Despite recent requirements of the Payment Card Industry Security Standard (PCI DSS) and enhancements in security technologies, there are still gaps in the overall security of Point-of-Sale (POS) systems.
According to Trustwave, the most recent malicious POS malware called ‘Cherry Picker’ has gone largely undetected by security providers and antivirus tools alike due to the sophisticated methods it uses to hide itself and remain unnoticed.
The malware uses a new technique for scraping credit card data from the memory of the POS system it infects. Cherry Picker’s use of encryption, configuration files, command line arguments, and obfuscation have helped the malware remain undetected since it was first spotted in 2011.
POS malware attacks have proved to be very successful for cyber criminals and only since the massive breaches like Home Depot and Target have researchers started to understand what these malicious attacks are capable of.
In a report by Symantec, they note that while many companies do in fact encrypt credit card data while on its way to the payment processor and while in transit within its network, they don’t do the same with memory resistant data on the POS systems. By introducing point-to-point encryption and the new EMV payment systems, companies can help alleviate this vulnerability.
As malware writers begin to use more sophisticated approaches when it comes to stealing credit card credentials, it is important that organizations take this threat seriously and understand that having vulnerabilities in your POS systems makes you an easy target for cyber criminals.
Breaches like that of Target and Home Depot could have been mitigated by taking some fairly easy steps: Start with the implementation of a hardened build standard with precision change detection, coupled with breach detection technology will ensure that, even if a breach is successful, you’ll at least be alerted of the fact immediately and be in a position to take action to prevent any card data loss.
Remember - Target lost credentials affecting over 70 million people in nearly two and a half weeks, so where a breach can’t be prevented, the speed of detection is crucial.
POS terminals have been proven to be easy targets for criminals and simply too sensitive to leave them without defense measures implemented. When will you take action?
Read the article on Dark Reading
Read more about POS Protection