Malware Stays One Step Ahead of the POS Good Guys

If it is your job to prevent malware attacks against a point of sale system, it has undoubtedly been a long year. In breach after breach, cyber-criminals get into a corporate server and then stay around. In the case of both the Neiman and Michaels breaches, the attacker had access to the victim’s network for more than 100 days. According to a new report by Arbor these attacks are often not difficult to spot, if in house staff know what they are looking for.

“When you are a large organization, it only takes one error in permissions or one error in access controls—all it takes is one hole like that to allow attackers to get in,” Curt Wilson, an analyst with Arbor’s Security Engineering & Response Team (ASERT), told eWEEK.

POS systems attacks have evolved from simple skimming scams compromises that export card data to memory-scraping malware controlled by botnet infrastructure, that operates pretty much independently of any human interaction and can respond almost organically to attempts to stop them. Detecting such attacks should not be difficult, according to Wilson, but smaller organizations often don’t have the staff or know how to do so.

“I know that innovation gets people’s attention, but the same techniques that people have been using for a long time still work,” Wilson said. “So companies need to beef up on Security 101.”

Arbor also notes in its report that increasingly the focus of business has been toward fast detection and eradication, rather than a priority given to keeping attackers from ever gaining access.

“It is a pipe dream to think that an organization has not been breached or will never be breached,” he said. “The ability to detect an incident quickly is important, and having intelligence that gives good context and allows personnel to prioritize activities helps immensely.”

“What’s Hot” is aggregated content. PYMNTS.com claims no responsibility for the accuracy of the content published by the original source.