Cybersecurity Insights

Isabel Louisa Rawlings

POS Malware Data Breaches And Why They Keep Happening

10/07/19 12:15

 

Recently, more and more news has surfaced about millions of consumers becoming affected by data breaches. Most of these data breaches involve a company’s point of sale (POS) machine. The main objective for hackers, when attempting to hack a company’s POS machines, is to steal the 16-digit card number from your credit card. Obtaining credit card information from big companies can be extremely lucrative for hackers, as on the black market, credit cards can sell for up to £100 per number.

Companies most affected by these types of attacks are retail shops, food outlets and hotels due to the vast numbers of credit cards used daily - and also used to hold bookings.

We tend to hear about the large attacks on POS machines through media coverage, but smaller/medium size companies are at a much higher risk because they are easier to compromise, due to the smaller networks and lax security policies in place.  

The POS machines that companies use to take payments are often run by Windows and are just as susceptible to hacking as a laptop or mobile phone. The POS machine will pass the credit card data through which is unencrypted for payment. When malware is placed on the POS machine, it is usually placed after the unencrypted stored payment card data, which will then continuously feedback the data to a remote server.

As well as being used as sales terminals, these machines are often connected to in-store computers where employers tend to check emails and access the internet. A lot of malware found on these POS machines has often spread through phishing emails which contain malicious payloads hidden away inside the attachment of the email.

Due to the nature of these computers, and that they are used primarily for sales transactions, they aren't updated as regularly as recommended, and therefore may have patches missing.


How Foregenix can help you stay protected with our Serengeti Technology.

Our Sergenti technology provides you with key forensic telemetry on all monitored systems, which will ,in turn, provide you with a near-real-time perspective of your cyber security health.

Our Threat Intelligence team are able to detect multi-stage attacks, which can often escape standard cyber security solutions. With Serengeti’s ‘Single Pane of Glass’, our team can quickly explore and analyse massive data sets within your organisation.

 

VIEW FORENSIC SERVICES

TRENDING POSTS