the Backoff infection, and urging them to utilize a layered security approach for protection. As part of this layered security, the council recommends the deployment of PCI-approved point-of-sales devices to encrypt payment card data. In addition, retailers should also install or update anti-virus protection and change all passwords to ensure the security of their customers’ sensitive information.
Since its initial release in October 2013, a number of retailers have fallen victim to the infection, including the high-profile case of Target. According to a Department of Homeland Security report, as many as 600 vendors have been affected, many of which are small, single branch brick-and-mortar stores.
The history of attacks shows that hackers are aiming the infection at companies leveraging remote desktop applications – such as those used by IT help desk agents to remotely solve issues on an organization’s computers – coupled with vulnerable data protection.
“Once [cybercriminals] find businesses with basic IT security or weak passwords, they can gain the same remote access to systems that technical assistance might have and easily install the malware,” wrote Time contributor Sam Frizell. “‘Backoff’ then scrapes memory from the victims’ machines, searches for track data and logs keystrokes to reap sensitive data such as credit card information.”
Many security vendors are now creating coded defenses specifically geared to protect a business against the Backoff malware. To ensure protection, retailers should check that they are utilizing the most up-to-date anti-virus protection as part of their layered security.