Retailers were hit with serious malware and POS security attacks in 2014, and 2015 hasn't shown any improvement. The hacks against retailers and their Point of Sale (POS) terminals continue to cause financial loss and decreased consumer confidence. POS attacks can take place in the milliseconds after a card is swiped because during that time there's no encryption of card information. New security options, such as chip cards that are much harder to collect data from, are growing in use but haven't yet been fully integrated into the US payment system. Without better security, the problem continues to grow.
2015 and New Malware Families
Since the beginning of 2015, new malware families have been discovered, and there are five that are particularly concerning for retailers.
1). PoSeidon - this malware steals credit card information and other personal data. Machines that are infected with this malware have their memory scraped by the program in a search for credit and debit card information. When it finds that information, it stealthily filters it out and onto its own servers, most of which are in Russia. There is also a keylogging component to PoSeidon, which could be used to record and access passwords.
2). PwnPOS - along with the related program LosPOS, PwnPOS works to avoid detection so it can do more damage to a system and collect more data before it's discovered. Not only is PwnPOS much harder to detect than many past malware families, it is very destructive and doesn't take long to start collecting and transmitting the information hackers want to steal.
3). LogPOS - this family of malware is highly destructive and poses serious danger to retail establishments that are trying to keep customer data safe. It uses the mailslots in Microsoft Windows to take stolen data and deliver it directly to hackers. Because both PwnPOS and LogPOS programs have skirted traditional ways of detecting malware, they have been particularly dangerous to companies when it comes to the protection of credit card data and other sensitive consumer information.
4). FighterPOS - this malware has been stealing credit card information, including the 22,000 card numbers that were hacked into in Brazil. The creation and use of this new malware family is a one-man operation, but the creator of the program has a long hacking history and it's just a matter of time before others start using the program.
5). FindPOS - while still unsophisticated in nature, FindPOS has made its appearance known in 2015. It should be noted that it will continue to develop to become increasingly more dangerous in the future.
Protecting Your Organization
All malware families have the potential to be very dangerous to retailers and their customers, so it is important to develop the best security posture to protect yourself. Working with experts, like Resilient Intelligent Networks is a great first step to guide you through the process of ensuring you have the right protection against malware attacks. Resilient understands the unique challenges faced by retail organizations and works with best in class technologies such as Fortinet to equip you with the superior defenses against current and upcoming malware threats. Resilient's secured network services, including cyber threat analysis using Fortinet technology provides superior retail cyberthreat protection.