It’s no secret that organisations in the retail sector haven’t had to implement the same security measures as their cousins in the highly regulated financial and healthcare sectors. However, a new breed of malware that’s targeted specifically at the retail industry has its CIOs sitting up straight in their seats.
The US Department of Homeland Security has issued an advisory to warn organisations about Backoff point-of-sale (PoS) malware that targets retailers’ IT systems, and gains access to customer information including credit card details and other sensitive data. According to a New York Times report, retailers impacted include Target and Neiman Marcus, both of which have reported data breaches in recent months.
So what’s so sinister about Backoff PoS malware?
Backoff is a family of PoS malware that’s been active since October 2013. It’s been specifically designed to target and infect PoS systems. Until recently, the malware was largely undetected by existing antivirus software.
If all this leaves you feeling a little uneasy, here are some tips on raising your defences:
- Read the technical recommendations included in the US Department of Homeland Security advisory.
- Regularly review and continually monitor your PoS environment, and the overarching network.
- If you’re a retailer that accepts credit card payments, ensure you’re Payment Card Industry Data Security Standard (PCI DSS) certified.
- View the presentation shared at the recent Black Hat conference in Las Vegas that explores the various techniques being used by criminals to attack PoS systems.
If you’d like to enter into a more detailed discussion on this topic or require assistance in eradicating malware, contact us and we’ll gladly assist.